geacompany.com/
185.65.123.230301 Moved Permanently 162 B IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Dec 2022 10:35:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://geacompany.com/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12975
Expires: Fri, 23 Dec 2022 14:11:17 GMT
Date: Fri, 23 Dec 2022 10:35:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9943
Expires: Fri, 23 Dec 2022 13:20:45 GMT
Date: Fri, 23 Dec 2022 10:35:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 09:46:05 GMT
content-type: application/json
age: 2938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13379
Expires: Fri, 23 Dec 2022 14:18:02 GMT
Date: Fri, 23 Dec 2022 10:35:03 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wKok8ZO/ZpV95P1zMO9Xhd5onx04gF8hJCIF3gkniZotlrowTVpWJVCbzZU/HQrRjFqHflO3RaU=
x-amz-request-id: 2CQAY1E96E0XJMVA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 09:56:09 GMT
age: 2334
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 892d69d5f15439be46ceaa2d3ddf9dd1
e6b116d2b2d491fadf8d4cc7bf2f127c9bbeec83
8dd0b3cc708b05809a921cf8e6452d3457c2923afd38e5fded2e29a09fde68cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DD0B3CC708B05809A921CF8E6452D3457C2923AFD38E5FDED2E29A09FDE68CC"
Last-Modified: Fri, 23 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 23 Dec 2022 16:35:01 GMT
Date: Fri, 23 Dec 2022 10:35:03 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 10:08:02 GMT
age: 1621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3122
Cache-Control: max-age=170626
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:03 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 09:58:49 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.163.38.240101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.38.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4us0qQIV9GWW3K3lUNR7DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lap0Heo7TIGEh6PL87stAwoLGPU=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geacompany.com/wp-content/uploads/2021/12/icon2.png
185.65.123.230200 OK 5.4 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/icon2.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 60 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 7a298d6def33b342a2edc1c722f73182
26d8cfbb5d03db72f4c91f4a15f910cd8861ce84
fb464ab69d9d7e9d313fefdc4d9bd9e917eae4ac7d667d94d99dd52bed91c4e3
GET /wp-content/uploads/2021/12/icon2.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5364
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-14f4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/icon1.png
185.65.123.230200 OK 5.2 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/icon1.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 54 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 8bce032225309205a30e74a34af5a9b7
12abaee3125a87f2183d3aca25cb2c7904c78c09
6746ebcb391d8cd29d3569ea8c47b1a1a49435f80635362d024446a30f574e04
GET /wp-content/uploads/2021/12/icon1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5196
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-144c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/logo.png
185.65.123.230200 OK 17 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/logo.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 180 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash ddd55853837c7544368081d4dd3cd7dd
fffe333e0eed8d2df044ed310161e8e1f3ecb434
7abd49558f3d41df4abe7cd4833c544359702dec1da4e4984abd7033616d3f01
GET /wp-content/uploads/2021/12/logo.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 17102
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-42ce"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/
185.65.123.230200 OK 20 kB IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (46458), with CRLF, LF line terminators
Hash 982fcfba84a25bee7b8339b366b0575e
3e4703e14ed0863eee0d2a28314cfcda6ea72344
2d24e33529ac1c477ef9e59c55ee2ebe63c0b2a3d044582b94de42f49d9b2bc9
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://geacompany.com/xmlrpc.php
link: <https://geacompany.com/wp-json/>; rel="https://api.w.org/", <https://geacompany.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json", <https://geacompany.com/>; rel=shortlink
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.13, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-includes/css/classic-themes.min.css?ver=1
185.65.123.230200 OK 648 B URL HTTP/2 geacompany.com/wp-includes/css/classic-themes.min.css?ver=1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Hash 4049be5d44ebf90bcfa5329b9d8a554d
9ac766b96e3f3728e6220e43df63871ccdeb2310
e9345c83fb8488609f74c3a274dbe641f2ddfe17a6107631140a9d3df7b7d78b
GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 02 Nov 2022 07:16:48 GMT
etag: W/"d9-5ec779fba8619"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap
142.250.74.106200 OK 1.2 kB URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap
IP 142.250.74.106:0
Hash 970b25ad57d03f0e9c7166dd3562923f
71611f2f651a399a2cfa44a55e1f61f1af582e65
b88319c83ca8f9d1387a8a8df893d5d28eeaa83db2e153ce49516066c3863258
GET /css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 10:35:04 GMT
date: Fri, 23 Dec 2022 10:35:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:11 GMT
age: 46614
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e49802d7e560d6e9b5d17111d531af4d
c2c523d207935363931aa17cd9aaabb9a48c28a0
255ac832533c579d57dac6adc330f83d39de222b3496277b2394afc15fe74535
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8732
x-amzn-requestid: 25cbd9e6-ad97-4369-a02c-e740030b437c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: defNLECQIAMFiQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a278ba-4e1a2cd801c389584e320ffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qHW93j1deKtsnRU5YYgcKJEJJfWQrYE85yG_4y9M1ECrfLtaiSYxiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:43:00 GMT
age: 21125
etag: "c2c523d207935363931aa17cd9aaabb9a48c28a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 2047fa50-737a-420b-8bcd-6ba2d79b60eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOjrhHuiIAMF5JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c197c-0103d96966f2f8924b8c8a10;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 07:08:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MAD0zRheKGRmq1aqcKD5oOfjQFY_8CeffvGAvwTxjhKihl6PqbzV8Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:52:36 GMT
age: 63749
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
geacompany.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
185.65.123.230200 OK 17 kB URL HTTP/2 geacompany.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (47826)
Hash 6dedabb101dc8f88765cf23e35083444
c6b6e93531f296312d894b8e13fdbef9bac0f655
577361f645362b0b9c6bf913b3a2f821112006b9ecec4a2908c8f3eaed9de509
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:38:39 GMT
vary: Accept-Encoding
etag: W/"6374937f-172a9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0
185.65.123.230200 OK 8.4 kB URL HTTP/2 geacompany.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type Unicode text, UTF-8 text, with very long lines (6059)
Hash 7d1b3644a5f0682403093336abde37e9
8de92fdf66e0d2531da32bc9f6f5b2bb332d20f0
acfc8b6d674b2afa76344ea4140034b932cd0a9493c591a4f42401cb551b9e02
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/tablepress/css/build/default.css?ver=2.0 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Fri, 23 Dec 2022 07:31:04 GMT
vary: Accept-Encoding
etag: W/"63a55938-17b6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10
185.65.123.230200 OK 12 kB URL HTTP/2 geacompany.com/wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with CRLF line terminators
Hash e65bd150a388bffaac096f8a72c6031f
3c7c63bbaf70ed432f503dd0356966006be304bd
ecc81b41507c001628b8cc8ea43eace15b0d9f874753c4d32faf7dd04d2965cf
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 09 Nov 2022 07:21:18 GMT
etag: W/"2a7-5ed0480bb2b05"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/icon4-1.png
185.65.123.230200 OK 5.2 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/icon4-1.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash 70da1cd9e66ee965c510f64f251caaad
b23ed7b822defcab4b640bccb13388ceec9a7fb8
02fc483a1201aaa58e80bee50f229c0c9a78bf4eb5c83af9ff71fae05f36caab
GET /wp-content/uploads/2021/12/icon4-1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5249
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-1481"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
185.65.123.230200 OK 68 B URL HTTP/2 geacompany.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Hash 2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Fri, 04 Nov 2022 14:44:46 GMT
etag: "44-5eca61d70d845"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/icon3.png
185.65.123.230200 OK 3.6 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/icon3.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 58 x 56, 8-bit/color RGBA, non-interlaced\012- data
Hash a099b9e54186a018421984965ee92b54
b36eec3dff91d5b668a9b68aae06de47a87ad8af
c5df7b1845afa19d9a296f729a7c2a65a8abe4ee6029769ad206b803a6f0bd14
GET /wp-content/uploads/2021/12/icon3.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 3643
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-e3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/im3.jpg
185.65.123.230200 OK 93 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/im3.jpg
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 780x630, components 3\012- data
Hash 4f2de7ceadeff4e4f10918e6e040a920
64f6fb1c0e82766b28c27be6443a918fdd5b9bc9
36db136862bf61304afd047ba11b3069c29583f39f613b7d2f504986b31b41ca
GET /wp-content/uploads/2021/12/im3.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 92785
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-16a71"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/im4.jpg
185.65.123.230200 OK 118 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/im4.jpg
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 780x630, components 3\012- data
Size 118 kB (117764 bytes)
Hash 0e0ade1c7f8b9908e333f4171f66cb0e
59450621169958b7e43c4d88f98c5d4f8b2b40ea
48a4d46c0ea541610a74168e8c457012b4cf051e3dd09dc60f93b3e686946e3b
GET /wp-content/uploads/2021/12/im4.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 117764
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-1cc04"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/im2.jpg
185.65.123.230200 OK 184 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/im2.jpg
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x630, components 3\012- data
Size 184 kB (184118 bytes)
Hash da10e36b66e3f7ab8a93bf0443b93dbd
713ea67f082e6556861d94b74e9833083f3ef076
218e40a9ef43d2b82ac4ca122261ef8e8ca4f7199e14e8fd74ef4f2928773d91
GET /wp-content/uploads/2021/12/im2.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 184118
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-2cf36"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/im1.jpg
185.65.123.230200 OK 136 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/im1.jpg
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x630, components 3\012- data
Size 136 kB (135972 bytes)
Hash 67aff2254570dae65d31f7c1b3666bec
83c6d13ea26d92ab061a448bc71f1e74a753cb15
c06bc13e54e0220695533d8cacdbb4bb819656c86098ac95211910d543174fed
GET /wp-content/uploads/2021/12/im1.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 135972
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-21324"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6
185.65.123.230200 OK 1.0 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (1733)
Hash f5e1479f34d765fece52bba8f965f3f7
24c7fda5f56037eb0ba553c32c01a674eca36874
ad17ee82c71139f266ad8e58715ade5c851e638a369ef3d92c39457b3ed27f7d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-727"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2022/01/home-poslovniprostori.png
185.65.123.230200 OK 816 kB URL HTTP/2 geacompany.com/wp-content/uploads/2022/01/home-poslovniprostori.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 600 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 816 kB (816522 bytes)
Hash b6547f348dc544e949f4b92b43787dee
d09b8aa16e625746b066013723ef035ecaeabf1a
330695f1059e42461d58094e5a4e7d61abae800ff0f337884a0469e478f093ea
GET /wp-content/uploads/2022/01/home-poslovniprostori.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 816522
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-c758a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6
185.65.123.230200 OK 730 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (350)
Hash b7759e9cb58134571cf8a62515adf031
0989121a39ad9ec1ca38d26dbd0d7f5bee0a1de9
bda324bb32e31accba1268b99e0ab3488c53b184a4c2aef9fcc013364638115c
GET /wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
etag: W/"1d8-5f02cd1788bf1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/pic1.png
185.65.123.230200 OK 890 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/pic1.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 796 x 1222, 8-bit/color RGBA, non-interlaced\012- data
Size 890 kB (890215 bytes)
Hash bc33d21f2f2f396432455ac678d8569d
7358f2134183a435889c4a1dbc62c1785c811b82
ffdd8cbd016413204cdbccf54c3a67dcf03320dfd57cd762e7d9f2197dbf3ae6
GET /wp-content/uploads/2021/12/pic1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 890215
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-d9567"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6
185.65.123.230200 OK 36 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Hash 92204b17ba24798fc8f7c38af04f69d6
520d629ab146aeb1ece809a1d57c94cc20437538
c551665a6b507b5d8a4bebb516d9b4c1991385901ccc76a56bf25144ee15fc85
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/scripts.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-1c6cd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2022/01/home-gradnja.png
185.65.123.230200 OK 1.1 MB URL HTTP/2 geacompany.com/wp-content/uploads/2022/01/home-gradnja.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 600 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size 1.1 MB (1116728 bytes)
Hash 7cb8279fc9ddb8930250f80fad805a66
1d073cbb0d47750321dfb89893b59c1d2a792eb3
08472ca863c2ddbe9b11c4f21c24c838581acd0411935aaff9e80bc8747a3afa
GET /wp-content/uploads/2022/01/home-gradnja.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 1116728
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-110a38"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6
185.65.123.230200 OK 13 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (480)
Hash a7715b8a54eeddb1c1df7cb58f7710f3
feb51849998c757fbeea949b3753fc3b3e487628
3d15c6966ab387300790357ea444471f3447f5a2cba71a022377ab1cdb4004f7
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
etag: W/"260-5f02cd1788bf1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2019/11/itservice3-sectionbg1.png
185.65.123.230200 OK 3.7 kB URL HTTP/2 geacompany.com/wp-content/uploads/2019/11/itservice3-sectionbg1.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 351 x 716, 4-bit colormap, non-interlaced\012- data
Hash c575f89de67d46516fe02683bed7aaa0
e2a8aa4f51647183837ecf393c30af8c43b7b7f4
6a760f9db935bface855e679a62b75a61c4e4ba366410a79ea9430cfe48a972d
GET /wp-content/uploads/2019/11/itservice3-sectionbg1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: image/png
content-length: 3741
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-e9d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
142.250.74.35200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 11724, version 1.0\012- data
Hash e65a22778da0d148c4b2e5622381eeb5
1588442e1a3df4b766c986312e8feb13ef075088
51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291
GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 20:46:58 GMT
expires: Thu, 21 Dec 2023 20:46:58 GMT
cache-control: public, max-age=31536000
age: 136087
last-modified: Wed, 27 Apr 2022 16:50:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
185.65.123.230200 OK 81 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type Web Open Font Format, TrueType, length 81448, version 1.0\012- data
Hash 743706216bfe3fc0728d0bd15313ac92
d923ae95df3ea7676e8dc34f4de04abf2eefaaab
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/font-woff
content-length: 81448
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
etag: "63a04e36-13e28"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
185.65.123.230200 OK 16 kB URL HTTP/2 geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (15660)
Hash 2782b8e50cea87e2c580bd8ebfe3f6c4
0cbbbd9c61377e0b6416a95a571c0aaa9c560baf
9b938c1290ca8deafa1dcce00d5571f57fee2c03bc623602d72c4ec9446d0c14
GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:58 GMT
vary: Accept-Encoding
etag: W/"6365256a-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6
185.65.123.230200 OK 14 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Hash 3d0ec0d6dbb1f1374f9228df6d2fa3c2
353b4655972f7e64dc702300df73e5259cdf00d1
42f3354128406dcdd47d09ca5eff76cb0e346048248c18fdd5298181c887f09d
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-f7b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2
142.250.74.35200 OK 8.3 kB URL HTTP/2 fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8304, version 1.0\012- data
Hash ade2e370baebe9b14fa66de1e45b729b
378405ba0b82d95746bd288d5d8cdba2c3758ed3
b83a28cd21fd878a7208f77646f29f836f9a97371a913b696b7a093a1bfb68e1
GET /s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 01:29:47 GMT
expires: Fri, 22 Dec 2023 01:29:47 GMT
cache-control: public, max-age=31536000
age: 119118
last-modified: Wed, 27 Apr 2022 15:50:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2
142.250.74.35200 OK 2.1 kB URL HTTP/2 fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 2096, version 1.0\012- data
Hash dc42cc5f8197ca290d71f248db0979df
ad731d182f39be049241f918d9b4aa9e651d9950
264ec6687846027537f2f81ca3c6fcd72059d43102c1664430738f7b9d430f63
GET /s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 2096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 21:52:06 GMT
expires: Wed, 20 Dec 2023 21:52:06 GMT
cache-control: public, max-age=31536000
age: 218579
last-modified: Wed, 27 Apr 2022 16:47:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6
185.65.123.230200 OK 69 kB URL HTTP/2 geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type ASCII text, with very long lines (464)
Hash 0252e467c3085721f0596dd0c7225d24
1caf1da807b6e01741c7c4b1058aef8c2a35dfb1
db0ddd1fc86d04c72e4e5166404200c1f412b48d66eba518f08e59e30643c3cb
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/css/be.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-64ec2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
geacompany.com/wp-content/uploads/2021/12/icon.png
185.65.123.230200 OK 2.8 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/icon.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d7b282e9b484af0715f3ba63740f9cc
5748765a8f9bd0eb8865bcdf303332da0615a576
cebc19924976d8feb925675f60858e87ae1ba7128b0666ab7f403fb1b7eed2e9
GET /wp-content/uploads/2021/12/icon.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: image/png
content-length: 2822
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-b06"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2021/12/rsl1.jpg
185.65.123.230200 OK 183 kB URL HTTP/2 geacompany.com/wp-content/uploads/2021/12/rsl1.jpg
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1920x900, components 3\012- data
Size 183 kB (182843 bytes)
Hash 41d5d42d76fa274d105f02b8dc687f55
d99e20d0a200c143c4b2d2bb94bc95810538bc21
84101359cc9c536df0a321dd706d184137ac8601b91bff1ed6f38ba7c5854e9e
GET /wp-content/uploads/2021/12/rsl1.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:06 GMT
content-type: image/jpeg
content-length: 182843
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-2ca3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-2ea1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-ed1d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-41c2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 07:06:21 GMT
vary: Accept-Encoding
etag: W/"639d6a6d-316c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:58 GMT
vary: Accept-Encoding
etag: W/"6365256a-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/css/responsive.css?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/css/responsive.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/themes/betheme/css/responsive.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-fe01"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-25ef"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-53c0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-1e4e6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/menu.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-b2b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-4f10"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2022/02/home-garaze.png
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/uploads/2022/02/home-garaze.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/uploads/2022/02/home-garaze.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 302735
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-49e8f"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1
IP 142.250.74.106:0
GET /css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 10:35:04 GMT
date: Fri, 23 Dec 2022 10:35:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-e197"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 07:06:21 GMT
vary: Accept-Encoding
etag: W/"639d6a6d-2945"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-cd61"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/2022/01/home-stanovi.png
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/uploads/2022/01/home-stanovi.png
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/uploads/2022/01/home-stanovi.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 577218
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-8cec2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-15e54"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-604"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/uploads/betheme/css/post-41.css?ver=1671791704
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/uploads/betheme/css/post-41.css?ver=1671791704
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
Analyzer Verdict Alert fortinet Phishing
GET /wp-content/uploads/betheme/css/post-41.css?ver=1671791704 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 04 Nov 2022 14:44:55 GMT
etag: W/"4b-5eca61dfa9af3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-5d7d8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6
185.65.123.230200 OK 0 B URL HTTP/2 geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6
IP 185.65.123.230:0
ASN #201719 Teleklik d.o.o.
GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-e83d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2