r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6f313739c4c44174fc9a97ac63621b46
319da68d06694330ad9f7901bcde1ca0a6eeac0d
321236ee07769c741890815bc56fd2700ff1974b0534368b9ff2e96320ae4fee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "321236EE07769C741890815BC56FD2700FF1974B0534368B9FF2E96320AE4FEE"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9097
Expires: Thu, 23 Feb 2023 04:14:28 GMT
Date: Thu, 23 Feb 2023 01:42:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bbe5e8dc913bdcab76f9fe8851ea2e77
9215fadd003873382ed2a4ace79ba337adadd692
e6094932dd4de52ea6360bdfbe8bb15951ebd76255766eee627c5de6f83fcea8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E6094932DD4DE52EA6360BDFBE8BB15951EBD76255766EEE627C5DE6F83FCEA8"
Last-Modified: Wed, 22 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16431
Expires: Thu, 23 Feb 2023 06:16:42 GMT
Date: Thu, 23 Feb 2023 01:42:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b44c4b5daa307a355e7bab1c83c1ca82
dbd14cd873f1dd4502f277b3f51cb7bc8da0c080
fd4604461cfa002c8a261bb14eb8dda56817db231b9012b2eb38d6dbc2674df5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Length, Content-Type, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 23 Feb 2023 01:38:17 GMT
content-type: application/json
age: 274
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7fb59e5d3cdf08b94e5f41fdeb9aec6c
ff644039db3b9f74d7e2fab10f93581bea10614a
861573a00d75364e15783c5e448c4f8b4da48b38d9beba3ebd33a87f993489a5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "861573A00D75364E15783C5E448C4F8B4DA48B38D9BEBA3EBD33A87F993489A5"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2776
Expires: Thu, 23 Feb 2023 02:29:07 GMT
Date: Thu, 23 Feb 2023 01:42:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b5ba6334e73496995e3e3a9ecd0eb323
ad80d3b7718c28364e8c2004fb38a13a1747e462
aa5abb52515c6383c014aadb63a86c9f798ad64de53c0218616c1fc6d424d2e2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-09-20-28-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MyivcbYs5mioPT7ko0SblnD56jI/8tDRpeK5d5+un+j0S2FFjvjqDhvvg7LB2oH4OwQvxW7kFqA=
x-amz-request-id: Q97MVMKBZRPZA4Z8
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 23 Feb 2023 00:48:50 GMT
age: 3241
last-modified: Sat, 18 Feb 2023 20:28:27 GMT
etag: "b5ba6334e73496995e3e3a9ecd0eb323"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 23 Feb 2023 01:42:51 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Content-Length, Content-Type, Cache-Control, Pragma, Retry-After, ETag, Expires, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 23 Feb 2023 00:51:26 GMT
age: 3086
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5fa728a339ca32e616d483e61d0aebcd
6a63966de94d16390c8f1e47e5b67fe5bb67f7cd
7e83729d554404e59f1f1ff809ac776d3596487e2b062a1e38af8e29f33c0686
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7E83729D554404E59F1F1FF809AC776D3596487E2B062A1E38AF8E29F33C0686"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8904
Expires: Thu, 23 Feb 2023 04:11:16 GMT
Date: Thu, 23 Feb 2023 01:42:52 GMT
Connection: keep-alive
push.services.mozilla.com/
52.26.112.186101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.26.112.186:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Agj0Z93guw7+9YFwC3TMNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: KdiNP44oTrsJ0wbqJJk5mlR13jU=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4220
Expires: Thu, 23 Feb 2023 02:53:13 GMT
Date: Thu, 23 Feb 2023 01:42:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4220
Expires: Thu, 23 Feb 2023 02:53:13 GMT
Date: Thu, 23 Feb 2023 01:42:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4220
Expires: Thu, 23 Feb 2023 02:53:13 GMT
Date: Thu, 23 Feb 2023 01:42:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cd04d923e6b3cbd7cac3c56d18ca9016
7d3205fb454124635afcbfcf2265ce504c778ef1
fc857fad800eb3c6f2a3f28007b1b81f2a95e4968d376f47238a681f9c958475
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC857FAD800EB3C6F2A3F28007B1B81F2A95E4968D376F47238A681F9C958475"
Last-Modified: Wed, 22 Feb 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4220
Expires: Thu, 23 Feb 2023 02:53:13 GMT
Date: Thu, 23 Feb 2023 01:42:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d97504086b1691daf37cfc6fdc47d397
df754de121e0219219424f5ec36d4150510ede41
3d41298d07865266b65dd40292df8c2667aeded253cd3cd9648ef36d5141296a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5df27f54-2fe2-459e-87c7-b6c6a31aba0c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6705
x-amzn-requestid: c3a54f4d-2516-41fd-a654-de992767ba5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3F-foAMFW2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-7ae23d402cdf53c8752caf5d;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JqUwtC4nRkbarwUo7m4fgpLg0W5HYnXMe8s4hKE41wSBuCWWPhLfVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 14318
etag: "df754de121e0219219424f5ec36d4150510ede41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a6c075bf39141bbc7826d6969cf2ac8
8a3f71fea281d57261814a858c94fd11f083b9fe
dbd5fd07729dd569dd87128ba167ccccb2fa1c8e73f3eb6d64ac1c37f8294db7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3c4dab71-c39e-421a-8dd6-60a97e3b2223.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6643
x-amzn-requestid: 326ed8fb-b228-4546-adf3-a188ce799089
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ArXwJG4OoAMFVZQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f46ccd-74c2a8741928ad99733db89f;Sampled=0
x-amzn-remapped-date: Tue, 21 Feb 2023 07:03:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Gu_G39ZXNYgyloJITQfAYavWjzrcB_sPNNOROrgBJW3BZtCVLpbxSQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 02:20:13 GMT
age: 84160
etag: "8a3f71fea281d57261814a858c94fd11f083b9fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash babe4da90e1cca9297bcc6edf5195566
b2687eafa71395144d096eb0b15c8ec3ffc4b46e
ad46f9818d396725a4ff4e31006bb73611c1ce855f53b0c5a7ba20be4441f8d2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F058cb296-f883-4b2e-848b-2dc5f2f49041.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10348
x-amzn-requestid: 289c1c1e-e3d2-4a0f-b517-f860f20c632a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqiEEofoAMFvlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad9-02f225f65d1abd7d3cddc7c3;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RV0ZiIyrmiUU7Ekdv561QyboygtCtP6Dl1f9akVmpS5yCmA-AS4eUw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:46:59 GMT
age: 14154
etag: "b2687eafa71395144d096eb0b15c8ec3ffc4b46e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b71d2b327e4b858ce631d4d3d7ebeb4a
d35b46e26cab53baf794abc95a9796fc681f8d6d
e69798f5c9b6b1e33b8e7b3dc2ea1c463f06d4ba4fbc3b08e1fdd13d19b4756b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04e67897-b0ef-4c04-a8de-f6f092510d32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5894
x-amzn-requestid: 70cc1517-7f08-4576-ba9a-2d049ce63647
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqgqHB5oAMFcXw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68ad0-7d8e36ec44432c5a69c0662c;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:36:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XjhltuUdm4owh8FuXWiT6hh0ov_GuQHpbMnDxm2cCaWrwq3rrvJZJw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:55:57 GMT
age: 13616
etag: "d35b46e26cab53baf794abc95a9796fc681f8d6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e767c4b566f75c2e5c384d79c874a982
3aa715f0e3a2fbc2a6be06a1284610be50685023
eb40b67d33ffb31a5acb809c4da06e3a82c49990b78f34407d56d22c444cf11c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07a7f783-b830-48ee-af41-9e919bf61c16.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7286
x-amzn-requestid: 3c5826ab-c99d-41c0-8145-561cab4d1d01
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqTQFtaIAMFW3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a7a-4e4d07a87e805c5c16837dfe;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: anJcs_dDaqQi_kTT67paSKY90nqjll-QXuFboe1wV_26pr5WK5iNtw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:45:02 GMT
age: 14271
etag: "3aa715f0e3a2fbc2a6be06a1284610be50685023"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e4016fa20fa2642f89d375fcc2855d4b
f1733be34a214e9565208f814dd3990f89cafbcb
74686e6a674433c436bce8c70cecc1a2cde51e82241e8251188ebd587fd4ee18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1585e234-d4e0-4e4e-8699-70831e5a915e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9721
x-amzn-requestid: 5ddea3ff-b6e2-4528-8e71-eade54612b4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: AwqR3HJpoAMF5LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63f68a72-413219251feae2e32b9e6857;Sampled=0
x-amzn-remapped-date: Wed, 22 Feb 2023 21:34:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iHR9N5OPgY8mjpsZowY-Ipeq62c8O_QQorpNmIOa68_vmWyY0eqt-A==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Feb 2023 21:44:15 GMT
age: 14318
etag: "f1733be34a214e9565208f814dd3990f89cafbcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
188.114.96.1200 OK 27 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4714), with CRLF line terminators
Hash 78b6c3600575df722c535cf2fe1c68f2
e6776c3607a1e5acea96f54829b8d5a227f6b04c
c8bc1eef990d49b5ccf474ab8f6368fbe307a0f3aee87950c1c2e41154ed5476
Analyzer Verdict Alert openphish Netflix Inc.
phishtank Other
fortinet Phishing
GET /wp-admin/netvutra/vitrsa/miltra/account/login.php HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:53 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769; path=/
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i50nWfco5WgF%2F%2BOEtGH16AxC%2F9zTSBbL5W0RCmiwDynQfWbtA4Wr3uUWyJAX%2FcVyoNHi2krIXTXA%2FeBFAuVZ60vzsseo%2BdYKaIdYsaGBY96Q%2F9b33eHWkBMzLewQiVpN2bOhUw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc446a89231c02-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 3d7598cbb549e0d6f54835ff019828b8
24d24aa9920a4a0c93cc29655837a78bb12fb6ea
9c0327e0f830d45e18ad88f1700e010367070e698495d9d244c5ad31a26612ca
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3652
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 01:42:54 GMT
Last-Modified: Thu, 23 Feb 2023 00:42:02 GMT
Server: ECS (ska/F71E)
X-Cache: HIT
Content-Length: 280
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
188.114.96.1200 OK 5.3 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css
IP 188.114.96.1:0
Hash 1833ee353a99215a244f5ae3f987ad63
b86f2743b18ebc762fd628a441619963b34bef1f
ee96326f24e268c9da5118a55c368054b49bb71411f64c3b2aa29fa75bd6e7a2
GET /wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/core/error-page.b4d75d715f60a9ee1887.css HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/css
Content-Length: 5345
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 00:47:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TLaM6lpLytUm3tuAVtNbEClYXyWmIAyGWsceXYx%2FBMBFO5lzrrErE4xlqP6e3bNuUPeytFisfkUGd9S5vUpYXrQBbIakeEeBZd9kWHnDHA7bLHbJKFZuwH6%2BeWviswUPp5LfA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447bf950b4f9-OSL
alt-svc: h2=":443"; ma=60
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/personalization/cl2/freeform/WebsiteDetect2afe.html?source=wwwhead&fetchType=css&modalView=login
188.114.96.1404 Not Found 363 B URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/personalization/cl2/freeform/WebsiteDetect2afe.html?source=wwwhead&fetchType=css&modalView=login
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e7067cab4059fed715f86483758766ba
b42ca992a599db69b3d982dcc611f073d58b1e67
74dcf984544d51c55154316add10611bd243d38e9498af7ab73ea3613e976f83
NIDS Severity Alert suricata medium ET INFO 404 Response with Javascript Variable in Page
GET /wp-admin/netvutra/vitrsa/miltra/account/personalization/cl2/freeform/WebsiteDetect2afe.html?source=wwwhead&fetchType=css&modalView=login HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 404 Not Found
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 24 Aug 2021 08:30:45 GMT
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ld%2B%2FLcgiBYEwr22iCVs2byYVYjAvLEKUgr5viDyz%2F28VmJUFVpIzWk%2BN2kSfBxECTbt2bmHbfjSVHkY0H9h%2FNKIIHQto%2B9P5j5%2B4zITflKtMXiNJcpeMpAbtoCG0r9ns6B5etw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447bfff21c12-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.bharatcity.in/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
188.114.96.1400 Bad Request 155 B URL HTTP/1.1 www.bharatcity.in/personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
NotFoundb2e6.html /personalization/cl2/freeform/WebsiteDetect?source=wwwhead&fetchType=js&modalView=login HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.bharatcity.in
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
www.bharatcity.in/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1280&winh=1024&screenw=1280&screenh=939&ratio=1
188.114.96.1400 Bad Request 155 B URL HTTP/1.1 www.bharatcity.in/personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1280&winh=1024&screenw=1280&screenh=939&ratio=1
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 38b4930f1180292d1f82d7e7f9bac8cd
cda1f69ec2d5c3ad7184074eeb051b3881bbb757
efca0895b4d88b27a94249f8e7ac0083eff0a4ff3ac37c2841b3f6d7e11c1905
NotFoundb2e6.html /personalization/cl2/freeform/WebsiteScreen?source=wwwhead&fetchType=js&winw=1280&winh=1024&screenw=1280&screenh=939&ratio=1 HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://www.bharatcity.in
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 400 Bad Request
Server: cloudflare
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/html
Content-Length: 155
Connection: close
CF-RAY: -
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css
188.114.96.1200 OK 15 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (384)
Hash 60368ff2d99243e5ec4e7ca132dcc534
9980cb7f497cf04020dde64d60c6fa281dc0b4aa
76fd975b4d6cd5af7c2f77bdfd4b1f83dcd145673858e64bfa430237952fc165
GET /wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/login/loginBase.09e271325f8873705389.css HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/css
Content-Length: 14931
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 00:47:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aNDPC9kL9A6y0jyGGNQEH6gJW1mwtjoYIhnSomMjpFdXslvhBd5pbL2MN4tHfEqsjoE2YDi733HZRPNY%2B9td2c05%2BcPlaFudp%2FSuAKykudfF8Y8iVdT6ZgYL9Ez2HQxSHokxjA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447bfc1a0afe-OSL
alt-svc: h2=":443"; ma=60
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/pages/login/Login.f701fd76ffbab95b6def.css
188.114.96.1200 OK 17 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/pages/login/Login.f701fd76ffbab95b6def.css
IP 188.114.96.1:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash e4cba29543de8eb0eb83b265d9dd976a
fbe3b701762d5cf33ed9fe5026700ebd54ec154f
a0dfb89cbf483578728b2af8db5fb231474af59262c1f95efbc2ef42474f5f55
GET /wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/less/pages/login/Login.f701fd76ffbab95b6def.css HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/css
Content-Length: 17359
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 00:47:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WBvTgTn9qocfFQb7bY6PyYnNU5VZKaXXkq0DR2L1vwOUVvl6GPWQOCMDR9gMtyXSwUmm5CEIThwsQI2T2qOxwBS%2F5Ac0vcGbIj5DK91yhr7RffMewB%2B7%2Bz2Jbmanr3KcBcoE3Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447c4ecd1c02-OSL
alt-svc: h2=":443"; ma=60
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/cdn.cookielaw.org/scripttemplates/otSDKStub.js
188.114.96.1404 Not Found 12 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (31991), with CRLF, LF line terminators
Hash 85ebf335e72b31c3999b627b2d111b61
ce4bf8b48bb69e53ab444db952d77ebb0f1f3581
314d5b9760f18154f83cfa8198992ce9a6b7e6db59a8fba227171341181ae04f
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/netvutra/vitrsa/miltra/cdn.cookielaw.org/scripttemplates/otSDKStub.js HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 404 Not Found
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: max-age=31536000, must-revalidate
Link: <https://www.bharatcity.in/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nKpz6IZNz%2F%2F5XbxdqX3YJek6V%2BrRaid%2BPxBJwIdz%2FxaOw17h53gxHw0PXL9SZp2YRliXbvhLjEoMJYO2aqYvCLfTjDCarkrQdR3tv6txygl7Z1DCY%2FjlhOnmW2MIqWQgYt7iIA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447bf88c1bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
assets.nflxext.com/ffe/siteui/vlv3/1ef84595-1fdb-4404-adac-15215ceeb3ae/9b7e4892-200e-4740-909b-cdd33763fe9f/US-en-20220711-popsignuptwoweeks-perspective_alpha_website_medium.jpg
45.57.91.1200 OK 196 kB URL HTTP/1.1 assets.nflxext.com/ffe/siteui/vlv3/1ef84595-1fdb-4404-adac-15215ceeb3ae/9b7e4892-200e-4740-909b-cdd33763fe9f/US-en-20220711-popsignuptwoweeks-perspective_alpha_website_medium.jpg
IP 45.57.91.1:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 2000x1125, components 3\012- data
Size 196 kB (196541 bytes)
Hash c397fdf9de2f39168634577fa8ad222c
3303cdf20469618925e4c8f030be8c5f55d8014a
30da3ab5f9f7507063820c5201b3c95784eb2d4179aab9464659d4f3600c7ef3
GET /ffe/siteui/vlv3/1ef84595-1fdb-4404-adac-15215ceeb3ae/9b7e4892-200e-4740-909b-cdd33763fe9f/US-en-20220711-popsignuptwoweeks-perspective_alpha_website_medium.jpg HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bharatcity.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: image/jpeg
Content-Length: 196541
Connection: keep-alive
Content-MD5: w5f9+d4vORaGNFd/qK0iLA==
Last-Modified: Wed, 13 Jul 2022 12:53:46 GMT
Cache-Control: max-age=604801
Expires: Thu, 02 Mar 2023 01:42:55 GMT
Accept-Ranges: bytes
assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
45.57.91.1200 OK 74 kB URL HTTP/1.1 assets.nflxext.com/ffe/siteui/fonts/nf-icon-v1-93.woff
IP 45.57.91.1:0
File type Web Open Font Format, CFF, length 73572, version 0.0\012- data
Hash 7cf6156cc481244b5a254362d7b73f00
4391003d1cb06d2bd1921a5813a57604fa7d9935
98713b53a74ebe7e326353080c5f1653e83af61d6363c0b3c4c67d6d24197b4d
GET /ffe/siteui/fonts/nf-icon-v1-93.woff HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.bharatcity.in
Connection: keep-alive
Referer: http://www.bharatcity.in/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 01:42:55 GMT
Content-Type: font/woff
Content-Length: 73572
Connection: keep-alive
Content-MD5: fPYVbMSBJEtaJUNi17c/AA==
Last-Modified: Mon, 29 Jan 2018 01:50:51 GMT
Cache-Control: max-age=604801
Expires: Thu, 02 Mar 2023 01:42:56 GMT
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js
188.114.96.1200 OK 411 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js
IP 188.114.96.1:0
File type ASCII text, with very long lines (65433)
Size 411 kB (411184 bytes)
Hash fdad848174f092e02b7f4d1a7a35bbbb
2b77837d70f2a03003244a60dae8bca0c4ad7a4e
651403a674bd43ead0637b1f6f80bdc096dd13fb3f1787490c893ff44938d6ac
Analyzer Verdict Alert fortinet Phishing
GET /wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/web/ffe/wp/components/login/loginControllerClient.js.686362d355434dbd3997.js HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 00:47:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UYu4luT2uD7j2Yt0hC3P1%2FkvV7GJwt67gznc0JMLpws%2Ff7rAxNnRdto9bIiV2NDyi6CjQlhRGplfGu1sgWydaZS9r1mFBNWUrlyDASuQ%2B6mGJ754gwHqWpRX%2B8sEdzIGvUfbpQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc447bea8b0b65-OSL
alt-svc: h2=":443"; ma=60
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 440beb93bc2481c500bed2c2719a96ab
8231c07a8cf345bf3b1e5ca5d7b4e8af60d72ae5
14182dbb3daa77650d97e07e0c567f73648720a4b06633200dd1846da8c5b0bb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 01:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR
142.250.74.164200 OK 616 B URL HTTP/2 www.google.com/recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR
IP 142.250.74.164:0
File type ASCII text, with very long lines (974), with no line terminators
Hash 2c4a22d96b4a80c074bbd02ae7472b38
7d4948a321b1ef4c2881e711216dddde9e2eb835
5e823b1a094f44e4ec537cd2b2bf098714f4eb66591656111bedbf8a833e1684
GET /recaptcha/enterprise.js?render=6Lf8hrcUAAAAAIpQAFW2VFjtiYnThOjZOA5xvLyR HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bharatcity.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
expires: Thu, 23 Feb 2023 01:42:56 GMT
date: Thu, 23 Feb 2023 01:42:56 GMT
cache-control: private, max-age=300
content-type: text/javascript; charset=UTF-8
cross-origin-resource-policy: cross-origin
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self'
x-xss-protection: 1; mode=block
content-length: 616
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5a9e54f54243639a31020050bfc7fb55
c49766d67bea2ce07bd3c925d42897ab992f94e2
26b96bbdd02ca9498d5c7a4b970ebbec31039db95a2ce6e5a6ff665c73023a8d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 01:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.ico
45.57.91.1200 OK 17 kB URL HTTP/1.1 assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.ico
IP 45.57.91.1:0
File type MS Windows icon resource - 1 icon, 64x64, 32 bits/pixel\012- data
Hash 41b45fdce09bd6acd07c7a8949da675e
931e18dfc6e7d950dc2f2bbdfe31e1ea720acf7c
abe8012eb65c0dc0ac3e87dcc1e60e1908ebd8f12b7c47a5df1856f7a7bb1edd
GET /us/ffe/siteui/common/icons/nficon2016.ico HTTP/1.1
Host: assets.nflxext.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.bharatcity.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Feb 2023 01:42:56 GMT
Content-Type: image/x-icon
Content-Length: 16958
Connection: keep-alive
Content-MD5: QbRf3OCb1qzQfHqJSdpnXg==
Last-Modified: Tue, 21 Jun 2016 21:54:27 GMT
Cache-Control: max-age=604801
Expires: Thu, 02 Mar 2023 01:42:57 GMT
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 01:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
216.58.211.3200 OK 165 kB URL HTTP/2 www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js
IP 216.58.211.3:0
File type HTML document, ASCII text, with very long lines (839)
Size 165 kB (164689 bytes)
Hash 7f27adb1216e4ddb02884fd68a1ec297
a33a85dfc58ca995fa184035b8fdb896866c361f
aeea36b977f073b902c2c5536b21f43e931fc2ac5ba3601db228e686457e9bc8
GET /recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__en.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.bharatcity.in
Connection: keep-alive
Referer: http://www.bharatcity.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-length: 164689
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 21 Feb 2023 17:15:53 GMT
expires: Wed, 21 Feb 2024 17:15:53 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
content-type: text/javascript
vary: Accept-Encoding
age: 116823
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash be0ff97444ab9ff002dc0c3a855b6867
6b835c9cfa35b65f809ab3e8c150425048749e02
ed2c6e805d226e16f32c4a08bbe9f7171bf271fabd4d66a67efe197db6fe5407
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 23 Feb 2023 01:42:56 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.png
188.114.96.1200 OK 1.8 kB URL HTTP/1.1 www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.png
IP 188.114.96.1:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash d6577c54898865b27efb03a97919bc2d
f58422985498be08bcd599cd5d1f216d524a3e00
3ec90d79b9124b105ce54b12df6bfe0a11949fe01f5d051b07d02e5b30e393f6
GET /wp-admin/netvutra/vitrsa/miltra/assets.nflxext.com/us/ffe/siteui/common/icons/nficon2016.png HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769; cL=1677116578953%7C167711657888577005%7C167711657823327879%7C%7C4%7Cnull
HTTP/1.1 200 OK
Date: Thu, 23 Feb 2023 01:42:57 GMT
Content-Type: image/png
Content-Length: 1778
Connection: keep-alive
Last-Modified: Thu, 26 Jan 2023 00:47:29 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t7LvceA6Uw2WaDjnazHAVGdRPD4v1Eg%2BfvJEawWVFIpcistl25DQzft6AJRPWDSy1sua%2FGerfy4239EYeUvS%2FBpsOjt%2FOUvGJVeHoxeF7EaDz95U0J0JdrfDzqhZPwbvGTdvmw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc448c889d0afe-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 16 Feb 2023 21:48:03 GMT
expires: Fri, 16 Feb 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 532494
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.bharatcity.in/personalization/log
188.114.96.1404 Not Found 12 kB URL HTTP/1.1 www.bharatcity.in/personalization/log
IP 188.114.96.1:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (31991), with CRLF, LF line terminators
Hash d99876eb6982a749cca614451a140576
a9d4350927b8d3c5a3b3aca001e436fb9317935a
146cd37e429589678bcc13761e0cacefc4489f8b787c9bd4cf4cd738cf35b957
Analyzer Verdict Alert fortinet Phishing
POST /personalization/log HTTP/1.1
Host: www.bharatcity.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Netflix.ichnaea.request.type: UiRequest
Content-Type: application/json
Content-Length: 1352
Origin: http://www.bharatcity.in
Connection: keep-alive
Referer: http://www.bharatcity.in/wp-admin/netvutra/vitrsa/miltra/account/login.php
Cookie: PHPSESSID=3c21613ac4bf850c44de5add0c248769; cL=1677116578953%7C167711657888577005%7C167711657823327879%7C%7C4%7Cnull
HTTP/1.1 404 Not Found
Date: Thu, 23 Feb 2023 01:42:57 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Cache-Control: no-cache, must-revalidate, max-age=0
Link: <https://www.bharatcity.in/wp-json/>; rel="https://api.w.org/"
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=icTfU1BYgT1xZfi6Zb9mbKasQC19IdsLPNRldeGbFJGHZzxGVPNwtqPhODuC%2FXyDOBiBo%2F%2FxOQw4KgPZ5qGrHfApqflvKarKWBq4%2BH21N%2BhXbz6dmKpx9k%2BVufF0waXpqdcR%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79dc448b6f190b65-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60