Report - almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft

Report Overview

Submitted URL
almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
IP
50.87.222.231
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-03-21 08:24:13
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-26T05:10:41Z	4.1 kB	8.4 kB	216.58.211.3
www.google-analytics.com	40	2012-10-03T03:04:21Z	2023-03-26T06:13:06Z	368 B	21 kB	142.250.74.78
www.google.com	7	2015-05-10T13:11:19Z	2023-03-25T21:05:45Z	1.0 kB	1.2 kB	142.250.74.164
www.fontstatic.com	234479	2014-12-06T23:20:30Z	2023-03-25T14:34:07Z	383 B	650 B	104.21.28.204
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-25T18:14:26Z	782 B	2.4 kB	35.241.9.150
almandb.net	unknown	2020-12-22T18:38:38Z	2023-03-25T06:36:07Z	18 kB	483 kB	50.87.222.231
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-26T05:10:29Z	606 B	127 B	44.230.4.151
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-26T05:09:08Z	3.2 kB	56 kB	34.120.237.76
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-26T05:11:12Z	413 B	5.9 kB	34.160.144.191
stats.g.doubleclick.net	96	2013-06-10T22:21:11Z	2023-03-26T06:32:39Z	1.2 kB	1.2 kB	209.85.233.155
region1.google-analytics.com	unknown	2022-03-17T12:26:33Z	2023-03-26T05:15:01Z	1.1 kB	442 B	216.239.34.36
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-25T18:12:03Z	3.4 kB	8.9 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-26T05:11:59Z	333 B	391 B	34.117.237.239
www.googletagmanager.com	75	2013-05-22T04:07:37Z	2023-03-26T05:35:01Z	760 B	124 kB	142.250.74.168
www.google.no	25607	2016-04-05T21:50:59Z	2023-03-25T18:49:55Z	1.0 kB	1.2 kB	142.250.74.163

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-03-21	medium	almandb.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.9.5	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10	Phishing
2023-03-21	medium	almandb.net/wp-content/uploads/2021/02/al-mandb-small-size.webp	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4	Phishing
2023-03-21	medium	almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js	Phishing
2023-03-21	medium	almandb.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (18)

	URL	Size	First Seen	Last Seen
	www.googletagmanager.com/gtag/js?id=G-BFEL7EGRVS	222 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=G-BFEL7EGRVS IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:50:20 Last Seen2023-03-26 12:50:20 Times Seen1 Hash 299ff5f18ade93d4a84cfd82329ccfa6 51733df76a625b05a04c9ec917e07c5de5d8d6e6 b261308cf00e8d35a013a00acf00212daa19b3a4826fb554edeb04a9c494e369 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-12	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.78 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 21:46:21 Last Seen2024-04-15 18:54:35 Times Seen35101 Hash 54e51056211dda674100cc5b323a58ad 26dc5034cb6c7f3bbe061edd37c7fc6006cb835b 5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de Loading...

	almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js	13 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen13 Hash 55d6fd9676936de6e9db03e91b89db37 70a03e2d5c0fdd257a4c123285a235bf773ce1a9 2343f70ac5ef80baad861439375d3a19e1eceb1184be8341c57e9b26f3d1a326 Loading...

	almandb.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10	19 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen13 Hash 6bfa681d656a9be0c59ea66a11c7d8a2 13f9598fcc049541fda698c9677a26c6a7855ab0 4ff9baff9170702ac75ca76371053049c3fb35bc083cb64033a255ec2879ede5 Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	1.1 kB	2023-03-08	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:07 Last Seen2023-03-26 13:07:10 Times Seen14 Hash 727b0cbb09369bb25e9a00afc580b689 7e735dae26b38f5c6cc57bbd7913a5f882b2453f 32c589604eb5c7588092b9d27dfa0fb22f8a34e2669fc3ad7e15f75c5364407d Loading...

	almandb.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5	20 kB	2023-03-07	2023-12-25
Pretty URL almandb.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:41:19 Last Seen2023-12-25 02:54:41 Times Seen25 Hash 76f953a20523a235b2645a7a051e5c0e a971a02af694b9e57deeaac0e7be15ecc30d876e 137fa7f5dbd4930a4500dc95dd92fd5592bf9fae94d05438c26007110e1c62ff Loading...

	almandb.net/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10	7.8 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:05:57 Times Seen12 Hash a89e14880e3c2262080b255fde2dd024 32e8c476e1f0985fd90edfb42b5f6a73cd1c360e 789ef2ccc2d7ac1277203c1705f92b95e67b27031cad2679806f8d1d5cfba3b4 Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 00:37:22 Times Seen37051328 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	125 B	2023-03-08	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:07 Last Seen2023-03-26 13:07:10 Times Seen14 Hash 8a724ec3c474d89e8b51475ab6ca11fe d75ae1d900f298f39497b46f647986dcbd3148f9 184ee8fa4ee9e283e6189549c80ef58a83f79f3f6dc3981627fe874c11ed1ab1 Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	4.4 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen13 Hash f2fe1a3c327200b16d52dbce0ac768e2 04863bd8f11bda84d2277d6be10c60dbee353877 7714ffa46dd585bdb7622bb67d48b46732d18ebda4c757cee0e66652b0a77c3a Loading...

	almandb.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10	84 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen12 Hash d6ab0c451f055f1464cbe64ec41ff501 9ad34aa3fd30bc5e09cb7bad758752b1b4c457f1 70dfc41fe6d2f96b0b44129436a7b8307fb1f3e6214e32ee3e7dfcbb95b54ae5 Loading...

	almandb.net/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10	17 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen12 Hash 6e106d924eaeb15b2e70fc33f353ba2f e1c77a0a2d16ee51ed82c552def08c26d5fb766d 4298e0b6992a199843c7546fa679acefda321635898f8c590f1da73bc2873309 Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	217 B	2023-03-08	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:07 Last Seen2023-03-26 13:07:10 Times Seen14 Hash d41645ee3a4811122b3d4305eb98b167 80964e1de8282ea398584297c8c89439206033fd 71c48037b2f840051e55838de8dab97f5522b1c315a4771f03f4b0a08db0e874 Loading...

	www.googletagmanager.com/gtag/js?id=UA-186128723-1	115 kB	2023-03-26	2023-03-26
Pretty URL www.googletagmanager.com/gtag/js?id=UA-186128723-1 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 12:50:21 Last Seen2023-03-26 12:50:21 Times Seen1 Hash 6969211775b039f10377172aaecc708a 8b1b2591ee02bd0f80f0eb3f54f318b6555b8036 7dbaf9d092587c094cf9ad01b42685f85e7372f969e135e211dea9c57efe4b74 Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	155 B	2023-03-08	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:07 Last Seen2023-03-26 13:07:10 Times Seen14 Hash 6c004f2c656f75815413f9726cdf91ee 843e4e298fdba89dab6d4f0d4efc9b17fa346152 17a0a55b6f9a9eb9d22f981883ff539bfe5118c0c79746fc5d2208610a3085bb Loading...

	almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft	440 B	2023-03-08	2023-03-26
Pretty URL almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:46:07 Last Seen2023-03-26 13:07:10 Times Seen14 Hash f8a738eb2317c71aaa0cb0b1578ec035 fb8401f96f4036e17a1312ca0303f99ef59863e0 1e1fed8013395f3b9b1a62108d983c82af64f8c78f6a07c4d01c3e2968022cae Loading...

	almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js	88 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen13 Hash 34862e747fc64abac99334981e42e102 fb104b9dec7ee44ba056cd4353296af212beb07b 32440290a5ff02dda7d611784675994682f126297aae9119145905bf7fe1115a Loading...

	almandb.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10	25 kB	2023-03-26	2023-03-26
Pretty URL almandb.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 IP 50.87.222.231 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-26 11:41:11 Last Seen2023-03-26 13:07:10 Times Seen13 Hash f2c8903d47b1e288b2e274ac214e0a2d 2283655cae64c84e31785877735bcbd534c4ca55 3e07496b57ca8f8353aa4e91f7e743a2bcfbc9a87558f8a2e73e137806755832 Loading...

HTTP Transactions (73)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3603
Expires: Tue, 21 Mar 2023 09:24:05 GMT
Date: Tue, 21 Mar 2023 08:24:02 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11053
Expires: Tue, 21 Mar 2023 11:28:15 GMT
Date: Tue, 21 Mar 2023 08:24:02 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 08:14:57 GMT
content-type: application/json
age: 545
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5900
Expires: Tue, 21 Mar 2023 10:02:22 GMT
Date: Tue, 21 Mar 2023 08:24:02 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: +gciQqFswnkVD1+2U4CZUs+0Xr3/gC8a4s9KcvobG51xXR6ph27wdd2ObCEZmOATj2lw01wKTsM=
x-amz-request-id: 8A5NMTAB2QS51M3G
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 07:53:06 GMT
age: 1856
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 08:24:02 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft

50.87.222.231

301 Moved Permanently

442 B

URL HTTP/1.1
almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
442 B (442 bytes)
Hash
5c17f1fd9a244e167ee8d0a3ad04ef3f
da2af1877add48d277bee30668259948d58220cc
ebca57f7579093fb523abd264ba89688419db00c255d6bf593ff1b012ca55bec

HTTP Headers

GET /s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 21 Mar 2023 08:24:02 GMT
Server: Apache
Location: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Content-Length: 442
Keep-Alive: timeout=5, max=75
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 08:17:22 GMT
age: 401
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3f52f78207111d1509e934044b4c0f1e
d7540bacd7cd6ea6a4cc5fdaba964ee3a63e4584
c56a7a112dc7b9e5c4758630b569a140b481ff0c6be2ff75efbd957c16d5a31c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C56A7A112DC7B9E5C4758630B569A140B481FF0C6BE2FF75EFBD957C16D5A31C"
Last-Modified: Tue, 21 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11186
Expires: Tue, 21 Mar 2023 11:30:29 GMT
Date: Tue, 21 Mar 2023 08:24:03 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4c195a3fc0c2abb831630cef1dcfa770
eda338de3063640556177b9db364c33193d7f6dc
c22eb0537cd79666b82fe61dd77fe9b0b3c059a4c65d405412acfc2c6800b444

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C22EB0537CD79666B82FE61DD77FE9B0B3C059A4C65D405412ACFC2C6800B444"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4617
Expires: Tue, 21 Mar 2023 09:41:00 GMT
Date: Tue, 21 Mar 2023 08:24:03 GMT
Connection: keep-alive

push.services.mozilla.com/

44.230.4.151

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.230.4.151:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: QN/g9W5vj51rpN7/RlBH0w==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SXBjloZZELjssJBmh0Jb+LaKydk=

50.87.222.231

404 Not Found

15 kB

URL HTTP/2
almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (9439), with CRLF, LF line terminators
Size
15 kB (15219 bytes)
Hash
b05a5c767184d25cc8ad7cc2558028f8
d45ecdd0ce5d3c0adb323219048eb88c98af14f8
03c3f6acb22f525a047f71b7ab05d2523274aa5058e1c7414c7e1cc45150044c

HTTP Headers

GET /s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 404 Not Found
date: Tue, 21 Mar 2023 08:23:56 GMT
server: nginx/1.21.6
content-type: text/html; charset=UTF-8
content-length: 15219
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
link: <https://almandb.net/wp-json/>; rel="https://api.w.org/"
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=UA-186128723-1

142.250.74.168

200 OK

45 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=UA-186128723-1
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (2206)
Size
45 kB (44674 bytes)
Hash
05e264aa6dc1082a136f8d45a927346c
bcd0274f545e7d84772d8f3808228c180b86b2be
f398bc53242b2c61fc8df3087649a1584b28f00a2455baa6ddaff1387403f20c

HTTP Headers

GET /gtag/js?id=UA-186128723-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 08:24:04 GMT
expires: Tue, 21 Mar 2023 08:24:04 GMT
cache-control: private, max-age=900
last-modified: Tue, 21 Mar 2023 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44674
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
8252dadd968ec1f294252ff1328a1f08
8612446f27ae9ce296270c969845a784dcc7569b
84717d4c360be2750d3e28827fa865c9616395cd3463ac03245b57baa8887e35

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:04 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtag/js?id=G-BFEL7EGRVS

142.250.74.168

200 OK

78 kB

URL HTTP/2
www.googletagmanager.com/gtag/js?id=G-BFEL7EGRVS
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (19390)
Size
78 kB (78082 bytes)
Hash
f3fa7ba7213fd68f6a117d5c9b131f36
7962e0d81799e08e8ca097c337729fc7b79b71ee
e342ec0d065fc0a42b659c478527f27a6a5f99de907e5ce800bfbd29ab3510ea

HTTP Headers

GET /gtag/js?id=G-BFEL7EGRVS HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 21 Mar 2023 08:24:04 GMT
expires: Tue, 21 Mar 2023 08:24:04 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 78082
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

almandb.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.9.5

50.87.222.231

200 OK

16 kB

URL HTTP/2
almandb.net/wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.9.5
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (65536), with no line terminators
Size
16 kB (16006 bytes)
Hash
8366bb4e25057d4f25bcc15417dc6e4d
10673739ab17a7a0e68e414bf7c8174db2d6134a
8d2f8e1a5c7abcbbaa705d52c6caccb2404227f2cce754e4db25809341ebbeb9

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/css/dist/block-library/style-rtl.min.css?ver=5.9.5 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 22:11:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 16006
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10

50.87.222.231

200 OK

4.1 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15223)
Size
4.1 kB (4122 bytes)
Hash
93f8017b14a7ef3dacc4e452c36be763
ee8caeacb1055f2232ee2cda54f0dae46ef2ab3a
d2221aaf0e2cf5db6fffc4f25f4a77879b977dac99361af123244053c10299b3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 4122
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10

50.87.222.231

200 OK

12 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (41903)
Size
12 kB (12179 bytes)
Hash
34101900c4f1aeed27aa291f916062b3
85820cfea12b720a09fc036489416b184ec17972
010473dd2f938e3aadfb08256e630e61c2148c85c387a96e484b87a5a043d532

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/base.min.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12179
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10

50.87.222.231

200 OK

14 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (54141)
Size
14 kB (13590 bytes)
Hash
da7d1da09a620897301baf96a791eff3
d116214b5068e36f0d3db9af549d3edfa259dbf5
d4648cd45875bda96283d4bb03c45b60470462aded41bdc0a4390ade62d97fd5

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/widgets.min.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 13590
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10

50.87.222.231

200 OK

12 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (58661)
Size
12 kB (12516 bytes)
Hash
0913411c20bb983546f234d4685b40be
52b1104571de6fe046f0b76fece038bb06f7dcd4
1342814f0b2a66024a055e2037caab0bac8bdefe26a194d4a2605f13ab4cdc5f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/fontawesome.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 12516
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10

50.87.222.231

200 OK

2.9 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4924), with CRLF line terminators
Size
2.9 kB (2924 bytes)
Hash
d61bba00dd3be63bcd2d8bd083618557
153df67160fd9cd380743f12a008ced686c61881
f34507581b6c2931c9038810f0d2ac09223d072d95998f4a6845dd0a57548604

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/ilightbox/light-skin/skin.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 2924
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/css/styles-rtl.css?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:04 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4677
Expires: Tue, 21 Mar 2023 09:42:01 GMT
Date: Tue, 21 Mar 2023 08:24:04 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8195 bytes)
Hash
2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hZeMhs-Z5fNn0pvRUSkNcGau_K6EG9EQtDktbLUth0uEveafUgCxeQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 85ee490c179dc0af42b771f11421073e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:07:00 GMT
age: 37024
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.1 kB (9062 bytes)
Hash
25023a307b323b4565ee2560c9f16ed1
e8becaaf74fcda8fe5187f589b3cf2f3fa870d93
9f976686d5a33122af889ede6456ed86c0dac867448cc3d81aaac45dfe5e946d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F21a85835-c7c4-48a2-afb8-600f570f7ef8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9062
x-amzn-requestid: d24fccfa-439a-4bcf-a984-456cb90b0bb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ByllJFJlIAMFZ1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6410e953-05321b2649fdc7a838e1b49a;Sampled=0
x-amzn-remapped-date: Tue, 14 Mar 2023 21:38:27 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: veRZaSgr0vSCPERll8DuDLjQVFx-dM9BIRLKAiVuiZbySy5UYyVfxA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 03:32:14 GMT
age: 17510
etag: "e8becaaf74fcda8fe5187f589b3cf2f3fa870d93"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13522 bytes)
Hash
97a37cecfd90072794d657e2074620cb
34c456db4f8b0bd7e3affe31a7cf02e4596a8188
889d4f26715418088c8747251ee068dfdb5c8d5024b1d43862012cb31acf9650

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c5536c4-c443-404a-b2e5-48f229253ca8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13522
x-amzn-requestid: d39593de-64b8-44f6-9160-7aa61c26ed88
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI8E-YoAMFm4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-7ad0b7e7747de71b5f751226;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: h2u_sdWiqNN_tsFGKEGI1VvDWOVL9DwWbbi-MCemYMikc34WHt3qAg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 9825a45e2b387a61504c0c3df20048ee.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:45:17 GMT
age: 38327
etag: "34c456db4f8b0bd7e3affe31a7cf02e4596a8188"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4712 bytes)
Hash
d0e5cb0b321323913460ba1efd6b7b63
701eb0eb86c6673bbb6e85cf933bea53187b6048
150d0e93b808b222fcb4b58f0f4a78a403517b84461cb3029fc71c30930bb11b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0e5e49ed-9ec4-4b75-b7ba-3c4c213d5d27.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4712
x-amzn-requestid: 3c0b3a28-a1a9-4ba0-94ad-29156c2d83c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B9yGEE8SIAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641563c0-1937b8bc1e42142720eddd7b;Sampled=0
x-amzn-remapped-date: Sat, 18 Mar 2023 07:09:52 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: AiPPel5fJZ56l-XoDAdJnwrcvrSU1bIO6365983POkVVXhlCnSK7Yg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5292c0d5844327feadb38f1efe42ebc6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 13:26:29 GMT
age: 68255
etag: "701eb0eb86c6673bbb6e85cf933bea53187b6048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70f478f5-dd81-4fcb-a03b-ac51035145db.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7949 bytes)
Hash
01dce111a114c023773678c1ec6cba61
666d47c4e5415edbc489a3117b2f054129784ade
0a3d5ef914a64a3356ef8c08b9ab7be43ab335213966878c867ff1317de8bb36

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F70f478f5-dd81-4fcb-a03b-ac51035145db.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7949
x-amzn-requestid: 5c950a43-5210-4cf2-9491-b4b832f89b8e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: B6e1jHDhIAMFYEw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641411bc-0ac0201f46a7a49c32970994;Sampled=0
x-amzn-remapped-date: Fri, 17 Mar 2023 07:07:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OdX7fyUWm70y1Hkk38d27SP8Bak3cN21l7YXNWqrLJsuw098oDO4-A==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 3236f234d59c0fda99b416088c283260.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 08:12:41 GMT
age: 683
etag: "666d47c4e5415edbc489a3117b2f054129784ade"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.5 kB (6511 bytes)
Hash
4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: sTt0-W1XE7yUFGFXg2nPnKw5tKKkrw-cH_TCIbQy8JL-k0QtCNZS8w==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 7545e37b10b5fcf5e3df98185c85194a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:52:08 GMT
age: 37916
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

almandb.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5

50.87.222.231

200 OK

6.5 kB

URL HTTP/2
almandb.net/wp-includes/js/wp-emoji-release.min.js?ver=5.9.5
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (15224)
Size
6.5 kB (6463 bytes)
Hash
7db5dc9db1fa6e02620a2b03911a3ce2
504caa5becab04e21a2c340e03fc0bde3ace4e93
80db90bea2905983204fc2b63ab40201879ab75dc0aa3535681064ae98b7d496

HTTP Headers

GET /wp-includes/js/wp-emoji-release.min.js?ver=5.9.5 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 22:11:18 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6463
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10

50.87.222.231

200 OK

10 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with very long lines (22472)
Size
10 kB (10119 bytes)
Hash
89fd53cd499df1304351218fc5124f4b
58d38cd626d0348c33b3a5e0a4ad21c4f083624f
6867270fdccd12c5d4a1705a5db35b64d3c4e396be8e27959d30c7d927ea1543

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/js/scripts.min.js?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10119
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10

50.87.222.231

200 OK

3.3 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (4969)
Size
3.3 kB (3292 bytes)
Hash
21682a7cffc26a67747928ec56000f5f
ed1a5c11484b41e95bc98e93f1d5c9bfeac397de
54407aadcf5d41491e9e1055c5e71363c633bcb59b4d6402d724c0dd027ae164

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/js/br-news.js?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 3292
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10

50.87.222.231

200 OK

7.0 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (13532)
Size
7.0 kB (6979 bytes)
Hash
7ed90ba7cb4b3e6680ededdc0da02a86
c7f401d3dda5c24eab57529336d88c4d100d37aa
077b65320a6f0da6e09a72f18c5a801afd0d0c9b0d806a283db5fc20a600192a

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/js/live-search.js?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 6979
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/uploads/2022/09/IMG-20220904-WA0072.jpg

50.87.222.231

200 OK

12 kB

URL HTTP/2
almandb.net/wp-content/uploads/2022/09/IMG-20220904-WA0072.jpg
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 454x140, components 3\012- data
Size
12 kB (12398 bytes)
Hash
65c9bf135a0a198b3e663f1d2c28a511
db05df0363f1529f4bcbf0757881c664ce766ac4
0d72f1080a7a00809bbc859f433e13182f514c1af333919ebe0b12dba78c8db0

HTTP Headers

GET /wp-content/uploads/2022/09/IMG-20220904-WA0072.jpg HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 04 Sep 2022 15:23:26 GMT
accept-ranges: bytes
content-length: 12398
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/jpeg
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js

50.87.222.231

200 OK

5.7 kB

URL HTTP/2
almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (10918)
Size
5.7 kB (5678 bytes)
Hash
f7e411112d5a4a4162b0baeea2901376
648ff8fd3d4385915233b9ce5e5daee21fa63ccf
7092740751bdc8c8187cfbc3563a66858c6e887ce39082a29a04053f2575da75

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jquery-manager/assets/js/jquery-migrate-3.3.0.min.js HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 09:27:49 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 5678
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/rtl.css

50.87.222.231

200 OK

10 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/rtl.css
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
10 kB (10052 bytes)
Hash
9eb5f5c7281cc9a25c47ba441241db79
aae07e8d502bf5de74162c97503b03507b51edbf
a371571fabd380a79dde231ff4b7c865488d289603dc7e3076f717bc0594fc23

HTTP Headers

GET /wp-content/themes/jannah/rtl.css HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 10052
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10

50.87.222.231

200 OK

7.6 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (16791)
Size
7.6 kB (7602 bytes)
Hash
f4d82c98aacda62210d1360dc52c0c92
aaba982815f9dc8636e94f5ac574f7165242aedd
e2f09680cd3077493438cbc32a8c7a19bdbab992176ae4cc2eb7d770b99af6ee

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/js/desktop.min.js?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-length: 7602
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10

50.87.222.231

200 OK

80 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
data
Size
80 kB (80108 bytes)
Hash
c113fe659544385634219f98aefa9f9c
a9d659b9f267add43871bdfe0303a3f9f63022f9
0e484113ba342f8cee863e4c8b3df3d631521049e69aa654b5f5d30605aa526f

HTTP Headers

GET /wp-content/themes/jannah/assets/ilightbox/lightbox.js?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/uploads/2021/02/al-mandb-small-size.webp

50.87.222.231

200 OK

136 kB

URL HTTP/2
almandb.net/wp-content/uploads/2021/02/al-mandb-small-size.webp
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
RIFF (little-endian) data, Web/P image\012- data
Size
136 kB (136544 bytes)
Hash
3a48c0be741e22fffc851042b34bdaef
f0b15224dc618c98d28b147a431f7fbef4a000f8
abfc72769d3d069717143fe843cd6c3f95d8d76b92603e63e17bb07026651752

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/uploads/2021/02/al-mandb-small-size.webp HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:23:57 GMT
server: nginx/1.21.6
content-type: image/webp
content-length: 136544
last-modified: Sun, 24 Jul 2022 14:55:44 GMT
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
x-server-cache: true
x-proxy-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/swv/js/index.js?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:05 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff

50.87.222.231

200 OK

40 kB

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Web Open Font Format, TrueType, length 40536, version 2.0\012- data
Size
40 kB (40536 bytes)
Hash
9773facce663de3a1554b64583ae667c
f77938c8eb3bf18fc89fdfdf6653aaf2a6ea2a8e
82649ad7d4ec9c61f1e525b2dade75153ffb03610b88d22e1ba3ba98fd55de81

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/fonts/tielabs-fonticon/tielabs-fonticon.woff HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://almandb.net/wp-content/themes/jannah/assets/css/helpers.min.css?ver=5.4.10
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
content-length: 40536
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: font/woff
date: Tue, 21 Mar 2023 08:24:05 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4

50.87.222.231

409 Conflict

83 B

URL HTTP/2
almandb.net/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with no line terminators
Size
83 B (83 bytes)
Hash
26267cd8990f15d3bbea71684a6d5995
ac3b38cf3fe0e112bb6aeb7e05226b7133575d93
769e8ab745a0fe4bf811036e75a8630e38c50a18cb3e24d539ce4a0722c7c85e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.6.4 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 409 Conflict
date: Tue, 21 Mar 2023 08:24:05 GMT
server: Apache
content-length: 83
content-type: text/html; charset=iso-8859-1
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.78

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.78:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1490)
Size
20 kB (20085 bytes)
Hash
ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Tue, 21 Mar 2023 08:12:29 GMT
expires: Tue, 21 Mar 2023 10:12:29 GMT
cache-control: public, max-age=7200
age: 696
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

almandb.net/wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-32x32.png

50.87.222.231

200 OK

2.9 kB

URL HTTP/2
almandb.net/wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-32x32.png
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
2.9 kB (2890 bytes)
Hash
3aff93efd48c5f9a196e60b9cb7d8194
009ea99c7340e815edaf18a9b23109a6f88ce018
af85342ced79cfccfbc03377b05f7c9cb0d744368b6f05770bfc7b9e467a4fba

HTTP Headers

GET /wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-32x32.png HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Cookie: _ga_BFEL7EGRVS=GS1.1.1679387047.1.0.1679387047.0.0.0; _ga=GA1.1.717496985.1679387048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 15:34:51 GMT
accept-ranges: bytes
content-length: 2890
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Tue, 21 Mar 2023 08:24:05 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-192x192.png

50.87.222.231

200 OK

75 kB

URL HTTP/2
almandb.net/wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-192x192.png
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size
75 kB (75181 bytes)
Hash
9e8706c3336424a1d55f28c33be6e076
9dd96d264b53b51fd374ead195e6277c979d3ff8
81f751784fc1d41f9528606ad6713a3389a0501b75ed5634c8797597350d61f5

HTTP Headers

GET /wp-content/uploads/2020/12/cropped-%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8-192x192.png HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Cookie: _ga_BFEL7EGRVS=GS1.1.1679387047.1.0.1679387047.0.0.0; _ga=GA1.1.717496985.1679387048
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 15:37:41 GMT
accept-ranges: bytes
content-length: 75181
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: image/png
date: Tue, 21 Mar 2023 08:24:05 GMT
server: Apache
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&gjid=34581243&_gid=112378310.1679387048&_u=YADAAUAAAAAAACAAI~&z=728810130

209.85.233.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&gjid=34581243&_gid=112378310.1679387048&_u=YADAAUAAAAAAACAAI~&z=728810130
IP
209.85.233.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&gjid=34581243&_gid=112378310.1679387048&_u=YADAAUAAAAAAACAAI~&z=728810130 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://almandb.net
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://almandb.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&gjid=2087721784&_gid=112378310.1679387048&_u=YADAAUABAAAAACAAI~&z=1800827342

209.85.233.155

200 OK

4 B

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&gjid=2087721784&_gid=112378310.1679387048&_u=YADAAUABAAAAACAAI~&z=1800827342
IP
209.85.233.155:0
ASN
#15169 GOOGLE

File type
ASCII text, with no line terminators
Size
4 B (4 bytes)
Hash
48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&gjid=2087721784&_gid=112378310.1679387048&_u=YADAAUABAAAAACAAI~&z=1800827342 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://almandb.net
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://almandb.net
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
43229f902489cc88a3b8f77dea901852
28e63d8d5a952b9e568cad6feda0e211e1fbfdda
245bfd30b6d87d590e50452fd8672d82d9d441242b4603fcc007e70b6a56685b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8535613a8a8fd6ee9e928b3539dcfccd
75d939e05c094dda5410c98b8264d7c3270a6672
b09eaa3afbf3c651a41228d2297ff907b3f98102bce5277c7b9a1af8a1f346f3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=323091212&_u=YADAAUABAAAAACAAI~&z=178223217 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096

142.250.74.163

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-186128723-1&cid=717496985.1679387048&jid=1087411239&_u=YADAAUAAAAAAACAAI~&z=919436096 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 21 Mar 2023 08:24:05 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
bfa45bb31acdcad04104ab759ca396b0
f8290df5a249f0dd192fec38584618205b2d4bc7
97b4f123c07d8ccbbb7f6757f55e2b2b055ea296a29f52a729efdc996e9c8592

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
216.58.211.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
2f656ecf7dfa2c439943f8adc7af7af3
7e1e963c5a29b4355c05a3824b9cab61c8c8e98b
a5eacea5ab24e16191f73cab5a4554ccc2a5150db6b578c478e078f28793c51b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 08:24:06 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.google-analytics.com/g/collect?v=2&tid=G-BFEL7EGRVS&gtm=45je33f0&_p=704732097&gdid=dZTNiMT&cid=717496985.1679387048&ul=en-us&sr=1280x1024&_s=1&sid=1679387047&sct=1&seg=0&dl=https%3A%2F%2Falmandb.net%2Fs%2Fphp%2Fcontent%2F2e357cbd36d95170265ec5ab03911b7b%2F%3Fuser%26.verify%3Fservice%3Dmail%26data%3Atext%2Fhtml%3Bcharset%3Dutf-8%3Bbase64%2Cpgh0bww%2Bdqo8c3r5bgu%2Bigjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft&dt=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9.%20%E2%80%93%20%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8%20%D9%86%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-N8LGJJ3

216.239.34.36

204 No Content

0 B

URL HTTP/2
region1.google-analytics.com/g/collect?v=2&tid=G-BFEL7EGRVS&gtm=45je33f0&_p=704732097&gdid=dZTNiMT&cid=717496985.1679387048&ul=en-us&sr=1280x1024&_s=1&sid=1679387047&sct=1&seg=0&dl=https%3A%2F%2Falmandb.net%2Fs%2Fphp%2Fcontent%2F2e357cbd36d95170265ec5ab03911b7b%2F%3Fuser%26.verify%3Fservice%3Dmail%26data%3Atext%2Fhtml%3Bcharset%3Dutf-8%3Bbase64%2Cpgh0bww%2Bdqo8c3r5bgu%2Bigjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft&dt=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9.%20%E2%80%93%20%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8%20%D9%86%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-N8LGJJ3
IP
216.239.34.36:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-BFEL7EGRVS&gtm=45je33f0&_p=704732097&gdid=dZTNiMT&cid=717496985.1679387048&ul=en-us&sr=1280x1024&_s=1&sid=1679387047&sct=1&seg=0&dl=https%3A%2F%2Falmandb.net%2Fs%2Fphp%2Fcontent%2F2e357cbd36d95170265ec5ab03911b7b%2F%3Fuser%26.verify%3Fservice%3Dmail%26data%3Atext%2Fhtml%3Bcharset%3Dutf-8%3Bbase64%2Cpgh0bww%2Bdqo8c3r5bgu%2Bigjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft&dt=%D8%A7%D9%84%D8%B5%D9%81%D8%AD%D8%A9%20%D8%BA%D9%8A%D8%B1%20%D9%85%D9%88%D8%AC%D9%88%D8%AF%D8%A9.%20%E2%80%93%20%D8%A7%D9%84%D9%85%D9%86%D8%AF%D8%A8%20%D9%86%D8%AA&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.optimize_id=OPT-N8LGJJ3 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://almandb.net
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://almandb.net
date: Tue, 21 Mar 2023 08:24:06 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.fontstatic.com/f=jazeera?ver=5.9.5

104.21.28.204

200 OK

0 B

URL HTTP/2
www.fontstatic.com/f=jazeera?ver=5.9.5
IP
104.21.28.204:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /f=jazeera?ver=5.9.5 HTTP/1.1
Host: www.fontstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 21 Mar 2023 08:24:04 GMT
content-type: text/css; charset=UTF-8
pragma: no-cache
x-cache: MISS
x-proxy-cache: MISS
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=blYP7utOwnfF2O%2BUo5EkgDDt9y8vj9dAazjtoMgUl1lruK3kl%2F1btf6sLWu8AvI9n1LTQx%2BESdgqQLQObNNxix0XC5fOaAgZYuIpch62rALZAciTh%2B74GZz3jB%2FJdAxBahOf8ug%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7ab4cbe33c15b4ed-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js

50.87.222.231

200 OK

0 B

URL HTTP/2
almandb.net/wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/plugins/jquery-manager/assets/js/jquery-2.2.4.min.js HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 24 Jul 2022 09:27:47 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: application/javascript
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

almandb.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10

50.87.222.231

200 OK

0 B

URL HTTP/2
almandb.net/wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10
IP
50.87.222.231:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-content/themes/jannah/assets/css/style.min.css?ver=5.4.10 HTTP/1.1
Host: almandb.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://almandb.net/s/php/content/2e357cbd36d95170265ec5ab03911b7b/?user&.verify?service=mail&data:text/html;charset=utf-8;base64,pgh0bww+dqo8c3r5bgu+igjvzhkgeybtyxjnaw46ida7ig92zxjmbg93oiboawrkzw47ih0gpc9zdhlszt4nciagpglmcmft
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
last-modified: Sun, 20 Nov 2022 21:31:31 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
host-header: c2hhcmVkLmJsdWVob3N0LmNvbQ==
content-type: text/css
date: Tue, 21 Mar 2023 08:24:04 GMT
server: Apache
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (18)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL