r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4714c95a0c854e38f9be444f9343bf14
07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b
4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6203
Expires: Sun, 22 Jan 2023 20:24:44 GMT
Date: Sun, 22 Jan 2023 18:41:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8997fa58a7262e8fd559d64b40511a1b
0aa1c4365c28f45e4d7a8a234fbcf51cd009e083
1580d1145f125c765e40e5983cb4bb4e2424010d2920a25ea7da992485da0dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1580D1145F125C765E40E5983CB4BB4E2424010D2920A25EA7DA992485DA0DEA"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4890
Expires: Sun, 22 Jan 2023 20:02:51 GMT
Date: Sun, 22 Jan 2023 18:41:21 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 17094b856fde02b2c8c2d3845ad325cf
26dc3f2ebf81faf5ab96eb75ffcbead6085528b8
6547376c41dcaa352cc4e747291916902bcddc0032b750bd84c5e3b2fe6f7d16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6547376C41DCAA352CC4E747291916902BCDDC0032B750BD84C5E3B2FE6F7D16"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7653
Expires: Sun, 22 Jan 2023 20:48:54 GMT
Date: Sun, 22 Jan 2023 18:41:21 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 22 Jan 2023 18:34:52 GMT
content-type: application/json
age: 389
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qooJqXKV8MtOCyifLoeiSDYT7Kaz05FzMsigHNUQpA5SodMXLa6SRnk7xLjgNQjONhLm2BH2IZo=
x-amz-request-id: B6BH09W2F6TGRDZE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 22 Jan 2023 18:18:32 GMT
age: 1369
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3f0a262c2cb4f0dc1a95d2d074727ad5
651daf64c0aebbc0dadf98aafa030cb86f8f37e3
0933d8f271a1d69e8566e2b3dbffb3ae814d6839fa187bd75ff9a6712cd06c6c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0933D8F271A1D69E8566E2B3DBFFB3AE814D6839FA187BD75FF9A6712CD06C6C"
Last-Modified: Sun, 22 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Mon, 23 Jan 2023 00:41:21 GMT
Date: Sun, 22 Jan 2023 18:41:21 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 22 Jan 2023 17:48:58 GMT
age: 3143
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c74880fa99032b5c3831c179d702419
0020b368309735c94d8053d3781a7efb7283cfc5
437e2d4e2bbfb33b0ff696172378ce55a0a5ed005a1b8c4005eab4a6995a3042
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3993
Cache-Control: max-age=142319
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:21 GMT
Etag: "63ccfca7-1d7"
Expires: Tue, 24 Jan 2023 10:13:20 GMT
Last-Modified: Sun, 22 Jan 2023 09:06:47 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.155.106.36101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.106.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XihtH5aVkmWjLJqQtJnTQg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: E82eBzuQVrcZDua6Ku2sgDLC8/s=
ocsp.pki.goog/s/gts1d4/6Qu8bfAF_ZA
142.250.74.131200 OK 472 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/6Qu8bfAF_ZA
IP 142.250.74.131:0
Hash e7aa9b6ceaef33e3969df70b61315812
604ebfeeac169ee3e9809198ba741e77607d6296
f8544139e1984494fa32a42b81ce0adaeac1a7c52b76880ce6a0c00567d7a071
POST /s/gts1d4/6Qu8bfAF_ZA HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kind-babbage.34-134-130-193.plesk.page/number_files/brand_logo.svg
34.134.130.193200 OK 3.3 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/brand_logo.svg
IP 34.134.130.193:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3301), with no line terminators
Hash 61d6d4c84e4a5444ebbb6e18d143758e
1ac1495935ebdd35f7679596582aa6645db221dd
9d5e3a32e8cf0fb849eac2c3c0cad2a5c6a49f17657fff03eafc158cb19135f9
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/brand_logo.svg HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: image/svg+xml
content-length: 3301
last-modified: Sun, 22 Jan 2023 00:24:31 GMT
etag: "63cc823f-ce5"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/wisetag
34.134.130.193200 OK 376 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/wisetag
IP 34.134.130.193:0
File type ASCII text, with very long lines (44019)
Size 376 kB (376370 bytes)
Hash 08e78b64ecfae7fc80f45bee0623493c
f6ef0b9339a839bab5a59eef323d227974fa03cb
fbdf0b3b2632813c9573cb894c18299a4943274d1cf577b6905d4690049e0fa8
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/wisetag HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/octet-stream
content-length: 376370
last-modified: Sun, 22 Jan 2023 00:24:20 GMT
etag: "63cc8234-5be32"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Regular.efb4ba0c.woff2
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Regular.efb4ba0c.woff2
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Regular.efb4ba0c.woff2 HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Bold.7762960f.woff2
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Bold.7762960f.woff2
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Bold.7762960f.woff2 HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Semibold.04ae97a4.woff2
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Semibold.04ae97a4.woff2
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Semibold.04ae97a4.woff2 HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Regular.8e8db741.woff
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Regular.8e8db741.woff
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Regular.8e8db741.woff HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Cookie: twCookieConsent=%7B%22policyId%22%3A%222020-01-31%22%2C%22expiry%22%3A1690137681407%2C%22isEu%22%3Afalse%2C%22status%22%3A%22accepted%22%7D; twCookieConsentGTM=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Bold.5fd4f63f.woff
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Bold.5fd4f63f.woff
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Bold.5fd4f63f.woff HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Cookie: twCookieConsent=%7B%22policyId%22%3A%222020-01-31%22%2C%22expiry%22%3A1690137681407%2C%22isEu%22%3Afalse%2C%22status%22%3A%22accepted%22%7D; twCookieConsentGTM=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Semibold.c170753c.woff
34.134.130.193404 Not Found 808 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/static-assets/app/_next/static/media/TW-Averta-Semibold.c170753c.woff
IP 34.134.130.193:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash a943672a32297727bab01c3e76977550
3a667c4b7a457ef6c586cc581d533c128737bf53
b9347f234dc3c8d56e015e86d88a1400415db8f7a5ad91f02b6a2323c10a4187
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /static-assets/app/_next/static/media/TW-Averta-Semibold.c170753c.woff HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
Cookie: twCookieConsent=%7B%22policyId%22%3A%222020-01-31%22%2C%22expiry%22%3A1690137681407%2C%22isEu%22%3Afalse%2C%22status%22%3A%22accepted%22%7D; twCookieConsentGTM=true
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/html
content-length: 808
last-modified: Sun, 22 Jan 2023 00:23:08 GMT
etag: "328-5f2cf497d3766"
accept-ranges: bytes
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
143.204.45.46200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 143.204.45.46:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash fc322cd537acbe09a494306a9191124a
757cca3916c8efd2ded11be90b3e8a790b5b73dc
2406d172868e70c8fa25558401afc349b30abae39e0090ed0d11d7367692d170
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 22 Jan 2023 06:03:07 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IS9X1ScT6PcBoH8M0uCRZin7ouIjYXQeo0EJZkaoXzl6C6BOa8VWUw==
Age: 45496
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 142.250.74.131:0
Hash a2b8d028686779924c4a6255b97e073a
85c8b678e044ce532c90cea67b34594bb11346cd
23c1a5931662a0a02c60de17a1262af73382e5673ea996f24d3fb4c73bee8dd1
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.redditstatic.com/ads/pixel.js
151.101.193.140200 OK 7.7 kB URL HTTP/2 www.redditstatic.com/ads/pixel.js
IP 151.101.193.140:0
File type ASCII text, with very long lines (25224)
Hash 3528fd00b652f61a266eb584d96f4fcc
d89e16aa1323c6c4f1ed3941122020684a599361
77efa9f2ddfdca7a45df37bbcd22fdaeb7b97161a2acd87e21eb78bdeaad1332
GET /ads/pixel.js HTTP/1.1
Host: www.redditstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Mon, 07 Nov 2022 16:45:46 GMT
etag: "3528fd00b652f61a266eb584d96f4fcc"
cache-control: public, max-age=60
content-encoding: gzip
content-type: application/javascript
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 22 Jan 2023 18:41:22 GMT
vary: Accept-Encoding,Origin
server: snooserv
report-to: {"group": "w3-reporting-nel", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting-nel.reddit.com/reports" }]}, {"group": "w3-reporting", "max_age": 14400, "include_subdomains": true, "endpoints": [{ "url": "https://w3-reporting.reddit.com/reports" }]}
nel: {"report_to": "w3-reporting-nel", "max_age": 14400, "include_subdomains": false, "success_fraction": 0.02, "failure_fraction": 0.02}
content-length: 7722
X-Firefox-Spdy: h2
cdn.pdst.fm/ping.min.js
35.244.142.80200 OK 5.8 kB IP 35.244.142.80:0
File type ASCII text, with very long lines (26948), with no line terminators
Hash d001d1c9f5a942fa5524eeacb047e819
6ebc303d4e3fe71192400673808f37ce1c6a1d25
63882c75983a011c7ae5041061a95babb9e67fa508b0628e1c00f455ccd40b0a
GET /ping.min.js HTTP/1.1
Host: cdn.pdst.fm
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdtHCSiy2dpz4YfBpVKtKKqpn-jbpmn8it1CUX7ZPce8fwpuhgAoR6tpGN2LSk2-LxbxZKHJbAuqGfdTwDI1sBsOTWt76G2_
x-goog-generation: 1622234043862937
x-goog-metageneration: 3
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 5774
content-encoding: gzip
x-goog-hash: crc32c=oKoi/w==, md5=0AHRyfWpQvpVJO6ssEfoGQ==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 5774
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
date: Sun, 22 Jan 2023 18:08:46 GMT
expires: Sun, 22 Jan 2023 19:08:46 GMT
cache-control: public, max-age=3600
age: 1956
last-modified: Fri, 28 May 2021 20:34:03 GMT
etag: "d001d1c9f5a942fa5524eeacb047e819"
content-type: application/javascript;
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/_ssgManifest.js
34.134.130.193200 OK 13 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/_ssgManifest.js
IP 34.134.130.193:0
File type ASCII text, with no line terminators
Hash fa8bd451318f0a9ff40e9ddde51f1dcd
1ff777eb39027b7e20bdb64cf9f27b196fee041f
1dc0b9ad67566da648606bab68e56589a3a86f1454e57fe7b0482dd3bf55d0ad
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/_ssgManifest.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
x-accel-version: 0.01
last-modified: Sun, 22 Jan 2023 00:24:32 GMT
etag: W/"4d-5f2cf4e77ecdd"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/oGQfcJFPyx4
IP 142.250.74.131:0
Hash a2b8d028686779924c4a6255b97e073a
85c8b678e044ce532c90cea67b34594bb11346cd
23c1a5931662a0a02c60de17a1262af73382e5673ea996f24d3fb4c73bee8dd1
POST /s/gts1d4/oGQfcJFPyx4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kind-babbage.34-134-130-193.plesk.page/number_files/framework-560765ab0625ba27.js
34.134.130.193200 OK 40 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/framework-560765ab0625ba27.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash ecea48a031c4e23c5d158575cd2d1c11
6c9a7c57db73d56964801a792db4ae397cef56a7
0426a77109551d9633886b7d4f2b39c8d6d7588d935620745e305061b4b768e0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/framework-560765ab0625ba27.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:23 GMT
etag: W/"63cc8237-1fc09"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 00baef460bb15b064edbe8ee5f07e9a1
a061599cb02671a65688b04bf4ec2c2836429f11
2f0b599058f102c6d68e9e9a5447b44748f96c1ee41abd2a530b1f0ee59cad38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4500
Cache-Control: max-age=134563
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Etag: "63ccdc61-1d7"
Expires: Tue, 24 Jan 2023 08:04:05 GMT
Last-Modified: Sun, 22 Jan 2023 06:49:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 00baef460bb15b064edbe8ee5f07e9a1
a061599cb02671a65688b04bf4ec2c2836429f11
2f0b599058f102c6d68e9e9a5447b44748f96c1ee41abd2a530b1f0ee59cad38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4724
Cache-Control: max-age=134787
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Etag: "63ccdc61-1d7"
Expires: Tue, 24 Jan 2023 08:07:49 GMT
Last-Modified: Sun, 22 Jan 2023 06:49:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 526de272e2922e4b8de8d2dedfb2a31b
a04b1c9d1bd935c9b6a32e6dc0047443846e1561
3f2196cbf1d926c651461ac4c17ec3da4ea066e9c9085422184b00c51ed96378
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3F2196CBF1D926C651461AC4C17EC3DA4EA066E9C9085422184B00C51ED96378"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2860
Expires: Sun, 22 Jan 2023 19:29:02 GMT
Date: Sun, 22 Jan 2023 18:41:22 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash d460749f736f9429a3f97b61cdee0a92
7afe18e64e83114bc2ef617f04cc2a1198f09cf7
c234db5cb820fa832f8dbfc76ccc0d5367f036c2e34de1b61b107c00890d1f4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:22 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kind-babbage.34-134-130-193.plesk.page/number_files/a2c29f49-0269af3af011b2d0.js
34.134.130.193200 OK 43 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/a2c29f49-0269af3af011b2d0.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e24478fd469d0a44ed61dabf6e8b5fd7
9c555726238ca09625598396186398a54e49134b
0108c73afb8194d8ed19c11eb331a2ae1d90522e81c17bc839afbcd79a615b05
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/a2c29f49-0269af3af011b2d0.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:35 GMT
etag: W/"63cc8243-2811c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/8988-4aba5236a479a828.js
34.134.130.193200 OK 3.5 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/8988-4aba5236a479a828.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (10987)
Hash 088b4182adae9c0c0680a05f299f1593
92f822b66fedd063e7451d17159dae1c682a8b1d
40695d24a9970b8012b70367ae3db477f4aba4fe0612528654c824afca9f153f
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/8988-4aba5236a479a828.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:25 GMT
etag: W/"63cc8239-2b1d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 00baef460bb15b064edbe8ee5f07e9a1
a061599cb02671a65688b04bf4ec2c2836429f11
2f0b599058f102c6d68e9e9a5447b44748f96c1ee41abd2a530b1f0ee59cad38
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4501
Cache-Control: max-age=134563
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:23 GMT
Etag: "63ccdc61-1d7"
Expires: Tue, 24 Jan 2023 08:04:06 GMT
Last-Modified: Sun, 22 Jan 2023 06:49:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471
kind-babbage.34-134-130-193.plesk.page/number_files/webpack-8cf5524520adc263.js
34.134.130.193200 OK 1.8 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/webpack-8cf5524520adc263.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (3683)
Hash 901fa82c1adef94b0c7262b25d7b5f4d
1c436817871d0d142fecc0354d088245d833bb18
9843582458b953d4f85a51071c632c492c070a444108ecf6dac4538cd35cc079
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/webpack-8cf5524520adc263.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:22 GMT
etag: W/"63cc8236-e98"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
q.quora.com/_/ad/cb419c3fe93d480dab5e86d948922c22/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php
34.235.194.220200 OK 43 B URL HTTP/1.1 q.quora.com/_/ad/cb419c3fe93d480dab5e86d948922c22/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php
IP 34.235.194.220:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /_/ad/cb419c3fe93d480dab5e86d948922c22/pixel?tag=ViewContent&i=gtm&u=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php HTTP/1.1
Host: q.quora.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/gif
Date: Sun, 22 Jan 2023 18:41:23 GMT
Server: nginx
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
X-Q-Stat: ,2e73ca462789d6fcb78a7ffc5efb30b6,10.0.0.220,18576,91.90.42.154,,229649999383,1,1674412883.090,0.001,,.,0,0,0.000,0.000,-,0,0,197,195,97,10,26847,,,,,,-,
Content-Length: 43
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a487239b9323c3f9fbf578f3da256b76
ff0948282e13d7484bae9a447a6b47905ef936ee
73aea6b277fcb0e3d7298545f31a1bbc449938690418f5bdeaf5a9f023f12264
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 44e51132381fe8e526dedc56af6651b0
84d77df1ecd50b46dcf582b097306e43a56727f7
1ccf84cdf1b6f4f540fc96d51a2a5d3e9ad83e9a347ad91dad0a4d287752585d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 22 Jan 2023 18:41:23 GMT
Last-Modified: Sun, 22 Jan 2023 17:14:53 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 1d8cf7c8865ed1078c19a98771ad34ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: V_Uiy0Buks1lRZUREn1FW7nBb4jU-semCDMAMp5KbXrji2lf4J8VzA==
Age: 5190
tr.snapchat.com/config/page/07c228bf-c4b3-48f2-8f37-75dce506c291.js
35.190.43.134200 OK 150 B URL HTTP/2 tr.snapchat.com/config/page/07c228bf-c4b3-48f2-8f37-75dce506c291.js
IP 35.190.43.134:0
File type ASCII text, with no line terminators
Hash 3463f119f562405504d1486b4fa592dc
9f34c8478e8960ff7427dc5e40b6b7111cfc497d
ab6976f2d0c4030d8a961cd361a0787158c47d33144d131798da3a0923958463
GET /config/page/07c228bf-c4b3-48f2-8f37-75dce506c291.js HTTP/1.1
Host: tr.snapchat.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:22 GMT
access-control-allow-origin: https://kind-babbage.34-134-130-193.plesk.page
content-type: application/javascript
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-envoy-upstream-service-time: 0
content-encoding: gzip
vary: Accept-Encoding
server: API Gateway
access-control-allow-credentials: true
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
collector-20079.tvsquared.com/tv2track.js
3.12.46.78200 OK 8.5 kB URL HTTP/1.1 collector-20079.tvsquared.com/tv2track.js
IP 3.12.46.78:0
File type ASCII text, with very long lines (1162)
Hash 4570d278025b2469017ba48b7229ac50
87675c32ba22b0b3883104968696a1df144a34ac
0dec000d7ea29ad1354b34ecb7ccc88809782255d6800829d7448b4c0e4d35a5
GET /tv2track.js HTTP/1.1
Host: collector-20079.tvsquared.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=600
Content-Encoding: gzip
Content-Type: application/javascript
Date: Sun, 22 Jan 2023 18:41:23 GMT
ETag: "639c42c0-2133"
Expires: Sun, 22 Jan 2023 18:51:23 GMT
Last-Modified: Fri, 16 Dec 2022 10:04:48 GMT
Server: nginx
X-Robots-Tag: noindex
Content-Length: 8499
Connection: keep-alive
trck.spoteffects.net/analytics/piwik.php?action_name=Wise%20-%20Cr%C3%A9er%20un%20compte&idsite=984&rec=1&r=712352&h=18&m=41&s=21&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&_id=d1324d6af8a0df0a&_idts=1674412882&_idvc=1&_idn=0&_refts=0&_viewts=1674412882&send_image=1&cookie=1&res=1280x1024&_cvar=%7B%222%22%3A%5B%22GuestID%22%2C%22undefined%22%5D%7D>_ms=256&pv_id=A5hSXj
40.119.158.131200 OK 85 B URL HTTP/2 trck.spoteffects.net/analytics/piwik.php?action_name=Wise%20-%20Cr%C3%A9er%20un%20compte&idsite=984&rec=1&r=712352&h=18&m=41&s=21&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&_id=d1324d6af8a0df0a&_idts=1674412882&_idvc=1&_idn=0&_refts=0&_viewts=1674412882&send_image=1&cookie=1&res=1280x1024&_cvar=%7B%222%22%3A%5B%22GuestID%22%2C%22undefined%22%5D%7D>_ms=256&pv_id=A5hSXj
IP 40.119.158.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type GIF image data, version 89a, 1 x 1\012- data
Hash a17019d71501535d02ae57d569420d3e
ed2f1b0b61eb5eefa412938461b54a7543437330
557bbec54cab3d66dbb3060c5033c97ec7ad38bacacf68aebde1f9765d575428
GET /analytics/piwik.php?action_name=Wise%20-%20Cr%C3%A9er%20un%20compte&idsite=984&rec=1&r=712352&h=18&m=41&s=21&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&_id=d1324d6af8a0df0a&_idts=1674412882&_idvc=1&_idn=0&_refts=0&_viewts=1674412882&send_image=1&cookie=1&res=1280x1024&_cvar=%7B%222%22%3A%5B%22GuestID%22%2C%22undefined%22%5D%7D>_ms=256&pv_id=A5hSXj HTTP/1.1
Host: trck.spoteffects.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:23 GMT
content-type: image/gif
x-powered-by: PHP/7.2.13
cache-control: no-store
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2530
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:41:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 6033dad399355478c264e1c7c27e7f62
7d5546258015b8a834ee87b5a679be0545723e9d
5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2530
Expires: Sun, 22 Jan 2023 19:23:33 GMT
Date: Sun, 22 Jan 2023 18:41:23 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d3e5cb3e8d03fffcd307c5ebaef08167
1a813821d15afd416b82c3343a7920a0ffc909cb
84a81b6f63faa3f17a20222b8fa389761a0fb0512a1549b4848849c0425539c9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff250419d-5512-4c6b-9460-69d68f74273d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7656
x-amzn-requestid: 6e1ebd9d-6ef0-48d0-a891-51bbf914ed42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNlYHaUoAMFr-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c88-479e8fb72b0b248d020d9e77;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Pu5h9aerRhgCkbAszYjgiRrblEiomyl7ev5WRmdAjQSTQNgSqczG0A==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:58:15 GMT
age: 74588
etag: "1a813821d15afd416b82c3343a7920a0ffc909cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/cookie-consent.js
34.134.130.193200 OK 4.6 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/cookie-consent.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (3527)
Hash 2a819e3bcefb31bf5099e3d031aaf073
c253fda3f390f5e6feb70cbeebd2814ef6cd5677
71ce16e83dc6586fe6aee96d3800fb5c3253c85e106c754681f3618003b38aeb
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/cookie-consent.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:34 GMT
etag: W/"63cc8242-e61"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/main-e396138b3196d310.js
34.134.130.193200 OK 37 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/main-e396138b3196d310.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 399dc97bb6c5ff220e284babc3f5e18a
3c93883f4ef46af800b21bd0dd913f5e1441b710
793b1064d2c271faa56c67aa443913a944eec5c29f8e5125a48b1e53b4daccfa
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/main-e396138b3196d310.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:21 GMT
etag: W/"63cc8235-1873c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/js
34.134.130.193200 OK 6.1 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/js
IP 34.134.130.193:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b7dac109bc648666356225a0d21ed17
f07e82cffe064c296cb1b2c80f7b09feb7552bbe
cc8997d71cd85021addccb0f6a0f00edf95f9747333ff0a436581db4ede78f51
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/octet-stream
content-length: 219905
last-modified: Sun, 22 Jan 2023 00:24:26 GMT
etag: "63cc823a-35b01"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e71636bb9a13ad7d52d253e16cd6a3f
401dd58e34982d3434739b9a2f7182487ea1cac5
1ac336df72b6eb569983e197f094378a26a175113249bedca0610cabd57e2e54
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd68d33e7-2d1d-4f9d-9544-28746d9156e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8057
x-amzn-requestid: 5469b005-6740-4f3d-80ca-a45fd39cae68
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHNkCFiZoAMF8oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5c80-210da08f113a3273257b7d61;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:43:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bvxndyaEjWVBvL2nJxC78dz74Pd-mf2NwURh-C-y548P9KfPZiWaZQ==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 74826
etag: "401dd58e34982d3434739b9a2f7182487ea1cac5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg
34.120.237.76200 OK 2.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 83d96b777a2cac4cb6d577309c8d07e7
86bc900c65d14a338c1d08a0b407590940b39059
50856a41d2bbaec73e06255e06e5ee648f1e7ed1fb04049810d4c03650621bdf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd73f3807-16ae-46ce-a9a5-84b639ea80c6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2555
x-amzn-requestid: d5425eec-2182-4b90-a03f-47dfa76439bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fHOFpEoIoAMF83A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cc5d57-5326fe1a504805be37823571;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 21:47:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S5pp0McLDY4eeGgd1a_L2f0MGujxWo2WLylb2fskiSFHc383oxNCLQ==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 21:54:17 GMT
age: 74826
etag: "86bc900c65d14a338c1d08a0b407590940b39059"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
d2hrivdxn8ekm8.cloudfront.net/tag-manager/2613fe4c-10d3-4553-b916-fbd27f462422-latest.js
54.230.245.16200 OK 275 B URL HTTP/2 d2hrivdxn8ekm8.cloudfront.net/tag-manager/2613fe4c-10d3-4553-b916-fbd27f462422-latest.js
IP 54.230.245.16:0
Hash b988df2daf770c7753535798447d3067
e4872c5331c62437652e770ff03c101281050a09
3b5ec8ee05daecb254a5b42fd0742c2d9b0dfa20223156fa43a29f96de97d2d0
GET /tag-manager/2613fe4c-10d3-4553-b916-fbd27f462422-latest.js HTTP/1.1
Host: d2hrivdxn8ekm8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 275
last-modified: Wed, 13 Jul 2022 15:11:44 GMT
x-amz-version-id: RjTYADlahve95MtbfOVqWP7SSwKpfKLJ
accept-ranges: bytes
server: AmazonS3
date: Sun, 22 Jan 2023 01:24:42 GMT
etag: "b988df2daf770c7753535798447d3067"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: X4YXcpGwXnzERj8Js3gzKsx8o3CBipLyr9WwgZvAQvj-tglaK4J_EA==
age: 62482
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/bat.js
13.107.21.200200 OK 12 kB IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (39124), with no line terminators
Hash d925a898de26295fdebfc90203ef46fa
77dd3f5893b76530e08058d50e8f9aef017e80c7
8f4a413fec7e48f5ac290f4596fef33b6396e7fb31080ec0203a5ec817d140c8
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11460
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 05 Dec 2022 17:15:50 GMT
accept-ranges: bytes
etag: "027e538cd8d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 77CFC19FADE04D028DA1AF7E5874BC90 Ref B: OSL30EDGE0319 Ref C: 2023-01-22T18:41:24Z
date: Sun, 22 Jan 2023 18:41:23 GMT
X-Firefox-Spdy: h2
gtm.wise.com/_set_cookie?val=%2BKGPDykTHDmetkVIH4fkk0QmFvC20p9XSHBPus%2BtSk3aqzxd8ot%2FdvDnihRKYxCduOf%2Fto38YUbOoXp4mIjA4TXQfzxXWvvh2%2BPyxOxIerCd2oAhJ2%2FIR6dUf6YJW2Y5E6U%2F9huD51oplYwpLA%2F%2FtYkHKCNr1JtLoXyj5PMZ%2FqN9ZMcltXGpspJzvkJ%2F5KRUrKDmJqVo
216.239.32.21200 OK 20 kB URL HTTP/2 gtm.wise.com/_set_cookie?val=%2BKGPDykTHDmetkVIH4fkk0QmFvC20p9XSHBPus%2BtSk3aqzxd8ot%2FdvDnihRKYxCduOf%2Fto38YUbOoXp4mIjA4TXQfzxXWvvh2%2BPyxOxIerCd2oAhJ2%2FIR6dUf6YJW2Y5E6U%2F9huD51oplYwpLA%2F%2FtYkHKCNr1JtLoXyj5PMZ%2FqN9ZMcltXGpspJzvkJ%2F5KRUrKDmJqVo
IP 216.239.32.21:0
Hash e31004a8943993e8c26b208b04760633
8be8d4ff4618263797432ec20ef77e0d01adc127
3258e4f253362cf06ba00975b643900f207f20ff7acbcc73c56e21ac63a2fb48
GET /_set_cookie?val=%2BKGPDykTHDmetkVIH4fkk0QmFvC20p9XSHBPus%2BtSk3aqzxd8ot%2FdvDnihRKYxCduOf%2Fto38YUbOoXp4mIjA4TXQfzxXWvvh2%2BPyxOxIerCd2oAhJ2%2FIR6dUf6YJW2Y5E6U%2F9huD51oplYwpLA%2F%2FtYkHKCNr1JtLoXyj5PMZ%2FqN9ZMcltXGpspJzvkJ%2F5KRUrKDmJqVo HTTP/1.1
Host: gtm.wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:23 GMT
content-type: image/gif
set-cookie: _fbp=fb.2.1674412882903.1416863929; Max-Age=7776000; Domain=wise.com; Path=/; SameSite=Lax; Secure; HttpOnly
via: 1.1 google
X-Firefox-Spdy: h2
gtm.wise.com/g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=2&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=scroll&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&epn.percent_scrolled=90&_et=4&richsstsse
216.239.32.21200 OK 16 kB URL HTTP/2 gtm.wise.com/g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=2&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=scroll&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&epn.percent_scrolled=90&_et=4&richsstsse
IP 216.239.32.21:0
Hash 65588205873a4bb26cd30915402c2944
3cfdf7b0674744fe41d008031f5aa6945cec4438
bc30c0c62f67a949a899898e8f88b6bbc3e256600f9b1f6b6227ea8a7bc8c242
GET /g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=2&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=scroll&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&epn.percent_scrolled=90&_et=4&richsstsse HTTP/1.1
Host: gtm.wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:23 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPLC=Q1z1rMO10H%2FNIH%2F%2Fp%2FGJkeUd3QZxWeFwkG5P95ms13zMAWIZLyCW%2BQ06AhSRnmtrkMw8XVgH8s9nKjtgENTVt2EHutjYzS0gpnzmvWi1Ogus5BKFwG9%2BYIcMX0Ffmg%3D%3D; Max-Age=72000; Domain=34-134-130-193.plesk.page; Path=/; Secure
FPID=FPID2.3.xUaSMShq3h0EcF68fcWNT9QI38JvqMU9ax4QCqSstJg%3D.1674412882; Max-Age=63072000; Domain=34-134-130-193.plesk.page; Path=/; Secure; HttpOnly
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://kind-babbage.34-134-130-193.plesk.page
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
wise.com/public-resources/assets/icons/favicon_16x16.png
104.18.17.28200 OK 116 B URL HTTP/2 wise.com/public-resources/assets/icons/favicon_16x16.png
IP 104.18.17.28:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash be4db316c3f04f66655048fa822779b8
a8e69751872d1fe241709328d1fb56330d3f58ce
4d41a5f75ec23c6e19e17fa261f1585f1aabe8fb55119b7a817ab587bc912bb5
GET /public-resources/assets/icons/favicon_16x16.png HTTP/1.1
Host: wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:24 GMT
content-type: image/webp
content-length: 116
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=227
content-disposition: inline; filename="favicon_16x16.webp"
vary: Accept
x-content-type-options: nosniff
cache-control: public,max-age=86400,s-maxage=3600,stale-while-revalidate=604800,stale-if-error=604800
etag: "fa6e213c85ca2e0fc18f7b5cd11bc091"
last-modified: Wed, 04 Jan 2023 14:35:13 GMT
x-amz-id-2: OOvb8U7BFCPkW7Xa2yYnb8vWakPEWV0LZZFBdA76FrAyYQKaHnDAdoTkM2T9GPyMeMzJziIKgIw=
x-amz-request-id: 1TBRS3MYB2QHWTDD
x-amz-version-id: Wzn6vaXpvaIjzsuleSvpLg0MZqKC3mCH
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 54
cf-cache-status: HIT
age: 3247
accept-ranges: bytes
set-cookie: __cf_bm=iUVnoWY.IscdihnMnAyBvn4M.5ZaEaS.rph4FzOa_yk-1674412884-0-ARho+AZI9F9FGYZG+mUTOnnbkDtNai1HiiDDFEhebUNuH4cZpvLYRVDlxQdu811E/mLvjdw9zfsbz69CkEsiLZE64l9acr9Ycn0xPBNQHqum; path=/; expires=Sun, 22-Jan-23 19:11:24 GMT; domain=.wise.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 78da6c6d3819b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
wise.com/public-resources/assets/icons/apple_touch_icon.png
104.18.17.28200 OK 676 B URL HTTP/2 wise.com/public-resources/assets/icons/apple_touch_icon.png
IP 104.18.17.28:0
File type RIFF (little-endian) data, Web/P image\012- data
Hash db4ed5d44389311bcae028bd9668c30b
43c20a6244f31d1cfc707eeafb69914af331fec5
cc79c228c5fa7f672f7c41ef29fa647731028a2c0c89896946a607e983c4f46e
GET /public-resources/assets/icons/apple_touch_icon.png HTTP/1.1
Host: wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:24 GMT
content-type: image/webp
content-length: 676
cf-bgj: imgq:100,h2pri
cf-polished: origFmt=png, origSize=813
content-disposition: inline; filename="apple_touch_icon.webp"
vary: Accept
x-content-type-options: nosniff
cache-control: public,max-age=86400,s-maxage=3600,stale-while-revalidate=604800,stale-if-error=604800
etag: "bd5ab398a672c3d2d487286ed128cd22"
last-modified: Thu, 12 Jan 2023 09:52:24 GMT
x-amz-id-2: LiBolAsnahWDmctRh/pLfEhFQomWc9YpZDBDiYLsQTKAnnruDXVcq21odqUVsJFa8KG2vEpMq2A=
x-amz-request-id: 0Z382DXY87S6CN22
x-amz-version-id: eC.aft4MvNICuHHMT6mbyOVF3fajPdk1
x-envoy-attempt-count: 1
x-envoy-upstream-service-time: 21
cf-cache-status: HIT
age: 548
accept-ranges: bytes
set-cookie: __cf_bm=dZ70RCYw6230PuKi_WJi8xqKmD7D9qv7ZeTS8jyrXrE-1674412884-0-AW0wWzxNdOskfCm4U7ufCVSpQ2uW824CTAgCprKFPNIt4j7Hel9JrK3s5UdIQlQLGy8OEghiF98sZIGea4BvUXNGXAfDr2fNMfa4n+2vRswX; path=/; expires=Sun, 22-Jan-23 19:11:24 GMT; domain=.wise.com; HttpOnly; Secure; SameSite=None
strict-transport-security: max-age=31536000
server: cloudflare
cf-ray: 78da6c6d4848b509-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/981785008/?random=1674412882906&cv=10&fst=1674412882906&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&auid=1733587630.1674412883
142.250.74.2302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/981785008/?random=1674412882906&cv=10&fst=1674412882906&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&auid=1733587630.1674412883
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/981785008/?random=1674412882906&cv=10&fst=1674412882906&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&auid=1733587630.1674412883 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 18:41:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 22-Jan-2023 18:56:24 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash c0f67edfa92ff11474d17ad3160ed43e
a43cc627d3c9258bdbe14ff3ceeed1c98496ff50
309dea4b94ceda4ec43c2f944cdfad61434c96eaafd172bc55c39545f3bf5a1e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5074bfa38808c4a0f18b00a601cfef53
ffc0c526e49251605b2c95d0d1d595f9c702cd9a
6262e4155e8fbf18388f2f38c8e65cb87db94dae66d1dbbd329b4973d8b243df
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash e7be27da69db27c40a32e0f6633da044
8c06cd441f191b31f47fd88eb56bf521496770d9
ea55eef7a093881e9cdd349609d234405ecf715d6ffbad33a63078367f9071a7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3185
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Last-Modified: Sun, 22 Jan 2023 17:48:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 313
t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29
104.244.42.5200 OK 43 B URL HTTP/2 t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29
IP 104.244.42.5:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:24 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=2471a417-d238-43ac-896b-8eda8b38bf72; Max-Age=63072000; Expires=Tue, 21 Jan 2025 18:41:24 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: 2f7e5cb3791416c2
strict-transport-security: max-age=0
x-response-time: 104
x-connection-hash: b1d5fe7bc451a490c8250f57568c8254e4366bb422128144e2f8087ae8a74ad9
X-Firefox-Spdy: h2
s.yimg.jp/images/listing/tool/cv/ytag.js
182.22.24.124200 OK 9.8 kB URL HTTP/2 s.yimg.jp/images/listing/tool/cv/ytag.js
IP 182.22.24.124:0
ASN #23816 Yahoo Japan Corporation
File type ASCII text, with very long lines (32040), with no line terminators
Hash 365c9c596b34a4638836c22c8a5dc623
90f05e1c6c4016e5677709bb6f8f0e810b9ca58a
ecddfb33f676186b2a23f80d1d12b32bfe11d1144b1e44da0347d5ac2943b76f
GET /images/listing/tool/cv/ytag.js HTTP/1.1
Host: s.yimg.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Sun, 22 Jan 2023 18:33:39 GMT
vary: Accept-Encoding
last-modified: Mon, 19 Dec 2022 01:14:54 GMT
cache-control: public, max-age=600
content-encoding: gzip
server: ATS
accept-ch: Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch
permissions-policy: ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform-version=*, ch-ua-arch=*
age: 465
content-length: 9788
ats-carp-promotion: 1
x-z-chihaya: r=1
X-Firefox-Spdy: h2
d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
54.230.245.16200 OK 9.7 kB URL HTTP/2 d2hrivdxn8ekm8.cloudfront.net/tracker-latest.min.js
IP 54.230.245.16:0
File type C source, ASCII text, with very long lines (9726), with no line terminators
Hash b9969e7233e19c701e23250dfc600091
f7f21e6f6530d31964917d516b0ac699b7c69fd6
e2cd346faacef0060f6fcdee7ec4ff2cbfd19c09766a6949531bbd2d36d3d2a0
GET /tracker-latest.min.js HTTP/1.1
Host: d2hrivdxn8ekm8.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
content-length: 9726
last-modified: Fri, 06 Jan 2023 22:11:58 GMT
x-amz-version-id: 25i7uZa9clT6y_Wdb4DMy43yEZwXSGD.
accept-ranges: bytes
server: AmazonS3
date: Sun, 22 Jan 2023 03:49:58 GMT
etag: "b9969e7233e19c701e23250dfc600091"
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1jBCngSWOXHo5HKP2igkFE-xprxp1PKJCUjlxqopxaxs8m8OPicS4Q==
age: 53501
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5990948&tm=gtm002&Ver=2&mid=96b4f6d2-2a1a-4e22-8a85-5f7515c5515d&sid=5e6c89709a8411ed9cb5b950fc6f9175&vid=5e6c95a09a8411ed9a43a5f8124b4cbd&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Wise%20-%20Cr%C3%A9er%20un%20compte&p=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&r=<=1770&evt=pageLoad&sv=1&rn=469812
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5990948&tm=gtm002&Ver=2&mid=96b4f6d2-2a1a-4e22-8a85-5f7515c5515d&sid=5e6c89709a8411ed9cb5b950fc6f9175&vid=5e6c95a09a8411ed9a43a5f8124b4cbd&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Wise%20-%20Cr%C3%A9er%20un%20compte&p=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&r=<=1770&evt=pageLoad&sv=1&rn=469812
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5990948&tm=gtm002&Ver=2&mid=96b4f6d2-2a1a-4e22-8a85-5f7515c5515d&sid=5e6c89709a8411ed9cb5b950fc6f9175&vid=5e6c95a09a8411ed9a43a5f8124b4cbd&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Wise%20-%20Cr%C3%A9er%20un%20compte&p=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&r=<=1770&evt=pageLoad&sv=1&rn=469812 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0C9D6389F2356B321BBC7128F3626AAF; domain=.bing.com; expires=Fri, 16-Feb-2024 18:41:24 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E04079151244F378B11B7D5D86B0BC9 Ref B: OSL30EDGE0319 Ref C: 2023-01-22T18:41:24Z
date: Sun, 22 Jan 2023 18:41:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash f4d171538addb3e350e03876c9c23d81
9874648e426c9a8b65ddcb1d3fc944b8464be9f5
e89b056e51c85f967d05f0cb23a2212d0f391838df414dda9f61e67a96dbefff
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 7e274b127eced155810147601cc81585
250b04e6312ea7fb5f9d97cd16403dc40b9dd2a8
6b41cfbba8a71fa96407d24f839da6a14b0451fb418fdc2df2bdf245787684c4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4176
Cache-Control: max-age=107205
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Etag: "63cc72c9-139"
Expires: Tue, 24 Jan 2023 00:28:09 GMT
Last-Modified: Sat, 21 Jan 2023 23:18:33 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 313
www.google.com/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 18:41:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/8764-86ee4dec8701906d.js
34.134.130.193200 OK 6.9 kB URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/8764-86ee4dec8701906d.js
IP 34.134.130.193:0
File type ASCII text, with very long lines (23287)
Hash 1254e90d710dc81fad6ae608047436e7
6cd4990dba71e4a4bce9fe0f18a8625aef42b62a
707c9bf6890646a8db1bd7756a102592807a43871f4f9ac5334cd8f13b24abf2
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/8764-86ee4dec8701906d.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:28 GMT
etag: W/"63cc823c-5b29"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
bat.bing.com/p/action/5990948.js
13.107.21.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5990948.js
IP 13.107.21.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5990948.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 144EEC212D924FDE9663E956BB1B1436 Ref B: OSL30EDGE0319 Ref C: 2023-01-22T18:41:24Z
date: Sun, 22 Jan 2023 18:41:23 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash ace90ee2f1ce8ca0d69556c6398555a6
49b53ab37b77ebf26525ef3a84aaa9a817af9df4
6d66736ed5245c62987c88f0c3570eefd8f45c09f60dc9b2e1d585f05d1f00e2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGI%3D&date=1674412883181
143.204.42.221200 OK 43 B URL HTTP/2 dvqigh9b7wa32.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGI%3D&date=1674412883181
IP 143.204.42.221:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGI%3D&date=1674412883181 HTTP/1.1
Host: dvqigh9b7wa32.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sun, 22 Jan 2023 12:41:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VdNC13G-PaE7_ZfIirYln0HiHr2wsgyckhCAm6yk808GGT4ZzppPmg==
age: 21620
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cc298ded3fc0f058105ddd7b442f5b55
38d43fe921b0b34e4a762598c3ad003956592c04
61a166c11ee3bc04f5be109d262b7f69525e428b1a85f68e00a58de4ff26b4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29
104.244.42.67200 OK 43 B URL HTTP/2 analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29
IP 104.244.42.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=983436e3-6379-445d-8f69-2071c7dd21ba&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=4e3c1c77-4a51-40b8-b3bd-b748f0c46650&tw_document_href=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tw_iframe_status=0&txn_id=nuuhv&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:23 GMT
perf: 7626143928
server: tsa_o
set-cookie: guest_id_marketing=v1%3A167441288448016965; Max-Age=63072000; Expires=Tue, 21 Jan 2025 18:41:24 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id_ads=v1%3A167441288448016965; Max-Age=63072000; Expires=Tue, 21 Jan 2025 18:41:24 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
personalization_id="v1_8qdBfZ04X1RkTOKMNmACsg=="; Max-Age=63072000; Expires=Tue, 21 Jan 2025 18:41:24 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
guest_id=v1%3A167441288448016965; Max-Age=63072000; Expires=Tue, 21 Jan 2025 18:41:24 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: a73caee3128d6063
strict-transport-security: max-age=631138519
x-response-time: 102
x-connection-hash: bf54118256043f9c58df45f120ba7f8e1590b465a264b250d312e0e296182eae
X-Firefox-Spdy: h2
d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGImY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmtpbmQtYmFiYmFnZS4zNC0xMzQtMTMwLTE5My5wbGVzay5wYWdlJTJGbnVtYmVyLnBocA%3D%3D&date=1674412883183
54.230.245.177200 OK 43 B URL HTTP/2 d1lu3pmaz2ilpx.cloudfront.net/5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGImY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmtpbmQtYmFiYmFnZS4zNC0xMzQtMTMwLTE5My5wbGVzay5wYWdlJTJGbnVtYmVyLnBocA%3D%3D&date=1674412883183
IP 54.230.245.177:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=dmVyc2lvbj0xLjIuMTYmdG9rZW49MjYxM2ZlNGMtMTBkMy00NTUzLWI5MTYtZmJkMjdmNDYyNDIyJnNlc3Npb25JZD02YzdjNTFjMi0xN2U0LTI3YTUtMTAyMC04NGI0ZGQ3NmNlMGImY29va2llU3VwcG9ydD1QRVJTSVNUJmV2ZW50PXBhZ2V2aWV3JiUyNG9zPVdpbmRvd3MmJTI0Y3VycmVudFVybD1odHRwcyUzQSUyRiUyRmtpbmQtYmFiYmFnZS4zNC0xMzQtMTMwLTE5My5wbGVzay5wYWdlJTJGbnVtYmVyLnBocA%3D%3D&date=1674412883183 HTTP/1.1
Host: d1lu3pmaz2ilpx.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sun, 22 Jan 2023 00:28:33 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin
x-cache: Hit from cloudfront
via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GX143_DTaII_WLnXDxVyKdCXGa20_UbGCzXNK0DQfU6h-iC8cNQv5A==
age: 65572
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/981785008/?random=1674412882906&cv=10&fst=1674410400000&fmt=3&bg=ffffff&guid=ON&u_w=1280&u_h=1024>m=45h91e31i1&url=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&tiba=Wise%20-%20Cr%C3%A9er%20un%20compte&is_vtc=1&random=3373330228&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 22 Jan 2023 18:41:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE2JnRva2VuPTI2MTNmZTRjLTEwZDMtNDU1My1iOTE2LWZiZDI3ZjQ2MjQyMiZzZXNzaW9uSWQ9NmM3YzUxYzItMTdlNC0yN2E1LTEwMjAtODRiNGRkNzZjZTBi&date=1674412883181
143.204.42.161200 OK 43 B URL HTTP/2 d330aiyvva2oww.cloudfront.net/5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE2JnRva2VuPTI2MTNmZTRjLTEwZDMtNDU1My1iOTE2LWZiZDI3ZjQ2MjQyMiZzZXNzaW9uSWQ9NmM3YzUxYzItMTdlNC0yN2E1LTEwMjAtODRiNGRkNzZjZTBi&date=1674412883181
IP 143.204.42.161:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash fb02f374b8f73825415db1bccd4bd76d
b103aa629cacdd90b39538a7561da7f8e49ad73f
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
GET /5a28e627?data=aXB2Nj10cnVlJnZlcnNpb249MS4yLjE2JnRva2VuPTI2MTNmZTRjLTEwZDMtNDU1My1iOTE2LWZiZDI3ZjQ2MjQyMiZzZXNzaW9uSWQ9NmM3YzUxYzItMTdlNC0yN2E1LTEwMjAtODRiNGRkNzZjZTBi&date=1674412883181 HTTP/1.1
Host: d330aiyvva2oww.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sun, 22 Jan 2023 12:41:05 GMT
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 08 Mar 2017 06:19:28 GMT
etag: "fb02f374b8f73825415db1bccd4bd76d"
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: nC7v2IlPtdOLsUM3JOYZNqA6XviTWfDSHEVF4Zd30CKbBagP8KZ9lA==
age: 21620
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash cc298ded3fc0f058105ddd7b442f5b55
38d43fe921b0b34e4a762598c3ad003956592c04
61a166c11ee3bc04f5be109d262b7f69525e428b1a85f68e00a58de4ff26b4c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
am.yahoo.co.jp/rt/?p=FDGMU2R6G4&label=&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&rref=&pt=&item=&cat=&price=&quantity=&r=1674412883.2127812&pvid=li0zu9cjcwld7q75d2&tsyjad=0&_impl=ytag
182.22.24.124403 Forbidden 14 kB URL HTTP/2 am.yahoo.co.jp/rt/?p=FDGMU2R6G4&label=&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&rref=&pt=&item=&cat=&price=&quantity=&r=1674412883.2127812&pvid=li0zu9cjcwld7q75d2&tsyjad=0&_impl=ytag
IP 182.22.24.124:0
ASN #23816 Yahoo Japan Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /rt/?p=FDGMU2R6G4&label=&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&rref=&pt=&item=&cat=&price=&quantity=&r=1674412883.2127812&pvid=li0zu9cjcwld7q75d2&tsyjad=0&_impl=ytag HTTP/1.1
Host: am.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 403 Forbidden
date: Sun, 22 Jan 2023 18:41:25 GMT
server: ATS
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 14275
content-type: text/html
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8324c00462218a4997ff7b300dd0314f
221f8d122822a09fc812d9cba7cf2cc419a87df3
7110351a1a2ca5ba720ef2be45611b755ee570b3f29374769c1431833c3dddb5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5467
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 22 Jan 2023 18:41:27 GMT
Last-Modified: Sun, 22 Jan 2023 17:10:20 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674412886322
130.211.34.183200 OK 25 B URL HTTP/2 api-js.mixpanel.com/track/?verbose=1&ip=1&_=1674412886322
IP 130.211.34.183:0
File type JSON data\012- , ASCII text, with no line terminators
Hash fa4859df2aaba80141861afa205fe74e
d486b5a249527d022cc009bdc9c197efb66f23a2
e39a8118ec6cdf6ac33e6961518e9fe6ba3f6caf099aeeaec1389c2108ba90ba
POST /track/?verbose=1&ip=1&_=1674412886322 HTTP/1.1
Host: api-js.mixpanel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 929
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://kind-babbage.34-134-130-193.plesk.page
access-control-expose-headers: X-MP-CE-Backoff
access-control-max-age: 1728000
cache-control: no-cache, no-store
content-type: application/json
strict-transport-security: max-age=604800; includeSubDomains
date: Sun, 22 Jan 2023 18:41:27 GMT
content-length: 25
x-envoy-upstream-service-time: 15
server: envoy
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/8356-6b661c16fbfec3b7.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/8356-6b661c16fbfec3b7.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/8356-6b661c16fbfec3b7.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:34 GMT
etag: W/"63cc8242-50aa"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/8934-2c1860920afedb5e.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/8934-2c1860920afedb5e.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/8934-2c1860920afedb5e.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:30 GMT
etag: W/"63cc823e-25d1"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=ay3869r&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&upid=64p74hp&upv=1.1.0&td1=undefined
3.33.220.150302 Found 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=ay3869r&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&upid=64p74hp&upv=1.1.0&td1=undefined
IP 3.33.220.150:0
GET /track/up?adv=ay3869r&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&upid=64p74hp&upv=1.1.0&td1=undefined HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 22 Jan 2023 18:41:25 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=ay3869r&ref=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&upid=64p74hp&upv=1.1.0&td1=undefined
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=b03bf35a-a1e0-4d58-9b69-bcac1ee3defc; domain=.adsrvr.org; expires=Mon, 22-Jan-2024 18:41:25 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
gtm.wise.com/wisetag?id=GTM-M7V2XH
216.239.32.21400 Bad Request 0 B URL HTTP/2 gtm.wise.com/wisetag?id=GTM-M7V2XH
IP 216.239.32.21:0
GET /wisetag?id=GTM-M7V2XH HTTP/1.1
Host: gtm.wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
date: Sun, 22 Jan 2023 18:41:22 GMT
via: 1.1 google
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number.php
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number.php
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number.php HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.27, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/598878faba7ec6cf.css
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
GET /number_files/598878faba7ec6cf.css HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: text/css
last-modified: Sun, 22 Jan 2023 00:24:22 GMT
etag: W/"63cc8236-a76b6"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
gtm.wise.com/g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=1&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&richsstsse
216.239.32.21200 OK 0 B URL HTTP/2 gtm.wise.com/g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=1&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&richsstsse
IP 216.239.32.21:0
GET /g/collect?v=2&tid=G-MFT2R11DFX>m=2re1i0&_p=1972741724&cid=826363758.1674412882&ul=en-us&sr=1280x1024&_fplc=0&uaW=1&_s=1&sid=1674412881&sct=1&seg=0&dl=https%3A%2F%2Fkind-babbage.34-134-130-193.plesk.page%2Fnumber.php&dt=Wise%20-%20Cr%C3%A9er%20un%20compte&en=page_view&_fv=1&_ss=1&ep.debug_mode=false&epn.event_time=1674412882&epn.event_time_ms=1674412881519&richsstsse HTTP/1.1
Host: gtm.wise.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://kind-babbage.34-134-130-193.plesk.page
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: text/plain
vary: Accept-Encoding
set-cookie: FPLC=oV69%2BntQtCPB969ixMei2BDmeVF%2FtdtbwBnAbas4wOjEM7of6SI6nu%2Bi8e8xNzm82My6UwQFcUgQrkf%2BPHlNVxQ%2FHJ%2BuOUO17AVc61mDGuf1ZIJDXlv6Z1vUTLnfYg%3D%3D; Max-Age=72000; Domain=34-134-130-193.plesk.page; Path=/; Secure
FPID=FPID2.3.xUaSMShq3h0EcF68fcWNT9QI38JvqMU9ax4QCqSstJg%3D.1674412882; Max-Age=63072000; Domain=34-134-130-193.plesk.page; Path=/; Secure; HttpOnly
FPAU=1.3.1733587630.1674412883; Max-Age=7776000; Domain=34-134-130-193.plesk.page; Path=/; Secure
cache-control: no-cache
x-content-type-options: nosniff
access-control-allow-origin: https://kind-babbage.34-134-130-193.plesk.page
access-control-allow-credentials: true
content-encoding: gzip
via: 1.1 google
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/3082-dbdf1191dec845b5.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/3082-dbdf1191dec845b5.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/3082-dbdf1191dec845b5.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:29 GMT
etag: W/"63cc823d-4179"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/0b8754db-df9233371ffa7faf.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/0b8754db-df9233371ffa7faf.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/0b8754db-df9233371ffa7faf.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:30 GMT
etag: W/"63cc823e-11a77"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/3539-8b91295a0cfbcf77.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/3539-8b91295a0cfbcf77.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/3539-8b91295a0cfbcf77.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:36 GMT
etag: W/"63cc8244-159a3"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/5153-061f73cabbd90954.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/5153-061f73cabbd90954.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/5153-061f73cabbd90954.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:24 GMT
etag: W/"63cc8238-739c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/5850-a73e7762143c3749.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/5850-a73e7762143c3749.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/5850-a73e7762143c3749.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:24 GMT
etag: W/"63cc8238-5126"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/9748-c43d79dac4f09cae.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/9748-c43d79dac4f09cae.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/9748-c43d79dac4f09cae.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:24 GMT
etag: W/"63cc8238-904a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/4828-46625e06a3e78695.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/4828-46625e06a3e78695.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/4828-46625e06a3e78695.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:38 GMT
etag: W/"63cc8246-2c08"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/3577-9daebefa682437f9.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/3577-9daebefa682437f9.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/3577-9daebefa682437f9.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:36 GMT
etag: W/"63cc8244-1677a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/7737-d16ae6e4c310ae75.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/7737-d16ae6e4c310ae75.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/7737-d16ae6e4c310ae75.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:35 GMT
etag: W/"63cc8243-3c04"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/2530-adff0fbf229e347e.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/2530-adff0fbf229e347e.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/2530-adff0fbf229e347e.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:20 GMT
etag: W/"63cc8234-4d8a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/9457-713da65b9efee877.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/9457-713da65b9efee877.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/9457-713da65b9efee877.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:29 GMT
etag: W/"63cc823d-2a94"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/1396-19989e6502118a1d.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/1396-19989e6502118a1d.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/1396-19989e6502118a1d.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:37 GMT
etag: W/"63cc8245-a4fb"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/analytics.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/analytics.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/analytics.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:33 GMT
etag: W/"63cc8241-c43a"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/1e4258512dbe74d5.css
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/1e4258512dbe74d5.css
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
GET /number_files/1e4258512dbe74d5.css HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: text/css
last-modified: Sun, 22 Jan 2023 00:24:37 GMT
etag: W/"63cc8245-38f0"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/_app-7df3282cca69b6f8.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/_app-7df3282cca69b6f8.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/_app-7df3282cca69b6f8.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:21 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:27 GMT
etag: W/"63cc823b-4437d"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/196-2606fc14caeb4b1f.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/196-2606fc14caeb4b1f.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/196-2606fc14caeb4b1f.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:29 GMT
etag: W/"63cc823d-64ee"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/4513-9a085d34a421f8d0.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/4513-9a085d34a421f8d0.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/4513-9a085d34a421f8d0.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:39 GMT
etag: W/"63cc8247-165b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/8305-c6649af178043a68.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/8305-c6649af178043a68.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/8305-c6649af178043a68.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:25 GMT
etag: W/"63cc8239-1d46c"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/7593-0ce715ca86ca1ed8.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/7593-0ce715ca86ca1ed8.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/7593-0ce715ca86ca1ed8.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:27 GMT
etag: W/"63cc823b-bc88"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/1902-059f8538c4f98340.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/1902-059f8538c4f98340.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/1902-059f8538c4f98340.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:32 GMT
etag: W/"63cc8240-b0be"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/2160-0b2655a83af8130b.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/2160-0b2655a83af8130b.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/2160-0b2655a83af8130b.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:28 GMT
etag: W/"63cc823c-1799f"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
trck.spoteffects.net/analytics/spef.min.js
40.119.158.131200 OK 0 B URL HTTP/2 trck.spoteffects.net/analytics/spef.min.js
IP 40.119.158.131:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
GET /analytics/spef.min.js HTTP/1.1
Host: trck.spoteffects.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Mon, 04 Mar 2019 19:31:08 GMT
etag: W/"5c7d7cfc-1323e"
expires: Sun, 29 Jan 2023 18:41:22 GMT
pragma: public
cache-control: max-age=604800, public
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-encoding: gzip
X-Firefox-Spdy: h2
kind-babbage.34-134-130-193.plesk.page/number_files/_buildManifest.js
34.134.130.193200 OK 0 B URL HTTP/2 kind-babbage.34-134-130-193.plesk.page/number_files/_buildManifest.js
IP 34.134.130.193:0
Analyzer Verdict Alert openphish TransferWise
fortinet Phishing
GET /number_files/_buildManifest.js HTTP/1.1
Host: kind-babbage.34-134-130-193.plesk.page
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kind-babbage.34-134-130-193.plesk.page/number.php
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 22 Jan 2023 18:41:22 GMT
content-type: application/javascript
last-modified: Sun, 22 Jan 2023 00:24:38 GMT
etag: W/"63cc8246-1444"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2