Report - geacompany.com/

Report Overview

Submitted URL
geacompany.com/
IP
185.65.123.230
ASN
#201719 Teleklik d.o.o.
Submitted
2022-12-23 10:35:14
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
46

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
geacompany.com	unknown	2016-02-20T01:27:17Z	2022-12-02T14:51:22Z	22 kB	3.9 MB	185.65.123.230
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	1.4 kB	3.5 kB	23.36.77.32
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	341 B	797 B	93.184.220.29
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	1.4 kB	2.8 kB	216.58.211.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	1.6 kB	33 kB	34.120.237.76
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.5 kB	25 kB	142.250.74.35
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	606 B	127 B	35.163.38.240
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	906 B	2.7 kB	142.250.74.106

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-23	medium	geacompany.com/	Phishing
2022-12-23	medium	geacompany.com/	Phishing
2022-12-23	medium	geacompany.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1	Phishing
2022-12-23	medium	geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11	Phishing
2022-12-23	medium	geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1	Phishing
2022-12-23	medium	geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6	Phishing
2022-12-23	medium	geacompany.com/wp-content/uploads/betheme/css/post-41.css?ver=1671791704	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (24)

	URL	Size	First Seen	Last Seen
	geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1	11 kB	2023-03-09	2024-04-18
Pretty URL geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-04-18 14:17:30 Times Seen8848 Hash 7f0734e228d3f1a255a8b817a5005b8e 3dfca70a7a3e298fc392f2393ca60d350eebb5fd 23bb39b607b39a93d953762d2a618a3cbc69c52ceaf70d96890137ca1d2b0228 Loading...

	geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6	53 kB	2023-03-07	2024-04-17
Pretty URL geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:18 Last Seen2024-04-17 20:34:10 Times Seen1531 Hash 0ba3e2243f42575817b07fcadacf8269 50ed3259514f428897730c9d429974bdc72eb988 6e6c69ba30da65996fe5cfd06a9248ad71966d7f05781b646d87358a7e202511 Loading...

	geacompany.com/	2.3 kB	2023-03-07	2024-04-19
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-19 15:34:18 Times Seen1828 Hash be435481837b62187ea43999d905c91a 403a7bb5b4764bf8951e239b7ad591cd0eb62d7e fc772d0508e695b6dc294b8734e7693bbdc64bbeae89239a03bf32e8b56aea2b Loading...

	geacompany.com/	482 B	2023-03-10	2023-03-10
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:23:05 Last Seen2023-03-10 06:23:05 Times Seen1 Hash efbcbad41fb3813aec2fa37a77cea417 829a87f70d0cc8806f6e85735d4edc41e5008bab 714db309900ad99262fe14584b562e45a681505923437e8ef6fcbe93bbf63bdc Loading...

	geacompany.com/	332 B	2023-03-07	2024-04-19
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:40 Last Seen2024-04-19 15:34:18 Times Seen9124 Hash 7d495bb1d6c246a2d57df3ab9332a3cc 6367d4f8addf48f2af1023b8176a2263bb424d01 df09a4f39d495e901a5479fce56c8ddec4f8a6acda1b3ceab7adc704fa439e32 Loading...

	geacompany.com/	2.1 kB	2023-03-10	2023-03-10
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:23:05 Last Seen2023-03-10 06:23:05 Times Seen1 Hash 767b0a6d1e584e1a3c7158438c54969d a56133a2bc9813d6931ba5391696da7f2d4063ae 07fd2cce95fb224778d60c1f4d20ee6405a886e70341fe7614f15d235a217c56 Loading...

	geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-19
Pretty URL geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-19 15:34:19 Times Seen68497 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1	90 kB	2023-03-08	2024-04-19
Pretty URL geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-19 12:23:33 Times Seen31780 Hash 17738318d61d394f1de8890d589afaec f6d0c4dc1399cf02d53f5753ad46573a8bbc2ac3 cc7403bab52ed166e24ea9324241045af370be482f5b594468f4a6ac6e7e7981 Loading...

	geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6	608 B	2023-03-08	2024-04-17
Pretty URL geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:34 Last Seen2024-04-17 20:34:08 Times Seen703 Hash 5d4ae3c17238c7d37f7bb54f61632cc6 64819d2b67c84697489945bcbebb587bdb08aedc 8ecf312a51fd23a6d2258191745ab900d7f393a4633515e0df6305cde42b1a3a Loading...

	geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6	4.0 kB	2023-03-07	2024-04-15
Pretty URL geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen633 Hash ea5cd057172e6bce5718f823cfcbb1bd 47ed4723d9da06b3c4aa26174dc2acf36480aeea c0a00439e0c82d42a9b64c694698665bd924252eb48e86b1c95a4d40dac471a4 Loading...

	geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6	116 kB	2023-03-10	2024-04-15
Pretty URL geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 05:13:11 Last Seen2024-04-15 15:07:48 Times Seen19 Hash 2c2b91e3049a168546c242f0d9a7fb33 3230b1e1d1008802b4533fcb6cec7d7c563fd9d9 7bac7c5324a8bc735dffb7099ba718192928d51c7a4a2c4d74bacc7a3410b00e Loading...

	geacompany.com/	493 B	2023-03-07	2024-04-19
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-19 15:34:18 Times Seen4258 Hash f73f3cc147a181d5955eaba113c1c122 07a5ef5a63d37a99d17986786d75bdcb3cda6409 5aab3a40376dc0dffe15b2882b50d298e6c877683a4f25ddfcf77fbd16d47b56 Loading...

	geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6	2.9 kB	2023-03-07	2024-04-17
Pretty URL geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:26:07 Last Seen2024-04-17 20:34:07 Times Seen658 Hash 9273afb5226060534f29e2efad7eaa80 3ae8aad16159330a39a83e1068273214a4eecd01 e31562bbd4b9f377eec9662b440b0c1262ff73f7e85c3a6e3639635e4516013f Loading...

	geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1	13 kB	2023-03-09	2024-04-18
Pretty URL geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 01:22:20 Last Seen2024-04-18 14:17:30 Times Seen2554 Hash f57435a927d422043befe66bd74f4d68 4a2f90016ca54d0938263c50b8995bf889f6278b f84293668b02b8c83c20c5c2cf51f8a5a64ac5a15d34be26c85382496b107700 Loading...

	geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1	19 kB	2023-03-07	2024-04-19
Pretty URL geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:08 Last Seen2024-04-19 12:23:33 Times Seen37994 Hash 32beb68a374e3aeac00abdf9e12b84ea b5d18aa625e8696dd9d07cd0869337717b211ae0 5aad5fbd4238981a9ff5e2772ff1353dfe1a801fb49542fe157418c1438f7782 Loading...

	geacompany.com/	128 B	2023-03-10	2024-01-08
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:23:06 Last Seen2024-01-08 12:52:07 Times Seen2 Hash 951fc9728e3aecb3fbf80c3d9d6f5d7d 43f6c509ef70c082437a89551a4bff82bf989960 5637276051c11f5e3a6f02389d70143e38a2c2da2d835f8494e724822fcee2d1 Loading...

	geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6	1.8 kB	2023-03-07	2024-04-15
Pretty URL geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:17 Last Seen2024-04-15 15:07:48 Times Seen805 Hash 6d1ef4ab8b112c1e2642e61424bd46b4 9fb2f893a18752e5123314c41c453636ec77e390 d1bbd7ecc1eb2490fa89949a1af779e82a0817587e19a8396936ed86e430550b Loading...

	geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6	1.5 kB	2023-03-08	2024-04-17
Pretty URL geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:33 Last Seen2024-04-17 20:34:07 Times Seen684 Hash 78a582571f88d7d9d7443423712e80b2 53b9b049da924b291c9bc7f988ebb46f6a9cc227 c24a7908e8bccfb36947de91ab342f33f1c966b31f50ed1fb83d9d8b3d579a1f Loading...

	geacompany.com/	656 B	2023-03-10	2023-03-10
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:23:06 Last Seen2023-03-10 06:23:06 Times Seen1 Hash c1e42db745f4dea25179374a04c9047a ecef753a100e6e45adfb4b395f3bd3c4d48f27e1 34825c666de85247d230aae1746460b795f2f9c8a227114c43a02af414a95479 Loading...

	geacompany.com/	1.9 kB	2023-03-10	2023-03-10
Pretty URL geacompany.com/ IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 06:23:06 Last Seen2023-03-10 06:23:06 Times Seen1 Hash e244b897f2ffc67aebd0464581dfb99d 53c447af17e56c05a5b1955f5f92a97da456d8be 8a150a95bd643c0a552f9fb0e56f684ac4a9c014626af51c334d28fc22b9b140 Loading...

	geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11	383 kB	2023-03-07	2024-04-19
Pretty URL geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:11 Last Seen2024-04-19 15:34:19 Times Seen723 Hash 71ce48ddf4cac7d8bce4c0f574c4b9ed f9ef3531d6e74249531971735f6d7ec8a30c7fcd 81ff08960b407fde4ee478cf9e8804ca6daf5491d65932f255e24babed80d14b Loading...

	geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2	21 kB	2023-03-08	2024-04-18
Pretty URL geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:46 Last Seen2024-04-18 13:42:00 Times Seen9796 Hash 034bd11ecaf6fb9240d905245e42e202 ff136c394ed95badfc0107fb98a890dcff642828 ca7154cdda62b535ceaba9ad2a2b2217ff49de94c069a2c4e89733f3f06b3651 Loading...

	geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2	12 kB	2023-03-08	2024-04-19
Pretty URL geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:23:32 Last Seen2024-04-19 16:36:11 Times Seen6583 Hash 88407dc30b83ffa7dd834fe4a35307b7 857a3a007e5ea8d88123bb47019606618e19eb77 6a0d53f68e013dac42a52a5264c5d28a12a06b6bc7cc1d63bc2d385558bd2dd7 Loading...

	geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6	20 kB	2023-03-08	2024-04-17
Pretty URL geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6 IP 185.65.123.230 ASN #201719 Teleklik d.o.o. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:34 Last Seen2024-04-17 20:34:07 Times Seen772 Hash 292bcdf90948053977b80f167878eb64 c22cf9127f7ac360c63d9787648498687d4fe26a 82705acbecdd84306ce33e08f576eca6a688896895e6e48d1c36a4071fcba14e Loading...

HTTP Transactions (73)

URL IP Response Size

geacompany.com/

185.65.123.230

301 Moved Permanently

162 B

URL HTTP/1.1
geacompany.com/
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 23 Dec 2022 10:35:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://geacompany.com/

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ad598540c6639aaaa344fb3ce4f3162f
b0b9f86d50de7dc23bdc7aee2f45d79a06165afc
4e9aaff330ce0c9c11f6bb8502fe21296b1845151bace75f73908a3194d5d0a1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4E9AAFF330CE0C9C11F6BB8502FE21296B1845151BACE75F73908A3194D5D0A1"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12975
Expires: Fri, 23 Dec 2022 14:11:17 GMT
Date: Fri, 23 Dec 2022 10:35:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ede732d48f2c32ad5e3b899bb4348df9
15fa12733818b3ae39f3022a715ed0f431b28242
446c9bf6bc38a43f5758f6f44f89ad76eff44eb8779cf7e62bbfeb002b298dee

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "446C9BF6BC38A43F5758F6F44F89AD76EFF44EB8779CF7E62BBFEB002B298DEE"
Last-Modified: Thu, 22 Dec 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9943
Expires: Fri, 23 Dec 2022 13:20:45 GMT
Date: Fri, 23 Dec 2022 10:35:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 23 Dec 2022 09:46:05 GMT
content-type: application/json
age: 2938
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
f7f0ad5c2841a345f98197c2f1e86f4d
84cbfd91934a8715baba4a2da46451f35597c99c
be30540f2e06a3565c9b38bdbb9691f707d692b196bdcef5d671708aa9609795

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE30540F2E06A3565C9B38BDBB9691F707D692B196BDCEF5D671708AA9609795"
Last-Modified: Thu, 22 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13379
Expires: Fri, 23 Dec 2022 14:18:02 GMT
Date: Fri, 23 Dec 2022 10:35:03 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wKok8ZO/ZpV95P1zMO9Xhd5onx04gF8hJCIF3gkniZotlrowTVpWJVCbzZU/HQrRjFqHflO3RaU=
x-amz-request-id: 2CQAY1E96E0XJMVA
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 23 Dec 2022 09:56:09 GMT
age: 2334
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:03 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
892d69d5f15439be46ceaa2d3ddf9dd1
e6b116d2b2d491fadf8d4cc7bf2f127c9bbeec83
8dd0b3cc708b05809a921cf8e6452d3457c2923afd38e5fded2e29a09fde68cc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8DD0B3CC708B05809A921CF8E6452D3457C2923AFD38E5FDED2E29A09FDE68CC"
Last-Modified: Fri, 23 Dec 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21598
Expires: Fri, 23 Dec 2022 16:35:01 GMT
Date: Fri, 23 Dec 2022 10:35:03 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Alert, ETag, Content-Type, Last-Modified, Cache-Control, Expires, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 23 Dec 2022 10:08:02 GMT
age: 1621
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
c615c937e6371bda0824b44af0c21c74
b097d69452bcc60085f563d094388185c26f0e7d
9f1194921b5d57dd52a217a47e69ad4cec7c08378c73c8dfccc3817119fcbb41

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3122
Cache-Control: max-age=170626
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:03 GMT
Etag: "63a56fa7-1d7"
Expires: Sun, 25 Dec 2022 09:58:49 GMT
Last-Modified: Fri, 23 Dec 2022 09:06:47 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

35.163.38.240

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.38.240:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 4us0qQIV9GWW3K3lUNR7DQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lap0Heo7TIGEh6PL87stAwoLGPU=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
b607f3e2facf61a8586563ae137d81eb
fc07f3f509b1a8f592efe951cc92bc07f307609d
68fef95cdc9deeb6a115e2869f3420a1e62dc7a64fd270f84c437bcc04642cd2

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

geacompany.com/wp-content/uploads/2021/12/icon2.png

185.65.123.230

200 OK

5.4 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/icon2.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 60 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
5.4 kB (5364 bytes)
Hash
7a298d6def33b342a2edc1c722f73182
26d8cfbb5d03db72f4c91f4a15f910cd8861ce84
fb464ab69d9d7e9d313fefdc4d9bd9e917eae4ac7d667d94d99dd52bed91c4e3

HTTP Headers

GET /wp-content/uploads/2021/12/icon2.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5364
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-14f4"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/icon1.png

185.65.123.230

200 OK

5.2 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/icon1.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 54 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5196 bytes)
Hash
8bce032225309205a30e74a34af5a9b7
12abaee3125a87f2183d3aca25cb2c7904c78c09
6746ebcb391d8cd29d3569ea8c47b1a1a49435f80635362d024446a30f574e04

HTTP Headers

GET /wp-content/uploads/2021/12/icon1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5196
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-144c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/logo.png

185.65.123.230

200 OK

17 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/logo.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 180 x 106, 8-bit/color RGBA, non-interlaced\012- data
Size
17 kB (17102 bytes)
Hash
ddd55853837c7544368081d4dd3cd7dd
fffe333e0eed8d2df044ed310161e8e1f3ecb434
7abd49558f3d41df4abe7cd4833c544359702dec1da4e4984abd7033616d3f01

HTTP Headers

GET /wp-content/uploads/2021/12/logo.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 17102
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-42ce"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/

185.65.123.230

200 OK

20 kB

URL HTTP/2
geacompany.com/
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (46458), with CRLF, LF line terminators
Size
20 kB (19813 bytes)
Hash
982fcfba84a25bee7b8339b366b0575e
3e4703e14ed0863eee0d2a28314cfcda6ea72344
2d24e33529ac1c477ef9e59c55ee2ebe63c0b2a3d044582b94de42f49d9b2bc9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-pingback: https://geacompany.com/xmlrpc.php
link: <https://geacompany.com/wp-json/>; rel="https://api.w.org/", <https://geacompany.com/wp-json/wp/v2/pages/41>; rel="alternate"; type="application/json", <https://geacompany.com/>; rel=shortlink
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.13, PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-includes/css/classic-themes.min.css?ver=1

185.65.123.230

200 OK

648 B

URL HTTP/2
geacompany.com/wp-includes/css/classic-themes.min.css?ver=1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text
Size
648 B (648 bytes)
Hash
4049be5d44ebf90bcfa5329b9d8a554d
9ac766b96e3f3728e6220e43df63871ccdeb2310
e9345c83fb8488609f74c3a274dbe641f2ddfe17a6107631140a9d3df7b7d78b

HTTP Headers

GET /wp-includes/css/classic-themes.min.css?ver=1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 02 Nov 2022 07:16:48 GMT
etag: W/"d9-5ec779fba8619"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap

142.250.74.106

200 OK

1.2 kB

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.2 kB (1195 bytes)
Hash
970b25ad57d03f0e9c7166dd3562923f
71611f2f651a399a2cfa44a55e1f61f1af582e65
b88319c83ca8f9d1387a8a8df893d5d28eeaa83db2e153ce49516066c3863258

HTTP Headers

GET /css?family=Source+Sans+Pro:400%7CViga:400%7CRoboto:400&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 10:35:04 GMT
date: Fri, 23 Dec 2022 10:35:04 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11939 bytes)
Hash
38cc82b5e5d8c2fee6f51021e156ec81
eafb4e029313caabcdbdc1002abcab95f66e91b1
b8cad011e1a98ee4e896f00263495aab7f9cab986736a7a5b4187b8e94c46493

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcdce5468-cf1b-4a55-968b-1aaa101e60d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11939
x-amzn-requestid: a00e5ab5-ad16-4576-b046-381e36456998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dkUhqE94oAMFu5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a4ce0a-28687ad51eea1f6f3ce8cc86;Sampled=0
x-amzn-remapped-date: Thu, 22 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uIDvI3BVK0v68x1jkgw9GB0U1i3l2kyW81q2Kiy3ZDREqQmyUTXCnQ==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 21:38:11 GMT
age: 46614
etag: "eafb4e029313caabcdbdc1002abcab95f66e91b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8732 bytes)
Hash
e49802d7e560d6e9b5d17111d531af4d
c2c523d207935363931aa17cd9aaabb9a48c28a0
255ac832533c579d57dac6adc330f83d39de222b3496277b2394afc15fe74535

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba282dd4-f1e4-4f5c-9a46-b6e71aa327de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8732
x-amzn-requestid: 25cbd9e6-ad97-4369-a02c-e740030b437c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: defNLECQIAMFiQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a278ba-4e1a2cd801c389584e320ffe;Sampled=0
x-amzn-remapped-date: Wed, 21 Dec 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qHW93j1deKtsnRU5YYgcKJEJJfWQrYE85yG_4y9M1ECrfLtaiSYxiA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 a3b5bb90516201e5ddd137696b7b0f50.cloudfront.net (CloudFront), 1.1 google
date: Fri, 23 Dec 2022 04:43:00 GMT
age: 21125
etag: "c2c523d207935363931aa17cd9aaabb9a48c28a0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9158 bytes)
Hash
1c618f418af677595dddd2e7ed9e6a1f
ef8fd938e82dec810c56e4497441c452012e5a22
677f7502d2a69e2bdfad9fa2329ce8c78b7e413b4d7bd9cb414a768e381819cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F83ec12d8-0f25-4455-b9fc-9581d059158b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9158
x-amzn-requestid: 2047fa50-737a-420b-8bcd-6ba2d79b60eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dOjrhHuiIAMF5JQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639c197c-0103d96966f2f8924b8c8a10;Sampled=0
x-amzn-remapped-date: Fri, 16 Dec 2022 07:08:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MAD0zRheKGRmq1aqcKD5oOfjQFY_8CeffvGAvwTxjhKihl6PqbzV8Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 22 Dec 2022 16:52:36 GMT
age: 63749
etag: "ef8fd938e82dec810c56e4497441c452012e5a22"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

geacompany.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1

185.65.123.230

200 OK

17 kB

URL HTTP/2
geacompany.com/wp-includes/css/dist/block-library/style.min.css?ver=6.1.1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (47826)
Size
17 kB (17094 bytes)
Hash
6dedabb101dc8f88765cf23e35083444
c6b6e93531f296312d894b8e13fdbef9bac0f655
577361f645362b0b9c6bf913b3a2f821112006b9ecec4a2908c8f3eaed9de509

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style.min.css?ver=6.1.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Wed, 16 Nov 2022 07:38:39 GMT
vary: Accept-Encoding
etag: W/"6374937f-172a9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0

185.65.123.230

200 OK

8.4 kB

URL HTTP/2
geacompany.com/wp-content/plugins/tablepress/css/build/default.css?ver=2.0
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
Unicode text, UTF-8 text, with very long lines (6059)
Size
8.4 kB (8353 bytes)
Hash
7d1b3644a5f0682403093336abde37e9
8de92fdf66e0d2531da32bc9f6f5b2bb332d20f0
acfc8b6d674b2afa76344ea4140034b932cd0a9493c591a4f42401cb551b9e02

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/tablepress/css/build/default.css?ver=2.0 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Fri, 23 Dec 2022 07:31:04 GMT
vary: Accept-Encoding
etag: W/"63a55938-17b6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10

185.65.123.230

200 OK

12 kB

URL HTTP/2
geacompany.com/wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with CRLF line terminators
Size
12 kB (11638 bytes)
Hash
e65bd150a388bffaac096f8a72c6031f
3c7c63bbaf70ed432f503dd0356966006be304bd
ecc81b41507c001628b8cc8ea43eace15b0d9f874753c4d32faf7dd04d2965cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/coming-soon-by-supsystic/css/supsystic-for-all-admin.css?ver=1.7.10 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Wed, 09 Nov 2022 07:21:18 GMT
etag: W/"2a7-5ed0480bb2b05"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/icon4-1.png

185.65.123.230

200 OK

5.2 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/icon4-1.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 56 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
5.2 kB (5249 bytes)
Hash
70da1cd9e66ee965c510f64f251caaad
b23ed7b822defcab4b640bccb13388ceec9a7fb8
02fc483a1201aaa58e80bee50f229c0c9a78bf4eb5c83af9ff71fae05f36caab

HTTP Headers

GET /wp-content/uploads/2021/12/icon4-1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 5249
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-1481"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/revslider/public/assets/assets/dummy.png

185.65.123.230

200 OK

68 B

URL HTTP/2
geacompany.com/wp-content/plugins/revslider/public/assets/assets/dummy.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 1 x 1, 8-bit gray+alpha, non-interlaced\012- data
Size
68 B (68 bytes)
Hash
2a637d3d825673c0e3462fa4ed9a1c5c
81668d396da22832d75a986407ff10035e0d5899
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/assets/dummy.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 68
x-accel-version: 0.01
last-modified: Fri, 04 Nov 2022 14:44:46 GMT
etag: "44-5eca61d70d845"
accept-ranges: bytes
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/icon3.png

185.65.123.230

200 OK

3.6 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/icon3.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 58 x 56, 8-bit/color RGBA, non-interlaced\012- data
Size
3.6 kB (3643 bytes)
Hash
a099b9e54186a018421984965ee92b54
b36eec3dff91d5b668a9b68aae06de47a87ad8af
c5df7b1845afa19d9a296f729a7c2a65a8abe4ee6029769ad206b803a6f0bd14

HTTP Headers

GET /wp-content/uploads/2021/12/icon3.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 3643
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-e3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/im3.jpg

185.65.123.230

200 OK

93 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/im3.jpg
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 780x630, components 3\012- data
Size
93 kB (92785 bytes)
Hash
4f2de7ceadeff4e4f10918e6e040a920
64f6fb1c0e82766b28c27be6443a918fdd5b9bc9
36db136862bf61304afd047ba11b3069c29583f39f613b7d2f504986b31b41ca

HTTP Headers

GET /wp-content/uploads/2021/12/im3.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 92785
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-16a71"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/im4.jpg

185.65.123.230

200 OK

118 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/im4.jpg
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 780x630, components 3\012- data
Size
118 kB (117764 bytes)
Hash
0e0ade1c7f8b9908e333f4171f66cb0e
59450621169958b7e43c4d88f98c5d4f8b2b40ea
48a4d46c0ea541610a74168e8c457012b4cf051e3dd09dc60f93b3e686946e3b

HTTP Headers

GET /wp-content/uploads/2021/12/im4.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 117764
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-1cc04"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/im2.jpg

185.65.123.230

200 OK

184 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/im2.jpg
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x630, components 3\012- data
Size
184 kB (184118 bytes)
Hash
da10e36b66e3f7ab8a93bf0443b93dbd
713ea67f082e6556861d94b74e9833083f3ef076
218e40a9ef43d2b82ac4ca122261ef8e8ca4f7199e14e8fd74ef4f2928773d91

HTTP Headers

GET /wp-content/uploads/2021/12/im2.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 184118
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-2cf36"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/im1.jpg

185.65.123.230

200 OK

136 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/im1.jpg
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 780x630, components 3\012- data
Size
136 kB (135972 bytes)
Hash
67aff2254570dae65d31f7c1b3666bec
83c6d13ea26d92ab061a448bc71f1e74a753cb15
c06bc13e54e0220695533d8cacdbb4bb819656c86098ac95211910d543174fed

HTTP Headers

GET /wp-content/uploads/2021/12/im1.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/jpeg
content-length: 135972
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-21324"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6

185.65.123.230

200 OK

1.0 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (1733)
Size
1.0 kB (1022 bytes)
Hash
f5e1479f34d765fece52bba8f965f3f7
24c7fda5f56037eb0ba553c32c01a674eca36874
ad17ee82c71139f266ad8e58715ade5c851e638a369ef3d92c39457b3ed27f7d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-727"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2022/01/home-poslovniprostori.png

185.65.123.230

200 OK

816 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2022/01/home-poslovniprostori.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 600 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size
816 kB (816522 bytes)
Hash
b6547f348dc544e949f4b92b43787dee
d09b8aa16e625746b066013723ef035ecaeabf1a
330695f1059e42461d58094e5a4e7d61abae800ff0f337884a0469e478f093ea

HTTP Headers

GET /wp-content/uploads/2022/01/home-poslovniprostori.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 816522
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-c758a"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6

185.65.123.230

200 OK

730 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (350)
Size
730 B (730 bytes)
Hash
b7759e9cb58134571cf8a62515adf031
0989121a39ad9ec1ca38d26dbd0d7f5bee0a1de9
bda324bb32e31accba1268b99e0ab3488c53b184a4c2aef9fcc013364638115c

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/debouncedresize.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
etag: W/"1d8-5f02cd1788bf1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/pic1.png

185.65.123.230

200 OK

890 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/pic1.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 796 x 1222, 8-bit/color RGBA, non-interlaced\012- data
Size
890 kB (890215 bytes)
Hash
bc33d21f2f2f396432455ac678d8569d
7358f2134183a435889c4a1dbc62c1785c811b82
ffdd8cbd016413204cdbccf54c3a67dcf03320dfd57cd762e7d9f2197dbf3ae6

HTTP Headers

GET /wp-content/uploads/2021/12/pic1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 890215
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-d9567"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6

185.65.123.230

200 OK

36 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/scripts.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text
Size
36 kB (35604 bytes)
Hash
92204b17ba24798fc8f7c38af04f69d6
520d629ab146aeb1ece809a1d57c94cc20437538
c551665a6b507b5d8a4bebb516d9b4c1991385901ccc76a56bf25144ee15fc85

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/scripts.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-1c6cd"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2022/01/home-gradnja.png

185.65.123.230

200 OK

1.1 MB

URL HTTP/2
geacompany.com/wp-content/uploads/2022/01/home-gradnja.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 600 x 1000, 8-bit/color RGB, non-interlaced\012- data
Size
1.1 MB (1116728 bytes)
Hash
7cb8279fc9ddb8930250f80fad805a66
1d073cbb0d47750321dfb89893b59c1d2a792eb3
08472ca863c2ddbe9b11c4f21c24c838581acd0411935aaff9e80bc8747a3afa

HTTP Headers

GET /wp-content/uploads/2022/01/home-gradnja.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 1116728
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-110a38"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6

185.65.123.230

200 OK

13 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (480)
Size
13 kB (12915 bytes)
Hash
a7715b8a54eeddb1c1df7cb58f7710f3
feb51849998c757fbeea949b3753fc3b3e487628
3d15c6966ab387300790357ea444471f3447f5a2cba71a022377ab1cdb4004f7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/visible.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
etag: W/"260-5f02cd1788bf1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2019/11/itservice3-sectionbg1.png

185.65.123.230

200 OK

3.7 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2019/11/itservice3-sectionbg1.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 351 x 716, 4-bit colormap, non-interlaced\012- data
Size
3.7 kB (3741 bytes)
Hash
c575f89de67d46516fe02683bed7aaa0
e2a8aa4f51647183837ecf393c30af8c43b7b7f4
6a760f9db935bface855e679a62b75a61c4e4ba366410a79ea9430cfe48a972d

HTTP Headers

GET /wp-content/uploads/2019/11/itservice3-sectionbg1.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: image/png
content-length: 3741
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-e9d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2

142.250.74.35

200 OK

12 kB

URL HTTP/2
fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 11724, version 1.0\012- data
Size
12 kB (11724 bytes)
Hash
e65a22778da0d148c4b2e5622381eeb5
1588442e1a3df4b766c986312e8feb13ef075088
51b92baed544da51ed74076ee2a3b3e8a4fb231ddf6647195723ef16fa430291

HTTP Headers

GET /s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwmRduz8A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 11724
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Dec 2022 20:46:58 GMT
expires: Thu, 21 Dec 2023 20:46:58 GMT
cache-control: public, max-age=31536000
age: 136087
last-modified: Wed, 27 Apr 2022 16:50:36 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507

185.65.123.230

200 OK

81 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/fonts/mfn/icons.woff?31690507
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
Web Open Font Format, TrueType, length 81448, version 1.0\012- data
Size
81 kB (81448 bytes)
Hash
743706216bfe3fc0728d0bd15313ac92
d923ae95df3ea7676e8dc34f4de04abf2eefaaab
559a910060423ed485ddc062a9ab5318859bbfde26be3f73d9b83ac0b9dae677

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/fonts/mfn/icons.woff?31690507 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/font-woff
content-length: 81448
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
etag: "63a04e36-13e28"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1

185.65.123.230

200 OK

16 kB

URL HTTP/2
geacompany.com/wp-includes/js/wp-emoji-release.min.js?ver=6.1.1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (15660)
Size
16 kB (16375 bytes)
Hash
2782b8e50cea87e2c580bd8ebfe3f6c4
0cbbbd9c61377e0b6416a95a571c0aaa9c560baf
9b938c1290ca8deafa1dcce00d5571f57fee2c03bc623602d72c4ec9446d0c14

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=6.1.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:58 GMT
vary: Accept-Encoding
etag: W/"6365256a-48b9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6

185.65.123.230

200 OK

14 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text
Size
14 kB (14118 bytes)
Hash
3d0ec0d6dbb1f1374f9228df6d2fa3c2
353b4655972f7e64dc702300df73e5259cdf00d1
42f3354128406dcdd47d09ca5eff76cb0e346048248c18fdd5298181c887f09d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/parallax/translate3d.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-f7b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2

142.250.74.35

200 OK

8.3 kB

URL HTTP/2
fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 8304, version 1.0\012- data
Size
8.3 kB (8304 bytes)
Hash
ade2e370baebe9b14fa66de1e45b729b
378405ba0b82d95746bd288d5d8cdba2c3758ed3
b83a28cd21fd878a7208f77646f29f836f9a97371a913b696b7a093a1bfb68e1

HTTP Headers

GET /s/viga/v14/xMQbuFFdSaiXzQUpDg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8304
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 22 Dec 2022 01:29:47 GMT
expires: Fri, 22 Dec 2023 01:29:47 GMT
cache-control: public, max-age=31536000
age: 119118
last-modified: Wed, 27 Apr 2022 15:50:53 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2

142.250.74.35

200 OK

2.1 kB

URL HTTP/2
fonts.gstatic.com/s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 2096, version 1.0\012- data
Size
2.1 kB (2096 bytes)
Hash
dc42cc5f8197ca290d71f248db0979df
ad731d182f39be049241f918d9b4aa9e651d9950
264ec6687846027537f2f81ca3c6fcd72059d43102c1664430738f7b9d430f63

HTTP Headers

GET /s/viga/v14/xMQbuFFdSaiXzQspDre2.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://geacompany.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 2096
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 20 Dec 2022 21:52:06 GMT
expires: Wed, 20 Dec 2023 21:52:06 GMT
cache-control: public, max-age=31536000
age: 218579
last-modified: Wed, 27 Apr 2022 16:47:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6

185.65.123.230

200 OK

69 kB

URL HTTP/2
geacompany.com/wp-content/themes/betheme/css/be.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
ASCII text, with very long lines (464)
Size
69 kB (68559 bytes)
Hash
0252e467c3085721f0596dd0c7225d24
1caf1da807b6e01741c7c4b1058aef8c2a35dfb1
db0ddd1fc86d04c72e4e5166404200c1f412b48d66eba518f08e59e30643c3cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/css/be.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-64ec2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
3d77c09bf616349faed27b1cd007b770
e3000238d463d88fdcf7625d6582eb86ce5a4021
8b0c929abbabdcd9d196792cf0789feddb6fbd98e9bb3c96c1bb6f473f28727a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 23 Dec 2022 10:35:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

geacompany.com/wp-content/uploads/2021/12/icon.png

185.65.123.230

200 OK

2.8 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/icon.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.8 kB (2822 bytes)
Hash
1d7b282e9b484af0715f3ba63740f9cc
5748765a8f9bd0eb8865bcdf303332da0615a576
cebc19924976d8feb925675f60858e87ae1ba7128b0666ab7f403fb1b7eed2e9

HTTP Headers

GET /wp-content/uploads/2021/12/icon.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: image/png
content-length: 2822
last-modified: Fri, 04 Nov 2022 14:44:49 GMT
etag: "63652561-b06"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2021/12/rsl1.jpg

185.65.123.230

200 OK

183 kB

URL HTTP/2
geacompany.com/wp-content/uploads/2021/12/rsl1.jpg
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4], baseline, precision 8, 1920x900, components 3\012- data
Size
183 kB (182843 bytes)
Hash
41d5d42d76fa274d105f02b8dc687f55
d99e20d0a200c143c4b2d2bb94bc95810538bc21
84101359cc9c536df0a321dd706d184137ac8601b91bff1ed6f38ba7c5854e9e

HTTP Headers

GET /wp-content/uploads/2021/12/rsl1.jpg HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:06 GMT
content-type: image/jpeg
content-length: 182843
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-2ca3b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/tabs.min.js?ver=1.13.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-2ea1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/betheme/fonts/fontawesome/fontawesome.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-ed1d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/betheme/css/skins/blue/style.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-41c2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.7.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 07:06:21 GMT
vary: Accept-Encoding
etag: W/"639d6a6d-316c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:58 GMT
vary: Accept-Encoding
etag: W/"6365256a-2bd8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/css/responsive.css?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/css/responsive.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/betheme/css/responsive.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-fe01"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/css/jplayer.blue.monday.min.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-25ef"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/js/jquery/ui/core.min.js?ver=1.13.2 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-53c0"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rbtools.min.js?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-1e4e6"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/menu.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/menu.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-b2b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/magnificpopup.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-4f10"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2022/02/home-garaze.png

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/uploads/2022/02/home-garaze.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2022/02/home-garaze.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 302735
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-49e8f"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1

142.250.74.106

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Source+Sans+Pro%3A1%2C300%2C400%2C400italic%2C500%2C700%2C700italic&display=swap&ver=6.1.1 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 23 Dec 2022 10:35:04 GMT
date: Fri, 23 Dec 2022 10:35:04 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/css/rs6.css?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: text/css
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-e197"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.7.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Sat, 17 Dec 2022 07:06:21 GMT
vary: Accept-Encoding
etag: W/"639d6a6d-2945"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/betheme/assets/jplayer/jplayer.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-cd61"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/2022/01/home-stanovi.png

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/uploads/2022/01/home-stanovi.png
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/uploads/2022/01/home-stanovi.png HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: image/png
content-length: 577218
last-modified: Fri, 04 Nov 2022 14:44:50 GMT
etag: "63652562-8cec2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2

geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.1
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-includes/js/jquery/jquery.min.js?ver=3.6.1 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:45:36 GMT
vary: Accept-Encoding
etag: W/"63652590-15e54"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/betheme/js/plugins/enllax.min.js?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Mon, 19 Dec 2022 11:42:47 GMT
vary: Accept-Encoding
etag: W/"63a04e37-604"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/uploads/betheme/css/post-41.css?ver=1671791704

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/uploads/betheme/css/post-41.css?ver=1671791704
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/betheme/css/post-41.css?ver=1671791704 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
vary: Accept-Encoding
x-accel-version: 0.01
last-modified: Fri, 04 Nov 2022 14:44:55 GMT
etag: W/"4b-5eca61dfa9af3"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/plugins/revslider/public/assets/js/rs6.min.js?ver=6.5.11 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:05 GMT
content-type: application/javascript
last-modified: Fri, 04 Nov 2022 14:44:47 GMT
vary: Accept-Encoding
etag: W/"6365255f-5d7d8"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6

185.65.123.230

200 OK

0 B

URL HTTP/2
geacompany.com/wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6
IP
185.65.123.230:0
ASN
#201719 Teleklik d.o.o.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /wp-content/themes/betheme/assets/animations/animations.min.css?ver=26.6.6 HTTP/1.1
Host: geacompany.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://geacompany.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 23 Dec 2022 10:35:04 GMT
content-type: text/css
last-modified: Mon, 19 Dec 2022 11:42:46 GMT
vary: Accept-Encoding
etag: W/"63a04e36-e83d"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (24)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations