r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17878
Expires: Thu, 01 Dec 2022 16:15:42 GMT
Date: Thu, 01 Dec 2022 11:17:44 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5748
Cache-Control: max-age=89363
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:44 GMT
Etag: "638730f7-1d7"
Expires: Fri, 02 Dec 2022 12:07:07 GMT
Last-Modified: Wed, 30 Nov 2022 10:31:19 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 01 Dec 2022 10:19:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3478
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4702
Expires: Thu, 01 Dec 2022 12:36:06 GMT
Date: Thu, 01 Dec 2022 11:17:44 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: iIut6mQGamBbDCZOuhDsO1lHJSn+qjfW5dgKrPzrYChiQMBQMEQZy7G3Pt1MOUGH7Wjd7/KdVxA=
x-amz-request-id: 36RH4CKGNH7VVK1P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 01 Dec 2022 10:45:38 GMT
age: 1926
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Dec 2022 11:17:44 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 01 Dec 2022 11:11:15 GMT
cache-control: public,max-age=3600
age: 389
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
lead.ac.in/
162.251.85.8301 Moved Permanently 0 B IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 01 Dec 2022 11:17:43 GMT
Server: nginx/1.23.2
Content-Type: text/html; charset=UTF-8
Content-Length: 0
X-LiteSpeed-Tag: 30b_HTTP.200,30b_HTTP.301
X-Redirect-By: WordPress
Location: https://lead.ac.in/
X-Server-Cache: true
X-Proxy-Cache: EXPIRED
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 1f88399f3fdd89dbb9ca1229cb67143a
325c9dbfd932cf9a6fb9fab2dd8e27083f55a9a3
831ecd45dcd2d5ae2ae86cd63ea5e94ecd85281b7e51054af5df9a6386fb8d79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5744
Cache-Control: max-age=170688
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:45 GMT
Etag: "63886ea9-1d7"
Expires: Sat, 03 Dec 2022 10:42:33 GMT
Last-Modified: Thu, 01 Dec 2022 09:06:49 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.165.176.211101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.165.176.211:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: L5F9kXLYDy5BaJUM2a+NUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: e4kVv2QRfjuFLG6icGsPXy3xXYU=
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 8b219ebf284be79811f7977d22d78f6a
aaee0bd2635ceae58ab50162e3efaee3e0cbede3
65faf2ad7e51e6d4083ec6d6bd4656793ac188741eb728178b4a95bfeef64437
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65FAF2AD7E51E6D4083EC6D6BD4656793AC188741EB728178B4A95BFEEF64437"
Last-Modified: Thu, 01 Dec 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Dec 2022 17:17:45 GMT
Date: Thu, 01 Dec 2022 11:17:45 GMT
Connection: keep-alive
cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css
104.17.25.14200 OK 16 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (65324)
Hash 003a16566999b99177dd5e903a4cf1b3
53bfa1a6981a12ccb734b23b65094e15a13cafae
9e493de8a2dc6fb90ebb3704df66003f96548a9c302898ed6422f6e5ff1aadac
GET /ajax/libs/twitter-bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:17:45 GMT
content-type: text/css; charset=utf-8
content-length: 15800
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04010-22688"
last-modified: Mon, 04 May 2020 16:17:20 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 15342799
expires: Tue, 21 Nov 2023 11:17:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mE6Avj9jW7mhidIvCwYrNe%2FPAN%2FYGqNHKJVtet4XihvzW1vTsY%2BKinsw9Oju13cdWrzuAxvc7zIhQdiGRtUDw3OySpqCl2Ic%2FIw02kPjeaXiVUPyCvUqUh3lL5iYoHA1YJnWOL%2BA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 772b6b1179feb51b-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=UA-130930898-5
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-130930898-5
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 9aaeef9c6ea30867c44b1cd2262ad17e
9575f21f76465381cd9f9f2642c774b5715dbde7
2890e1d4245b75280dd90fbc05763828d6c0c50fe8392d9d01a59b19fd71bf96
GET /gtag/js?id=UA-130930898-5 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 11:17:45 GMT
expires: Thu, 01 Dec 2022 11:17:45 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43535
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js
142.250.74.168200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 8ecfb0b4c4d4acaa66331a33cdb1607f
1a67d0dc60b6ba3de7b1c27aca3a6f201ea25d7b
aebe5236f5436535dc7009dd2446e17ea8f90895789edc9fe24a11d2af0899af
GET /gtag/js HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 01 Dec 2022 11:17:45 GMT
expires: Thu, 01 Dec 2022 11:17:45 GMT
cache-control: private, max-age=900
last-modified: Thu, 01 Dec 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37462
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 188c50963e7939b1f26a31dbcb8c8200
859416e6148ea6618584e53604efcf072bb989cc
3a313cd3c1693a886bfbf6ffc6fbac78f87e6ded2b9a7749553444ada65ce36e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lead.ac.in/wp-includes/css/classic-themes.min.css
162.251.85.8200 OK 189 B URL HTTP/2 lead.ac.in/wp-includes/css/classic-themes.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 5a18e16eb01cbaa862eb32e6b77bedb2
3abf9b913cc9f558f02cba7c9b822f8d1812cb96
d2b5af913332941d5ae7786d1fa70e0d009315c4ede6ad5b80d0f663bb54521f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/classic-themes.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:46:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 189
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 3519a58310eefa01756f0440e2acd7dd
50153382830684a6abb653dc7b4e41d7c7e386b5
5f321e771fa62d9f794339006752655316cdb6e8d69bc23e1d0e3c8bc526f12e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/vendor/jquery.qtip.min.css
162.251.85.8200 OK 2.7 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/vendor/jquery.qtip.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8982), with no line terminators
Hash 293f08b3f361a0745559c14a8ec4b318
c5fb26e62701d2ec98e7f8ec85cb66a0befbae7a
c3bda5020b14d5c67edfb27c4feaa68f22dcccb487005ec2ae7c0a6bf54da91f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/css/vendor/jquery.qtip.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2697
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/default-calendar-grid.min.css
162.251.85.8200 OK 2.2 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/default-calendar-grid.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (10456)
Hash 230dbc5b40a8ace638d0efdb58a1ac7f
9925a798505d9eb1557b0b5dc2c768f62e2c6e05
41a165864d3d60b14276701cf2d51b05fb24f8f35644e06f6045ddffdbf6d843
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/css/default-calendar-grid.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2239
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/popup-builder/public/css/theme.css
162.251.85.8200 OK 15 kB URL HTTP/2 lead.ac.in/wp-content/plugins/popup-builder/public/css/theme.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4774)
Hash 3879490522050b0b43ee02e18031e281
7a7661f8b5e7e03ff0278a5d25781ada30bdb9c4
94b9a54399649a19fccfc8518ad87e133d556c02f8737049d5bcc267430c23a6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-builder/public/css/theme.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15343
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/default-calendar-list.min.css
162.251.85.8200 OK 2.0 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/css/default-calendar-list.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (9136)
Hash d33857a218993c9cc3093b6658401c95
13623c362fadd5ee7087fdcce79f35527a676ce2
7835d43c18b74dcd842ce79d18b8eda5b9e31474606125d7740303d1c89e3aed
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/css/default-calendar-list.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2014
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/07/best10-1.png
162.251.85.8200 OK 2.9 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2021/07/best10-1.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 47 x 57, 8-bit/color RGB, non-interlaced\012- data
Hash df82a45571ec5d20e090bc9a6da74fae
d43da816c57fc41de73a1ba04255789ac41f51a6
60311a8bd2d3c96c69e604c64e0f716635eb03e7dddd80420a088e91534dacf9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/07/best10-1.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 11 Jul 2021 17:08:26 GMT
Accept-Ranges: bytes
Content-Length: 2931
Content-Type: image/png
lead.ac.in/wp-content/uploads/2021/07/university-of-calicut-wikipedia-university-of-calicut-png-220_220-min.png
162.251.85.8200 OK 14 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2021/07/university-of-calicut-wikipedia-university-of-calicut-png-220_220-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 220 x 220, 8-bit colormap, non-interlaced\012- data
Hash 8479a19955241d72a03b7858e1358867
fca1ad5d4210ea9578b3d8ac23afc1cfd746963f
ba2d0072eb50e478f99d36ff0e9f2eaccccae07f5ca887db91e2ab10600e2e62
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/07/university-of-calicut-wikipedia-university-of-calicut-png-220_220-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 09 Jul 2021 21:35:26 GMT
Accept-Ranges: bytes
Content-Length: 13942
Content-Type: image/png
lead.ac.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css
162.251.85.8200 OK 1.6 kB URL HTTP/2 lead.ac.in/wp-content/plugins/elementor/assets/css/frontend-legacy.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (13766)
Hash 7e47cec420b48e49d1e640389561dea0
c2211071a56905121ef526b8860cc0b87ed37cc0
caf6180227353323d2fcafeefcf9686c00034933ee249093ba6e61c10954228e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend-legacy.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1609
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
162.251.85.8200 OK 900 B URL HTTP/2 lead.ac.in/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3432)
Hash 1e0ef5b4ebd931aecd01564980628978
e618b92e03a6c4bd4abffed22abb1e835c05a601
1deef467f6db854d82e8c6288086664c7cf60a41b18bb7216d63bb83061ba878
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/css/view/general.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Nov 2022 13:20:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 900
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/feed-them-social/feeds/js/powered-by.js
162.251.85.8200 OK 237 B URL HTTP/2 lead.ac.in/wp-content/plugins/feed-them-social/feeds/js/powered-by.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (316), with no line terminators
Hash 4b0192d9d319f2ca807abd6b7bf669cf
dc8778380007befcbd5996b481e599ea256df7e7
bf7b3b3b2c8558012c3927bd0b0ebf515a57a45f33a2d3606bcbde7e460b47ce
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/feed-them-social/feeds/js/powered-by.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 237
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-includes/js/jquery/jquery-migrate.min.js
162.251.85.8200 OK 4.6 kB URL HTTP/2 lead.ac.in/wp-includes/js/jquery/jquery-migrate.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (11126)
Hash acdb97105af28a7066790c6748ae2e1e
65794d2c5a9d04f747faf370bc8bacd330e69e5a
dc4efbc4b704b142b5313588c32e56ea56648068a01d2bc596a4eee06b379b5e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery-migrate.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 20 Mar 2021 09:14:02 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4618
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/css/prettyPhoto.css
162.251.85.8200 OK 4.0 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/css/prettyPhoto.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (402), with CRLF line terminators
Hash 5a1ac7452fe38760cf38c981b09b2c1d
f0b73846bb7bcf51b8620b4fd8489329bc8a12ca
51f294073675b2e68360de7ee94798635228d22a60b5605cdff9f3bc227e698c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/css/prettyPhoto.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 15 Feb 2018 06:41:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4007
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/profile-builder/assets/css/style-front-end.css
162.251.85.8200 OK 7.0 kB URL HTTP/2 lead.ac.in/wp-content/plugins/profile-builder/assets/css/style-front-end.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 30cbed7f417d415ef2afe283dc63bcea
357cbe05da1587fc467cb433b82a83d77da69395
05f852d5ff427b503e85be598ec03b1451256ccc5fea80c59d93b21eda47af6b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/profile-builder/assets/css/style-front-end.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Nov 2022 13:20:36 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6955
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
162.251.85.8200 OK 12 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1667)
Hash 3942cad498bbff59c47999ddac31f515
bf7debcd4ed6169d0f0acedb67b2109369e98cca
77921da08dc85cd7314c953e62dafa5d5b09c5bf5b0bcf08d148d8815fd71a12
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/css/style.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 04 Jul 2021 13:34:52 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12009
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/popup-builder/public/js/PopupConfig.js
162.251.85.8200 OK 1.9 kB URL HTTP/2 lead.ac.in/wp-content/plugins/popup-builder/public/js/PopupConfig.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2826)
Hash 8fdc9c05d68f6b2abf923008cbefb76c
6fac390eb1212fe63dd604852b28eff3a9ab7538
4ea4425287650bfc5d48b5746f12c980b2b1cf2921d5fa42fdd97a9f75b36bd7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-builder/public/js/PopupConfig.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1922
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/mystickymenu/js/detectmobilebrowser.js
162.251.85.8200 OK 1.4 kB URL HTTP/2 lead.ac.in/wp-content/plugins/mystickymenu/js/detectmobilebrowser.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2065)
Hash c3b50d284b99510f89656936379649c6
8ae1ea66e875299ae8158718110517212b3e2299
1571e16072b26846d00db4483c67c5402464e98ec8300b6fc2e1ac34e77a49d3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mystickymenu/js/detectmobilebrowser.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1381
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/feed-them-social/admin/js/admin.js
162.251.85.8200 OK 335 B URL HTTP/2 lead.ac.in/wp-content/plugins/feed-them-social/admin/js/admin.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash a9eda11ec52e7ed5b14e1a9cf4cf4af7
df4e81e9b5edddd11d94a23f680e99b09849e079
5da07065ed006d067d3da6d47a450996136554820bb38a1c57fceb0cb99585e7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/feed-them-social/admin/js/admin.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 335
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/mystickymenu/js/mystickymenu.min.js
162.251.85.8200 OK 1.6 kB URL HTTP/2 lead.ac.in/wp-content/plugins/mystickymenu/js/mystickymenu.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3980), with no line terminators
Hash 83577bca57e843bd21e0866acb7bbff3
924728492940504acfe3d3132e04c13d61f769f5
3d19fbbc352a2edc76ee38f4eedc8eecf714fa2cd0e0bcae1b78ac233389944f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/mystickymenu/js/mystickymenu.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:40 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1584
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/feed-them-social/admin/js/encrypt.js
162.251.85.8200 OK 1.4 kB URL HTTP/2 lead.ac.in/wp-content/plugins/feed-them-social/admin/js/encrypt.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash b67273d68ee263f7d1d0f9036a3a811b
cbd7c64ccf1904ba1c1cb592eb97101f72b62741
2c853bce09ed3d0110bfc2dc597787ebe753d135e0a2356a8c21228d9dd79a73
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/feed-them-social/admin/js/encrypt.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1395
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css
162.251.85.8200 OK 3.9 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 5b0c574e03779be19d18cce107d62160
320630c96c7c49ff3370fed3d967e630a3cbf094
24c7a07297ac4f253fb1ad520f14d6b5c67970822bbb721480ed2852c9f16f77
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/css/lightgallery.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3910
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
162.251.85.8200 OK 3.9 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (1577)
Hash 0de3f234bf5adf709c64d6a81701e107
ec76e30709d2ac94c86121529768c54b84943872
c67075988b28f06061348cebb275f465c608e141f9a00b50c5e4824f57ed10f3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend-gtag.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:07 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3861
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/animate.min.css
162.251.85.8200 OK 5.2 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/animate.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (55728), with CRLF, CR line terminators
Hash 581f1f675933d0b84a752fe7f916bd07
e75e99cb3dfc9d9a513689019acf39c54754ad03
54a4c24868a75f5a422c68baff6139e1c2e7b02ff2cc6442f092aa57e69ac8e3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/animate.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5217
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/07/acbsp1-min.png
162.251.85.8200 OK 11 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2021/07/acbsp1-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 220 x 220, 8-bit colormap, non-interlaced\012- data
Hash 8ae91979120c801d1f3df7e450cb9cf0
691a19ef27439ce482160c096e831861dd860b42
6d959ca00db683c74b2d2fd75a26219ecd12c7076df86807cbfe5f682e2cb51b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/07/acbsp1-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Sun, 11 Jul 2021 17:05:17 GMT
Accept-Ranges: bytes
Content-Length: 10753
Content-Type: image/png
lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css
162.251.85.8200 OK 3.5 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with CRLF line terminators
Hash 8640d00a0186569ef8a0f14f40983dd3
79f0f27ea56898aa4146e536510592d9c740398e
50a48761f9ad7706af35758c8f6a187e3d75bd925dbe9bc00b11a404e6c90af1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/sa-owl-theme.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3529
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/feed-them-social/feeds/js/fts-global.js
162.251.85.8200 OK 6.7 kB URL HTTP/2 lead.ac.in/wp-content/plugins/feed-them-social/feeds/js/fts-global.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (542)
Hash 6aa7e6c1e80c9eb5ad12d29a83dbcba7
8f68fd65c296522c58db585fa4a1ecab394cc050
5a99afae56d58472725906a5079913d89a77993eaf8ed21595bdc24afb0a57ab
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/feed-them-social/feeds/js/fts-global.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6729
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/popup-builder/public/js/Popup.js
162.251.85.8200 OK 11 kB URL HTTP/2 lead.ac.in/wp-content/plugins/popup-builder/public/js/Popup.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5515)
Hash 16d1fec49c44e531ed32df9f6995b4bf
1c6d9f123ff57ee98eadc1e012937ed924a66a1d
8e59a944841abfefb8a994d0e6b0beda7f3a6d68f73a5b7e45ee789d37a5bc12
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-builder/public/js/Popup.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10580
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/js/script.js
162.251.85.8200 OK 825 B URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/js/script.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 9090e0882b8d9347a719faf618c4c08b
afd1fb09dc1afe6f57ef54c17ca75e7f03d5fa92
61ab2d94c64ccf52614682b59d7dae48ccf6feb54da2e34c60ab36e831cec3e1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/js/script.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 30 May 2019 08:37:19 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 825
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/imagesloaded.pkgd.min.js
162.251.85.8200 OK 2.1 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/imagesloaded.pkgd.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (5442), with CRLF line terminators
Hash 8b1135633d4e02d0a04e5bf537574bba
c2144297e28520059848747a214176fb63ae92a1
03a6b60e50d84ce03d58f3505eef2e2cb76baa627954f7a33753381a91f85c71
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/js/vendor/imagesloaded.pkgd.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 2065
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/07/220px-All_India_Council_for_Technical_Education_logo-min.png
162.251.85.8200 OK 24 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2021/07/220px-All_India_Council_for_Technical_Education_logo-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 220 x 220, 8-bit colormap, non-interlaced\012- data
Hash 6086f4f8b123a87a25d2406a0f50d7f0
f95909ce168954380f7621ff387da9ec23ea54f6
d91e2bce532eb0d644d36301a14b3f890f637dd08c8f76199ca22b98dfa02840
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/07/220px-All_India_Council_for_Technical_Education_logo-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 09 Jul 2021 21:35:28 GMT
Accept-Ranges: bytes
Content-Length: 23923
Content-Type: image/png
lead.ac.in/wp-content/uploads/2021/07/NAAC_LOGO-min.png
162.251.85.8200 OK 28 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2021/07/NAAC_LOGO-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 324 x 309, 8-bit colormap, non-interlaced\012- data
Hash 4d64bc27aa47063f1b92e2050a30cecc
cf73336da41e933471e7c77cbb05b4924e94a1f0
5d68a18c7f0a67c707f42b02cec49856e282369d963ee2f705c1e9e8827a32b8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/07/NAAC_LOGO-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Fri, 09 Jul 2021 21:35:32 GMT
Accept-Ranges: bytes
Content-Length: 28065
Content-Type: image/png
lead.ac.in/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js
162.251.85.8200 OK 3.0 kB URL HTTP/2 lead.ac.in/wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (8185), with no line terminators
Hash e0fea81cd5864819e1795e09fb0db808
f36029824f283e56db1752c034a4e3abc9d95eaf
fcafe0fc6d4318bd5326aa1752906e097bd5defbb2062059ac89887dcf042f49
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/essential-addons-for-elementor-lite/assets/front-end/js/view/general.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 28 Nov 2022 13:20:29 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3022
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js
162.251.85.8200 OK 1.2 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3342), with CRLF line terminators
Hash aeae98bf342dd5356533adf0f9c2a00e
e513e2873e5e6c426270adf25e2fdc38591d468f
4648ad517d60fe668ad6c5fed188f0311a722fd3f6ea389b9dbf505d771a1601
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/owl.carousel2.thumbs.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1215
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js
162.251.85.8200 OK 1.2 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (2584)
Hash d3c7c579b74aed3dcde6ad1f1376b6f4
39cba7a1adbaf7d2b51ccf6d42164dbfa791fce3
e891d3cc839bd3650e204f3dfbb4e78546f141b4318594f101982a624cc00d6f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/js/jquery.mousewheel.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1215
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/default-calendar.min.js
162.251.85.8200 OK 1.9 kB URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/default-calendar.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (4919)
Hash 73ff7519f809f73f145e24421a715edc
bbde6ca677bced32edf789b3f3c2b8977ee6e8d8
584935b94aecd7dd6dac1a64223b9195ad9c825f9110447305ef90625b2e0866
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/js/default-calendar.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1949
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css
162.251.85.8200 OK 7.8 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (29527), with no line terminators
Hash dc61f09bfda5b18b1b6494f6e4530055
f37bd03961b4ededbde04c169f755b31546a0c18
862990de8a1ae11fd3603bc5a4946969f2ad6d4f92db95a614ac1528710e21e2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/css/lightgallery-bundle.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7801
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3a.png
162.251.85.8200 OK 6.4 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3a.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash e2f1483f0a319786c4f848bc6a8d11f8
af571b7874f82168f88b2aa0d9ec0c4da43494f2
525926f5e919430a748289c6110d066f598ae985950644221f1a137875eb3b43
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon3a.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:59:24 GMT
accept-ranges: bytes
content-length: 6443
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/lead-alumini.jpg
162.251.85.8200 OK 20 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/lead-alumini.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 288x229, components 3\012- data
Hash c5e8679c31b51748a58a2f8f848e160f
94b9260369577af2680a8f89ce8adfc59c067658
8a26c789e16fbf998d99a2610d42b7c27127ca81ad018b8e4ae1d41828eff3a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/lead-alumini.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:46:33 GMT
accept-ranges: bytes
content-length: 20406
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3c.png
162.251.85.8200 OK 5.8 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3c.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash e3d2c0b88f5c5cc0f507dafe622a25d2
ec116a2e6bcb557a418b2a943b0be27f61ee3981
d2eac41e07c7e865b4c326dfb3fa54b904accf3968b10ca87542d6781b5944f5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon3c.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 12:00:00 GMT
accept-ranges: bytes
content-length: 5843
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2019/04/home1.jpg
162.251.85.8200 OK 24 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2019/04/home1.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 445x205, components 3\012- data
Hash c25e0bb98cec6750abcc9541d20b9b2d
4553ba22e1f88ffc04fe295e81872ad21bc1153f
c88e4d91691d7766aa0cb97483eb1bb0e994243c3a94040bf46299f1ceaa234d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/04/home1.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Apr 2019 10:21:30 GMT
accept-ranges: bytes
content-length: 24355
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2019/04/welcomeimg.jpg
162.251.85.8200 OK 25 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2019/04/welcomeimg.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 416x407, components 3\012- data
Hash 9a65847357d8f1063a63f8da112267db
b2d42ea9a7d5de9c329ddf9459e14d39164f3763
bc15dff6d39904e682a3a2780a08c3a5c82dbf98e1453cff2c4610380505acef
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/04/welcomeimg.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 05 Apr 2019 10:26:46 GMT
accept-ranges: bytes
content-length: 24910
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/autoplay/lg-autoplay.min.js
162.251.85.8200 OK 1.4 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/autoplay/lg-autoplay.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (3955), with CRLF line terminators
Hash 7a5f340a541735958db24f177d378190
1370f20cbc625331a9cf55d5400915d2f44c4b8f
9cfd2c37ead39361239cfcc79b935d0bb7cf83ee0839fa7b89c9408ed29fbaa5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/plugins/autoplay/lg-autoplay.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1429
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/player.min.js
162.251.85.8200 OK 7.6 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/player.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type Unicode text, UTF-8 text, with very long lines (17563), with CRLF line terminators
Hash 989e36e3c5b3d727ff5c952e728b842f
3c824f2853718e7f5c572bfecb6af81f2a8a291c
4bd8a2986d6ad81623ea099f8ec5f1db3d87c07f9b162e29a20f410da71b6aed
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/player.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 7592
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2022/11/Logo-min.png
162.251.85.8200 OK 38 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2022/11/Logo-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 299e280975cfc5ef4a3ae49f530c5f11
ee4ec670b3fdaf88f11330345b688c0f6dccf944
94f9f57a8367caa8d586cba0f8e731b79062c5ca3a5dba846a5828b59f83ec84
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/11/Logo-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 22 Nov 2022 16:44:49 GMT
Accept-Ranges: bytes
Content-Length: 37823
Content-Type: image/png
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js
162.251.85.8200 OK 3.0 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (7930), with CRLF line terminators
Hash b6fb387871f3227903e85634ecedc8ac
2a845e867e620462b492d762287ac27d05360537
cd86b32387e81345d8602ae285a190ad27a1a4fbebc72ab650e34bc5e0aebf3c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/plugins/video/lg-video.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3033
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8044
Expires: Thu, 01 Dec 2022 13:31:50 GMT
Date: Thu, 01 Dec 2022 11:17:46 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8044
Expires: Thu, 01 Dec 2022 13:31:50 GMT
Date: Thu, 01 Dec 2022 11:17:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8093
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:17:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8093
Expires: Thu, 01 Dec 2022 13:32:39 GMT
Date: Thu, 01 Dec 2022 11:17:46 GMT
Connection: keep-alive
lead.ac.in/wp-content/uploads/2022/08/National_Board_of_Accreditation.svg-min.png
162.251.85.8200 OK 41 kB URL HTTP/1.1 lead.ac.in/wp-content/uploads/2022/08/National_Board_of_Accreditation.svg-min.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 1200 x 947, 8-bit colormap, non-interlaced\012- data
Hash 0b42040a32169c4a92ce83d1ad6eefd5
f703e86889297c2135be089be1ebb0d273b8a045
42027f2ee52cefed1bcea0dfb2431d9a0b8bb8b110551f04f7e6e06ddf3c6271
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2022/08/National_Board_of_Accreditation.svg-min.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:46 GMT
Server: Apache
Last-Modified: Sat, 27 Aug 2022 16:52:37 GMT
Accept-Ranges: bytes
Content-Length: 40900
Content-Type: image/png
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js
162.251.85.8200 OK 5.9 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (16206), with CRLF line terminators
Hash 99cab48d5f682a836beb166316afa6ee
55d0afac600a737b490bb9e2440585e57dba601e
b1df7fd0032ee0c6adfc3b06b5e252669e86cc7357539d1aaaaafee69d0f15fe
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/plugins/zoom/lg-zoom.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5941
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/
162.251.85.8200 OK 34 kB IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9381)
Hash 8081fbe2efa7e7dac2cc138b3559f088
81d695676b9ae461033f58a031e5ed43a4816b67
25ee9d5043c2803323db8629429d4bb32ac2906a707851f1d47873e277a3280b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
content-type: text/html; charset=UTF-8
x-litespeed-tag: 30b_HTTP.200
link: <https://lead.ac.in/wp-json/>; rel="https://api.w.org/", <https://lead.ac.in/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json", <https://lead.ac.in/>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://lead.ac.in/wp-json/tribe/events/v1/
x-tec-api-origin: https://lead.ac.in
vary: Accept-Encoding
content-encoding: gzip
x-server-cache: true
x-proxy-cache: HIT
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3b.png
162.251.85.8200 OK 6.7 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon3b.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 76 x 76, 8-bit/color RGBA, non-interlaced\012- data
Hash e812dc29d9cb230f8d21b510835f777e
26c86d0d75763e4b8b693407278cdfddd3f2559d
5ce2243c8c164b4d5ac4f55351d279cb541aa2ddb7a1bbe13a82d29fe9555beb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon3b.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:59:45 GMT
accept-ranges: bytes
content-length: 6732
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CJiSRzIK7-rQE81gaP2We0LhgKX1YmuJKEGYEqW34Bm1KMx6NB8yhQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 04:29:19 GMT
age: 24507
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash acffcb88ce68b2d70c9c046a7b5a4aa8
cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1
692d782ac1d812de6dadbcfe46034b6b5d8bbd586e56beedd96dc4d65445dd4c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc2c1d47-fc4a-4f23-a6f7-5ac8f3a68490.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12035
x-amzn-requestid: eef7d417-c6ca-4e3f-ac00-1425f3d5c4a8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb0TSGHDIAMF_jA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cdae-467c79a805dfb5622687f628;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:39:58 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: haFJ2LZecbT4HRbkvcaZxR4SAIx5cGxNyghKiDOJVX6xDkPwzc2wNQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:34 GMT
age: 48732
etag: "cd016e6c0bf5c6eef06e933c9a5257ff4fca9bc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26d6dffbf400da4803a2e76e2a8ef2f8
2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8
04c6e31623fe48cbe83dc91635bfa47b337590f18919995b08d5bde27e929e03
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F600016d1-5abb-4a6c-996a-933a8d4bc6df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8740
x-amzn-requestid: 4823cf63-98eb-40d3-bb8b-e09cd2262f36
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cP7SqHjYIAMF8xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63830c10-316b213c33ce9bc2355c0900;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 07:04:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tK4wl-g5kcUhVFE3iZGILhZhZSsaMzQD9JTBHj1JXV95yXs_e3gMGw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 13:21:34 GMT
age: 78972
etag: "2e62f9ed8f5e7b2f888a73320dd98b0cda9303b8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 820cf89fcab8380adff42982c9fb11ed
84241ddddbbfd7de30118307fb1a62800d0a4cb3
0d051495f06ac84de934283b40cbfee7a042d32153a73486dd7c017430e882d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83cd87b8-4041-419b-ab34-9f8e5a326f4b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12898
x-amzn-requestid: 9b594c3c-6b8c-4589-8fcb-b3d7518b46f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cQZBNFxToAMF_9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63833ba1-767f510d72eef86d0cc892df;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 10:27:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: gsn5uUFEzDZDOMPTvW9UQxtccvRfJKUM4eJ8U99jvUGzNIKkF9SzeA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:49:20 GMT
age: 48506
etag: "84241ddddbbfd7de30118307fb1a62800d0a4cb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qftF-GQkcjKTs30KMGCTDymw2SVSXeAYKGNWUnaMfvIb8HjtfHUx8A==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:44:47 GMT
age: 48779
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ffd12f9c423ffc627d9e3b3145944fe4
5cf9a7a784952e1bb0cbe499104f1774b1269d08
a25f1b752d9af599aefd73073c105853130f1759905269de3d582d2eb35fe167
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb0e1339e-3c63-4033-8b5b-e21137509777.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16038
x-amzn-requestid: 9d34c42b-ba0c-498f-8f99-d4ab527ffa89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cbzMdHXNIAMFgaw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387cbe9-376846f31dc9b995797cbd18;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:32:25 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DngCuOTO9fQAwWe_ip6EtBcgruigZN6Bl1_v5BHM2dsWlhqCXCL3gg==
via: 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 21:45:33 GMT
age: 48733
etag: "5cf9a7a784952e1bb0cbe499104f1774b1269d08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js
162.251.85.8200 OK 16 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type ASCII text, with very long lines (31997)
Hash 8a2ba9702fb3cca3c84924959fff383d
ec7e32b952d84e211870dd0e9f1520582e3b4270
ebcdf76e9e513c320785d95cbfa122a4aaa6143fc8ea69a2ea0dedf0277828b8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/owl-carousel/owl.carousel.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 15883
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/css/blocks.css
162.251.85.8200 OK 753 B URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/css/blocks.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 2acf702b07dc1fa8a563d00fb25a6ffe
2517193ce4a0123f57a1908f66ad3186b22a3413
ec2e75a54bf30dab684dc8b44b2f2167c232f30db41010ded1a72f0accd0c24a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/css/blocks.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 03 Jan 2019 17:23:06 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 753
content-type: text/css
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lead.ac.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 56611
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lead.ac.in
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 56632
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/popup-builder/public/js/PopupBuilder.js
162.251.85.8200 OK 55 kB URL HTTP/2 lead.ac.in/wp-content/plugins/popup-builder/public/js/PopupBuilder.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash c9714dc21c5d9c320d50509331ae602b
faead4cdbee7be8fac05016c738b5ab937bb0f89
459ba93276fbff496063e1653bfc71119ad6819ac772a26658ab7ecd9f76d8e4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/popup-builder/public/js/PopupBuilder.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:11 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 980f31229421fd11df958496bea34502
648e03f048e6741beb1d4e10099b1429b79e4f00
887d1a1020b73fa3221c168713525f99474ac02fa10e251b5b23f6c0c519afce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:46 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
lead.ac.in/wp-content/themes/lead-theme/theme/img/logo.png
162.251.85.8200 OK 12 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/logo.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 125 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash ba5ebc6a1a5e9bc26c896e6328cfde2d
bfbd28da4b4d61cde5c779d4a3ae97009172f3a2
472bff403631c68afcaa2be00decd894aa031e8faeb12e3ab37d2e94059bbcbe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/logo.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:37:55 GMT
accept-ranges: bytes
content-length: 11921
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/drop-arrow.png
162.251.85.8200 OK 3.6 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/drop-arrow.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 7 x 4, 8-bit/color RGBA, non-interlaced\012- data
Hash c330e2f266a978318b47a4dd3cf15088
b540ab8d8613d60676cb2d05da638e27a335aa24
a96191c8d03b9ab3e4ff2b0f6a469936478efacffd631a02bcbda443ff5bf132
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/drop-arrow.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 28 Feb 2019 05:44:59 GMT
accept-ranges: bytes
content-length: 3595
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-includes/js/jquery/jquery.min.js
162.251.85.8200 OK 41 kB URL HTTP/2 lead.ac.in/wp-includes/js/jquery/jquery.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 175e0092ca6a507081bd80e194e71a59
8df68f68fc16505e7ba73c118152167abbb81219
021f79b8b40d4f6c7f46bac693e684eeb9323f4bbc2f5c46a7b1c04998f30c89
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/js/jquery/jquery.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:46:25 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1a.png
162.251.85.8200 OK 5.3 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1a.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 82 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash ad5ee7a797ad771e4872c57a0ef131d9
cce1990b94888c54b19ca0f0e5d6b6149b2a7d07
b79e1798997678ff5ec6a48c2c47c07fe32e6e5329ce3300f738729ef45664d1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon1a.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:42:33 GMT
accept-ranges: bytes
content-length: 5316
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/cap.png
162.251.85.8200 OK 6.3 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/cap.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 133 x 99, 8-bit/color RGBA, non-interlaced\012- data
Hash 69b0697909339776ba08d13a92b589d3
920f6b64916e221b8b1836cbc9225fa3305210b5
f1432fb91bcadb436d5a914318127bb60648ab389f130fe6fc6787dfe1fcc131
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/cap.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:38:27 GMT
accept-ranges: bytes
content-length: 6322
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js
162.251.85.8200 OK 735 kB URL HTTP/2 lead.ac.in/wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Size 735 kB (734794 bytes)
Hash 77260308eb002d0772baf4d4b8d6a931
430943b74e7a8235ac52bc8de800cc241956a0a6
24771df63308e06ef30cda5475c06913f3d292ee3bca89c4baa7528b3534bed5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/slide-anything/lightgallery/lightgallery.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 29 Sep 2022 10:16:46 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1b.png
162.251.85.8200 OK 5.2 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1b.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 82 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash c6a9526a1659e3e25338eb1bdd15df2e
bdb14e8edcaee8e4591ff8782a6aff7490fe9550
7ba35e22166bd394b5d74749cbdbd09c9d6565634349d8c7b6cc8cbfc40fa2cb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon1b.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:42:52 GMT
accept-ranges: bytes
content-length: 5231
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/bg1.jpg
162.251.85.8200 OK 105 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/bg1.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x701, components 3\012- data
Size 105 kB (105335 bytes)
Hash 49ad399e92d3d4d37e480c3ff665c6ab
0297085c1076a489ce5352c096c5b0410fbe9401
50b158c9cb27ce8c39a9d8b8a11bf3c92b332502c43ac4e5533337be3ef8c40b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/bg1.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:45:11 GMT
accept-ranges: bytes
content-length: 105335
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/bg2.jpg
162.251.85.8200 OK 370 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/bg2.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x833, components 3\012- data
Size 370 kB (370190 bytes)
Hash dd2a25e60da2b57bbad18cf4e2417e8b
1b6289e892370f86c07a8f6e77dfd1f02e67dea9
0115d3aca16769d646d802c4ec12aa375b9cbd670ede11cfd186d5e0d089ee64
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/bg2.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:52:08 GMT
accept-ranges: bytes
content-length: 370190
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2b.png
162.251.85.8200 OK 4.5 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2b.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 38 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash cdcdae582efaf7dc9d3e5477fd94fe76
0accdff2881b689bb62e99fe7450ca5abfab8816
99aebb5ca29eab6fe01ef6890210c94edf03e6eb8c7452c52eb27db94611cd2b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon2b.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:48:43 GMT
accept-ranges: bytes
content-length: 4508
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 08a1a290608282a869757a88184cabee
c1d1f8b4fa0b97ce1a7688bd60caf75e618e9094
6b92880972ae8e28d68969aa8a246c5a4999b26543dccb8d1c059e791b9fc02b
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:47 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 29 Nov 2022 02:49:13 GMT
Expires: Tue, 06 Dec 2022 02:49:12 GMT
Etag: "c1d1f8b4fa0b97ce1a7688bd60caf75e618e9094"
Cache-Control: max-age=400884,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b6b190dceb524-OSL
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1c.png
162.251.85.8200 OK 4.3 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon1c.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 82 x 74, 8-bit/color RGBA, non-interlaced\012- data
Hash 2838ad46a3c3939d2b4b8803c2f071f4
25aed6bba6dfcf67eafc6a5f159c9891d4fee685
4fdd3a508cc2d1176386c3566c103173f4ada634fbb24b3d3a261719e6db664e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon1c.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:43:08 GMT
accept-ranges: bytes
content-length: 4269
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2019/11/reg-3.png
162.251.85.8200 OK 26 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2019/11/reg-3.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 77, 8-bit/color RGBA, non-interlaced\012- data
Hash 56a34f35ef32df040f6b975c13845c34
dda088b49622b7ad2235f1e67e7343e156041584
2e697259ab4a811c5456183a4dccbebe392cc665a1a4afafbaa4a81894254482
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2019/11/reg-3.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 05 Jun 2021 17:13:28 GMT
accept-ranges: bytes
content-length: 25636
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/elementor/assets/css/frontend.min.css
162.251.85.8200 OK 37 kB URL HTTP/2 lead.ac.in/wp-content/plugins/elementor/assets/css/frontend.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 028f1f1c50a305c03809e618617f7bcb
a6c182b0dd3f506fbf8c4470ffab04eb0b65397f
c5aa4223e8190d2acdf62ba1e7632325ef56c26a85f32f161149baadb01f1ffe
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/elementor/assets/css/frontend.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:01 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2a.png
162.251.85.8200 OK 4.2 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2a.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 38 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ac735d039772bec76f29d4a39e0122c
2141435c48cab68074d17b7b2b28693a0d889f8f
36ec2f974a30c951ae14c5638156daaac07687c29e0536620ec09c7674e20746
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon2a.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:48:22 GMT
accept-ranges: bytes
content-length: 4235
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/footermail.png
162.251.85.8200 OK 3.9 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/footermail.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 19 x 14, 8-bit/color RGBA, non-interlaced\012- data
Hash ac927569a3c3f9337fa56bf30323349a
5ff9ff7c907f0274ae24044f625883869fc3ab39
392c76aced3a1112b73f664ea63c582c4c7301ee9169efd2f9ac33300011d175
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/footermail.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 12:02:29 GMT
accept-ranges: bytes
content-length: 3920
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2c.png
162.251.85.8200 OK 4.1 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/icon2c.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 38 x 37, 8-bit/color RGBA, non-interlaced\012- data
Hash 98b49f52cb60e722ff48c5a34fac31d8
ec39755bbee5c9fbbe0118d24fab72effeb184f3
20339c21f1a94f8f40a801e7a00b50c12d8d82cd59b64e09d1ae3a9ab4323372
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/icon2c.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:48:59 GMT
accept-ranges: bytes
content-length: 4121
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/socialmedia.png
162.251.85.8200 OK 6.0 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/socialmedia.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 150 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash fef3e9b5f0034a34a22f6f6d62512526
4b75174c4068fa4c770807e50fbec6d0ce342010
6a7b604ffbf5fb668888159ff2b12539913d51576cd0902b12ef68fea534e901
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/socialmedia.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sat, 09 Nov 2019 15:22:19 GMT
accept-ranges: bytes
content-length: 5956
content-type: image/png
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
marketinghub.zoho.com/hub/js/WebsiteAutomation.js
136.143.191.162301 Moved Permanently 134 B URL HTTP/1.1 marketinghub.zoho.com/hub/js/WebsiteAutomation.js
IP 136.143.191.162:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /hub/js/WebsiteAutomation.js HTTP/1.1
Host: marketinghub.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:47 GMT
Content-Type: text/html
Content-Length: 134
Connection: keep-alive
Location: https://ma.zoho.com/hub/js/WebsiteAutomation.js
Strict-Transport-Security: max-age=63072000
lead.ac.in/wp-content/uploads/2021/04/red.jpg
162.251.85.8200 OK 387 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/red.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.1 (Windows), datetime=2021:03:06 12:21:37], baseline, precision 8, 1080x1080, components 3\012- data
Size 387 kB (386581 bytes)
Hash 89a9b5586b7351ffe9e5c63a6583a723
09f2df65c2a9971c09e2bcee80b80f45b4826182
b24abbcde71c769396c9357668ec8132f639e0f80ec4a8d7cb82093e8f362ee4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/red.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Apr 2021 14:07:41 GMT
accept-ranges: bytes
content-length: 386581
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/04/poster-17.jpg
162.251.85.8200 OK 304 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/poster-17.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:04:13 10:24:02], baseline, precision 8, 1080x1080, components 3\012- data
Size 304 kB (303460 bytes)
Hash 333a8da13839e5fc7aeb1b7d99efeb35
a1551e733a6c2c3fc5f198afd83edf5a19b3ada9
a03ab4d82ca19e35ff82a579043aa7212ab5751010ea4750a6169cd4841f2125
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/poster-17.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Apr 2021 06:18:35 GMT
accept-ranges: bytes
content-length: 303460
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/04/poster-15.jpg
162.251.85.8200 OK 333 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/poster-15.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:04:12 17:05:29 DIY-Thermocam raw data\012- (Lepton 2.x), scale 29811-25972, spot sensor temperature 1125978593735313417306112.000000, unit celsius, color scheme 0, calibration: offset 645636042579834306560.000000, slope 75655101974163092283731214336.000000], progressive, precision 8, 1080x1080, components 3\012- data
Size 333 kB (332708 bytes)
Hash 11a52ecc1dc0239497e6d14a1f2f142c
ccdfb9c0be84adc62de03757f3776540e49e4d5b
d87518237def546b68a24331a783d0dfd60dece8a3e9899b7ff0d3bc1dac06d4
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/poster-15.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Apr 2021 14:07:35 GMT
accept-ranges: bytes
content-length: 332708
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/04/poster-18.jpg
162.251.85.8200 OK 308 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/poster-18.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 21.2 (Windows), datetime=2021:04:13 10:27:47], baseline, precision 8, 1080x1080, components 3\012- data
Size 308 kB (307629 bytes)
Hash bcc901f57359bee85476d65b1bb17d63
dbeb69bc021c3eab84112b1e734a6cd2121130f9
258fafd067094a2901daf39ee9ec707ba710ad7c1355607473311bcda6974775
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/poster-18.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 14 Apr 2021 06:18:08 GMT
accept-ranges: bytes
content-length: 307629
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/04/oak.jpg
162.251.85.8200 OK 360 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/oak.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop 22.1 (Windows), datetime=2021:03:06 13:00:02], baseline, precision 8, 1080x1080, components 3\012- data
Size 360 kB (359573 bytes)
Hash 35e5be9cacf84adb9e988a7657168fed
84f380f84840ee22a3bff390a4bd5cf2f714b56b
eb0b454a6a737db486e709e5f619e94aa5e944d58ec0e9b1f9bed73dd2cdd9aa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/oak.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Apr 2021 14:06:31 GMT
accept-ranges: bytes
content-length: 359573
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
salesiq.zoho.com/widget?plugin_source=wordpress
136.143.191.67200 34 kB URL HTTP/1.1 salesiq.zoho.com/widget?plugin_source=wordpress
IP 136.143.191.67:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9a0b88a0b0158eeb2237b0f9c4dcfc1a
e194f19dcc0eaac0d96447566d2cf3de566c97c3
0dc2907ea8478159570b520ab4664af18cb274ead3871d4fdd55443345ff38a1
GET /widget?plugin_source=wordpress HTTP/1.1
Host: salesiq.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:47 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: 663a60c55d=2fe2c37ca410599c916d14b1e018bf3e; Path=/
Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Pragma:
Expires: Thu, 01 Dec 2022 11:22:47 GMT
ETag: W/542090a4a026d7a6a17e21c328cd2bb4f57cbcf110026cd04403b62d8f1d1de2
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
lead.ac.in/wp-content/themes/lead-theme/theme/img/next.png
162.251.85.8200 OK 3.8 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/next.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 22 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 061a2ab8b6519e832c9553185212e372
028e5a0ebe57a0679d63a953df56273378007679
8620eb1c12a6c4f81e8b01c123bdeaf1d8f366e01cd119ed15469a8d50a1570a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/next.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Feb 2019 10:19:23 GMT
accept-ranges: bytes
content-length: 3770
content-type: image/png
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/coma.png
162.251.85.8200 OK 4.5 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/coma.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 66 x 43, 8-bit/color RGBA, non-interlaced\012- data
Hash 46cd58d4cb6e705e5f0cf6c4465536dd
ce9d37a93fd751a857a31362243cb25e7a48edb5
49883d2953d3d9e8d92084c1cf631d39f930e33e83ddf14cf5f8378a95dca9fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/coma.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 25 Feb 2019 11:51:28 GMT
accept-ranges: bytes
content-length: 4479
content-type: image/png
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/img/prev.png
162.251.85.8200 OK 3.8 kB URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/img/prev.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 22 x 44, 8-bit/color RGBA, non-interlaced\012- data
Hash 6e6e9dfe329df7e13e17e54e08e6565e
72f3352de3e3294e597844d3ffbdd5730eda3469
eaf898fe002664b83d9a32f55302a55a64a089241f9196c171964d20e4f6ec92
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/img/prev.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/wp-content/themes/lead-theme/theme/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 26 Feb 2019 10:18:47 GMT
accept-ranges: bytes
content-length: 3769
content-type: image/png
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/uploads/2021/04/placement-poster.jpg
162.251.85.8200 OK 8.2 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/placement-poster.jpg
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type gzip compressed data, max speed, from Unix\012- data
Hash e807b9c1f0daeb0fe797b69ba6c2e6bf
082c8b4abc1829a4a835a0da981929fff145d7a8
a3011688adb31fc47ac281a700503a4bdc31711a5e47cc11096493908f65ea8c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/placement-poster.jpg HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Mon, 12 Apr 2021 14:06:47 GMT
accept-ranges: bytes
content-length: 356300
content-type: image/jpeg
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
ma.zoho.com/hub/js/WebsiteAutomation.js
136.143.191.162200 9.1 kB URL HTTP/1.1 ma.zoho.com/hub/js/WebsiteAutomation.js
IP 136.143.191.162:0
File type ASCII text, with very long lines (37278), with no line terminators
Hash c820c2353ed0f9c23c875fcef6f64e2d
08b6a4059ced8f361a128228506d4c7a48126fae
1d8b73112131d419912c181db8428777344f8daafffb12e8a7cf185a9c82f40d
GET /hub/js/WebsiteAutomation.js HTTP/1.1
Host: ma.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://lead.ac.in/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:47 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ac09458e72=e04862d4d831732ed925fdb50f4e20da; Path=/
Accept-Ranges: bytes
ETag: W/"37278-1669725354000"
Last-Modified: Tue, 29 Nov 2022 12:35:54 GMT
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
www.google-analytics.com/analytics.js
216.58.207.206200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.58.207.206:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 01 Dec 2022 10:41:08 GMT
expires: Thu, 01 Dec 2022 12:41:08 GMT
cache-control: public, max-age=7200
age: 2199
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 25eb4af5d42605a129115e6acb55982b
ffbde06b9c51726022ceca1fdb2d9311f3aaf84d
3000147ff670ae4cf1dff3d51059658f783134a08aa87c7258df5b99c5768426
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:47 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 15:09:34 GMT
Expires: Mon, 05 Dec 2022 15:09:33 GMT
Etag: "ffbde06b9c51726022ceca1fdb2d9311f3aaf84d"
Cache-Control: max-age=358905,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b6b1e8c10b524-OSL
lead.ac.in/wp-content/uploads/2021/04/cropped-zzz-1-192x192.png
162.251.85.8200 OK 5.5 kB URL HTTP/2 lead.ac.in/wp-content/uploads/2021/04/cropped-zzz-1-192x192.png
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 63d6fe4518aac7217a6ade65d62cf47b
f14a42985640c7131667748fd6a7924776e6442d
1213cccf7ea60d403dfed6fa736f8249a3526ac4e20bf1afcee87cc5d5c0d6aa
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/uploads/2021/04/cropped-zzz-1-192x192.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 27 Apr 2021 12:12:57 GMT
accept-ranges: bytes
content-length: 5503
content-type: image/png
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
css.zohocdn.com/salesiq/styles/floatbutton11_d84759f7e702cd153e2fee39b8d1018f_.css
185.20.209.147200 OK 4.8 kB URL HTTP/2 css.zohocdn.com/salesiq/styles/floatbutton11_d84759f7e702cd153e2fee39b8d1018f_.css
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (20906), with no line terminators
Hash 6fa8932d330dd915cdc7c0ba47898479
4f6496881c80c25f3126136b41a56aa90f5602b0
e974894219cc4784d6cdf67a23f891a224761abbd33649ebf04ad116854010bb
GET /salesiq/styles/floatbutton11_d84759f7e702cd153e2fee39b8d1018f_.css HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Thu, 01 Dec 2022 11:17:47 GMT
content-type: text/css;charset=UTF-8
content-length: 4827
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "6fa8932d330dd915cdc7c0ba47898479"
content-language: en-US
last-modified: Wed, 09 Nov 2022 10:49:11 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 5659292b543ce3a6ea72c68f5db6d85b
z-origin-id: ex1-26bfa8b0e08e43ccaf83896829c3e049
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 25eb4af5d42605a129115e6acb55982b
ffbde06b9c51726022ceca1fdb2d9311f3aaf84d
3000147ff670ae4cf1dff3d51059658f783134a08aa87c7258df5b99c5768426
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:48 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 15:09:34 GMT
Expires: Mon, 05 Dec 2022 15:09:33 GMT
Etag: "ffbde06b9c51726022ceca1fdb2d9311f3aaf84d"
Cache-Control: max-age=358904,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b6b1e8efffac8-OSL
js.zohocdn.com/salesiq/js/floatbutton11_66159d97b48da239694e34e5c1ee3a2e_.js
185.20.209.147200 OK 11 kB URL HTTP/2 js.zohocdn.com/salesiq/js/floatbutton11_66159d97b48da239694e34e5c1ee3a2e_.js
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type ASCII text, with very long lines (32714), with no line terminators
Hash a158ce1e8a3a68b477cb604c3fef92d2
23f4d21c506a2b908d5030a976fa7d024faf699c
d293c65f4cccdc8ec3d82d38a82fd134ba0b668f2446151273b766c78bfbc4c5
GET /salesiq/js/floatbutton11_66159d97b48da239694e34e5c1ee3a2e_.js HTTP/1.1
Host: js.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: ZGS
date: Thu, 01 Dec 2022 11:17:48 GMT
content-type: application/javascript;charset=UTF-8
content-length: 10628
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
etag: "a158ce1e8a3a68b477cb604c3fef92d2"
content-language: en-US
last-modified: Mon, 28 Nov 2022 12:24:18 GMT
content-encoding: br
access-control-expose-headers: *
access-control-allow-origin: *
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 6e3054bfade03efe33a0f55247ebf04e
z-origin-id: ex1-6226668745d64d4882930d9dee89ea7c
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4bee46a4b2940d0942dbb09dd846176d
ca6ac87bf9572fea5c4be5adfe71f8ba1ac2e396
d45effaaa2fd57ffe2ebe841c9370c8b45fcecbe48cadd34bf78588ae5d35948
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 01 Dec 2022 11:17:48 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 10:34:41 GMT
Expires: Mon, 05 Dec 2022 10:34:40 GMT
Etag: "ca6ac87bf9572fea5c4be5adfe71f8ba1ac2e396"
Cache-Control: max-age=342411,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 772b6b201dcab524-OSL
css.zohocdn.com/salesiq/styles/fonts/float/float_8be4374c3228dfc95e54d8ea8096342a_.ttf
185.20.209.147200 OK 906 B URL HTTP/2 css.zohocdn.com/salesiq/styles/fonts/float/float_8be4374c3228dfc95e54d8ea8096342a_.ttf
IP 185.20.209.147:0
ASN #41913 Computerline GmbH
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash 4c5578b6975e326c3bfea8954ffaa2d4
e8bb6004bf5f8d5e9c924be3141bcb714e1f9bf1
fc68c05be81e1f500126b80887730661ecac5282453149d5b7641457cb7d9da7
GET /salesiq/styles/fonts/float/float_8be4374c3228dfc95e54d8ea8096342a_.ttf HTTP/1.1
Host: css.zohocdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lead.ac.in
Connection: keep-alive
Referer: https://css.zohocdn.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: ZGS
date: Thu, 01 Dec 2022 11:17:48 GMT
content-type: font/ttf
content-length: 906
x-content-type-options: nosniff
x-xss-protection: 1
cache-control: public, max-age=7776000, immutable
access-control-expose-headers: *
access-control-allow-origin: *
etag: "4c5578b6975e326c3bfea8954ffaa2d4"
content-language: en-US
last-modified: Wed, 09 Nov 2022 10:49:34 GMT
content-encoding: br
vary: Accept-Encoding
strict-transport-security: max-age=15768000
timing-allow-origin: *
x-cache: HIT
nb-request-id: 72b6d8ba94d51c741a281861db90324d
z-origin-id: ex1-6d6f15f7ee9c42088d8e40a34fc2f2dc
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
X-Firefox-Spdy: h2
lead.ac.in/img/fav.png
162.251.85.8404 Not Found 24 kB IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Hash 39f44ab631e10ae0dc9fecd28374bf1a
79413541d25a1a34186bba43ec6d3f39a0f21e4f
88635e8997dd064c85b46a5d489bd51f7dba17fbbc61b0ac3449fe3cbb1b8464
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /img/fav.png HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-litespeed-tag: 30b_HTTP.404
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://lead.ac.in/wp-json/>; rel="https://api.w.org/"
x-tec-api-version: v1
x-tec-api-root: https://lead.ac.in/wp-json/tribe/events/v1/
x-tec-api-origin: https://lead.ac.in
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 01 Dec 2022 11:17:47 GMT
server: Apache
X-Firefox-Spdy: h2
maillist-manage.com/wa/ActionLogger?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&action=viewed&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F
136.143.190.68200 324 B URL HTTP/1.1 maillist-manage.com/wa/ActionLogger?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&action=viewed&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F
IP 136.143.190.68:0
File type CSV text\012- , ASCII text
Hash 7987d5bf862f918e2b0f27995cc98783
927ca858cfbbf6d0b0879822f5ea095bd0beb08c
e28658320ba30ce75b4dd39afeed0ad6be8fa10e49c07fe9a2f6fe39de3e22bc
GET /wa/ActionLogger?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&action=viewed&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F HTTP/1.1
Host: maillist-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:48 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 324
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Set-Cookie: fd6b13af5c=cc51a55db39c358803fc169a1f669521; Path=/
ZCAMPAIGN_CSRF_TOKEN=88b0e3e1-236a-41f9-8dfd-510dd565ff34;path=/;SameSite=None;Secure;priority=high
_zcsr_tmp=88b0e3e1-236a-41f9-8dfd-510dd565ff34;path=/;SameSite=Strict;Secure;priority=high
JSESSIONID=F5358CF9E89B8B2FDB562B1562E1FD50; Path=/; Secure; HttpOnly
zc_loc=1; Domain=maillist-manage.com; SameSite=None; Secure
zc_cu=3z10c120e23ee4cb2e90c1e843a2f3095c-v3z8523e48ac51d006a32c58680ada7770ba35fa47e6203845ebb8c0fe37e2cf297; Max-Age=31536000; Expires=Sun, 18-Dec-2022 11:58:17 GMT; Domain=maillist-manage.com; Path=/; SameSite=None; Secure
zc_tp=3z8523e48ac51d006a32c58680ada7770b2fedb27adb8476a6fa5be85a2ecc71d3; Max-Age=31536000; Expires=Sun, 18-Dec-2022 11:58:17 GMT; Domain=maillist-manage.com; Path=/; SameSite=None; Secure
Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-197342804-1&cid=1561136024.1669893466&jid=299893248&gjid=1925057963&_gid=734962455.1669893466&_u=aGDACUIhBAAAACAAI~&z=1600028110
64.233.165.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-197342804-1&cid=1561136024.1669893466&jid=299893248&gjid=1925057963&_gid=734962455.1669893466&_u=aGDACUIhBAAAACAAI~&z=1600028110
IP 64.233.165.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-197342804-1&cid=1561136024.1669893466&jid=299893248&gjid=1925057963&_gid=734962455.1669893466&_u=aGDACUIhBAAAACAAI~&z=1600028110 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://lead.ac.in
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://lead.ac.in
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 01 Dec 2022 11:17:48 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 51d5484b700426c5612c309bbf14b114
026994960bfaaa4e2604b66cb795b2787fe300a2
e3e30a64f2e4fc59120c46b320d104f1b9d9a8af90106ab78715d14e49e11ae0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 01 Dec 2022 11:17:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
vts.zohopublic.com/watchws?x-e=leadcollegeofmanagement&x-s=leadcollegeofmanagement&cpage=https%3A%2F%2Flead.ac.in%2F&ptitle=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=435500000000002043&lang_embed=en&con_id=1669893466379&connection_count=1
136.143.191.144101 Switching Protocols 0 B URL HTTP/1.1 vts.zohopublic.com/watchws?x-e=leadcollegeofmanagement&x-s=leadcollegeofmanagement&cpage=https%3A%2F%2Flead.ac.in%2F&ptitle=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=435500000000002043&lang_embed=en&con_id=1669893466379&connection_count=1
IP 136.143.191.144:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /watchws?x-e=leadcollegeofmanagement&x-s=leadcollegeofmanagement&cpage=https%3A%2F%2Flead.ac.in%2F&ptitle=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&localtime=GMT%2B0000%20(Coordinated%20Universal%20Time)&gmttime=GMT%2B0000&resolution=1280x1024&lsid=435500000000002043&lang_embed=en&con_id=1669893466379&connection_count=1 HTTP/1.1
Host: vts.zohopublic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://lead.ac.in
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: VS9sdHk9Y7tlp6gKbtlQbA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Strict-Transport-Security: max-age=15768000
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: CUU9Uhb01hO0AYrt7h2DZIgZdGE=
ma.zoho.com/hub/js/MagicPopup.js?t=1669893467231
136.143.191.162200 7.4 kB URL HTTP/1.1 ma.zoho.com/hub/js/MagicPopup.js?t=1669893467231
IP 136.143.191.162:0
File type ASCII text, with very long lines (28972), with no line terminators
Hash 333f30e116d23f180035905863a97d5e
0e54591d27276bca828391547b8b12f1421868de
0a41b276aa37e5818fc35ccbf123e07c013cfc9763c19d10c0d564edaad14341
GET /hub/js/MagicPopup.js?t=1669893467231 HTTP/1.1
Host: ma.zoho.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:48 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: ac09458e72=48accd344efccfc6d45e464ee77d69f2; Path=/
Accept-Ranges: bytes
ETag: W/"28972-1669725354000"
Last-Modified: Tue, 29 Nov 2022 12:35:54 GMT
vary: accept-encoding
Content-Encoding: gzip
Strict-Transport-Security: max-age=63072000
maillist-manage.com/wa/PopupRequest?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&zc_cu_exp=1669924068000,1&action=viewed&zc_cu=3z10c120e23ee4cb2e90c1e843a2f3095c-v3z8523e48ac51d006a32c58680ada7770ba35fa47e6203845ebb8c0fe37e2cf297&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F&from=WA
136.143.190.68200 0 B URL HTTP/1.1 maillist-manage.com/wa/PopupRequest?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&zc_cu_exp=1669924068000,1&action=viewed&zc_cu=3z10c120e23ee4cb2e90c1e843a2f3095c-v3z8523e48ac51d006a32c58680ada7770ba35fa47e6203845ebb8c0fe37e2cf297&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F&from=WA
IP 136.143.190.68:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wa/PopupRequest?callback=processData&webAutoId=27218d28c96aa859eb8fdf477ef77ddb3&zuid=2ff38b688797f3b35d71b62c3142be692&domain=21f1a46c5f695bd21a4161a0376512b81&orgDomainId=2a7036b3c117ed35bd66e2f2367f669ec894375f7a7d2d66f&reqType=0&ref=&socialshare=null&value=LEAD%20College%20of%20Management%20%7C%20The%20Best%20MBA%20College%20in%20Kerala&zc_cu_exp=1669924068000,1&action=viewed&zc_cu=3z10c120e23ee4cb2e90c1e843a2f3095c-v3z8523e48ac51d006a32c58680ada7770ba35fa47e6203845ebb8c0fe37e2cf297&url=https%3A%2F%2Flead.ac.in%2F&parentUrl=https%3A%2F%2Flead.ac.in%2F&from=WA HTTP/1.1
Host: maillist-manage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Cookie: zc_loc=1; ZCAMPAIGN_CSRF_TOKEN=88b0e3e1-236a-41f9-8dfd-510dd565ff34; zc_cu=3z10c120e23ee4cb2e90c1e843a2f3095c-v3z8523e48ac51d006a32c58680ada7770ba35fa47e6203845ebb8c0fe37e2cf297; zc_tp=3z8523e48ac51d006a32c58680ada7770b2fedb27adb8476a6fa5be85a2ecc71d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
Server: ZGS
Date: Thu, 01 Dec 2022 11:17:49 GMT
Content-Type: application/javascript;charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-Content-Type-Options: nosniff
X-XSS-Protection: 1
Cache-Control: private,no-cache,no-store,max-age=0,must-revalidate
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET,POST,OPTIONS
Set-Cookie: fd6b13af5c=cc51a55db39c358803fc169a1f669521; Path=/
JSESSIONID=B8383DA0324D107A87E1B062BC79ACBE; Path=/; Secure; HttpOnly
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000
lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/moment-timezone-with-data.min.js
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/moment-timezone-with-data.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/js/vendor/moment-timezone-with-data.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-includes/css/dist/block-library/style.min.css
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-includes/css/dist/block-library/style.min.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-includes/css/dist/block-library/style.min.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 16 Nov 2022 02:37:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Montserrat:500,700|Roboto:300,400
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Montserrat:500,700|Roboto:300,400
IP 142.250.74.106:0
GET /css?family=Montserrat:500,700|Roboto:300,400 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 01 Dec 2022 11:17:45 GMT
date: Thu, 01 Dec 2022 11:17:45 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
lead.ac.in/wp-content/themes/lead-theme/theme/js/plugins.js
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-content/themes/lead-theme/theme/js/plugins.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/themes/lead-theme/theme/js/plugins.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 03 Apr 2019 07:32:41 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/jquery.qtip.min.js
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/jquery.qtip.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/js/vendor/jquery.qtip.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/feed-them-social/feeds/css/styles.css
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-content/plugins/feed-them-social/feeds/css/styles.css
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/feed-them-social/feeds/css/styles.css HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 15 Nov 2022 16:47:05 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css
date: Thu, 01 Dec 2022 11:17:45 GMT
server: Apache
X-Firefox-Spdy: h2
lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/moment.min.js
162.251.85.8200 OK 0 B URL HTTP/2 lead.ac.in/wp-content/plugins/google-calendar-events/assets/js/vendor/moment.min.js
IP 162.251.85.8:0
ASN #394695 PUBLIC-DOMAIN-REGISTRY
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /wp-content/plugins/google-calendar-events/assets/js/vendor/moment.min.js HTTP/1.1
Host: lead.ac.in
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lead.ac.in/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 07 Jun 2022 06:14:54 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: application/javascript
date: Thu, 01 Dec 2022 11:17:46 GMT
server: Apache
X-Firefox-Spdy: h2