| hr.economictimes.indiatimes.com/etl.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etl.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint36:28:9B:00:10:51:CF:7E:FC:72:5D:25:F3:7F:0D:F0:35:8A:44:EF ValidityWed, 28 Feb 2024 07:55:57 GMT - Tue, 28 May 2024 07:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etl.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Cookie: optout=1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: ./etlr.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t
x-cool: 55.29
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 29 Mar 2024 11:00:43 GMT
date: Fri, 29 Mar 2024 11:00:43 GMT
set-cookie: PHPSESSID=5980a41c50b491de7b4676faec94304e; expires=Fri, 05-Apr-2024 11:00:43 GMT; Max-Age=604800; path=/; secure; HttpOnly
pmUsr=1711710043; expires=Sat, 29-Mar-2025 12:07:23 GMT; Max-Age=31540000; path=/; secure; HttpOnly; SameSite=None
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| hr.economictimes.indiatimes.com/etlr.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t | 23.36.79.16 | 302 Found | 0 B |
URL User Request GET HTTP/2hr.economictimes.indiatimes.com/etlr.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t IP23.36.79.16:443 ASN#20940 Akamai International B.V.
CertificateIssuerLet's Encrypt Subjectlangdev.indiatimes.com Fingerprint36:28:9B:00:10:51:CF:7E:FC:72:5D:25:F3:7F:0D:F0:35:8A:44:EF ValidityWed, 28 Feb 2024 07:55:57 GMT - Tue, 28 May 2024 07:55:56 GMT
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /etlr.php?url=//annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t HTTP/1.1
Host: hr.economictimes.indiatimes.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Cookie: optout=1; PHPSESSID=5980a41c50b491de7b4676faec94304e; pmUsr=1711710043
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 302 Found
server: Bhoot
content-type: text/html; charset=UTF-8
content-length: 0
access-control-allow-origin: *
pragma: no-cache
location: //annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign=
x-cool: 22.55
content-language: en
access-control-allow-credentials: true
strict-transport-security: max-age=25920000; includeSubdomains
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 29 Mar 2024 11:00:43 GMT
date: Fri, 29 Mar 2024 11:00:43 GMT
set-cookie: hr_subscription_source=email; expires=Fri, 05-Apr-2024 11:00:43 GMT; Max-Age=604800; path=/
hr_pop_user_sub=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/
x-frame-options: sameorigin, SAMEORIGIN
X-Firefox-Spdy: h2
|
|
| annatyle.com/cdn-cgi/images/icon-exclamation.png?1376755637 | 188.114.97.1 | 200 OK | 452 B |
URL GET HTTP/3annatyle.com/cdn-cgi/images/icon-exclamation.png?1376755637 IP188.114.97.1:443
Requested byhttps://annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= CertificateIssuerGoogle Trust Services LLC Subjectannatyle.com Fingerprint80:69:E0:80:CB:78:9D:BC:A2:B7:67:0F:E2:1C:18:61:E7:05:CB:B6 ValidityWed, 13 Mar 2024 11:42:23 GMT - Tue, 11 Jun 2024 11:42:22 GMT
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: annatyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://annatyle.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Fri, 29 Mar 2024 11:00:44 GMT
content-type: image/png
content-length: 452
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: "65fd6d96-1c4"
server: cloudflare
cf-ray: 86bf5ba089a556a8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 29 Mar 2024 13:00:44 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|
| annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= | 188.114.97.1 | 200 OK | 5.0 kB |
URL User Request GET HTTP/2annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= IP188.114.97.1:443
CertificateIssuerGoogle Trust Services LLC Subjectannatyle.com Fingerprint80:69:E0:80:CB:78:9D:BC:A2:B7:67:0F:E2:1C:18:61:E7:05:CB:B6 ValidityWed, 13 Mar 2024 11:42:23 GMT - Tue, 11 Jun 2024 11:42:22 GMT
File typeHTML document, ASCII text, with very long lines (5262), with no line terminators Hash37082ae2514bf7d64a019ec32feb4d34 5a1ceff3cf32e9a5fd185e76fc623008632ed82a e333adcf2b0b78af83cafaa3e0bd65b5d990fc26ba05b5e5fe0e7cdb49e0590b
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= HTTP/1.1
Host: annatyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Fri, 29 Mar 2024 11:00:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EbT6%2Flm7f8mawS6aiRyRxBGct%2BGfSVVF%2Fgu6cvSxa4C5b%2B5c7qr2EBtFnVYRlOZRg5nQfcviLX%2B6iMqyyYU19APdVOoDYSjAbGfBSJP8XMiltuze6Ii89PpR%2FMDAmvM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bf5b9e4b235694-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| annatyle.com/cdn-cgi/styles/cf.errors.css | 188.114.97.1 | 200 OK | 24 kB |
URL GET HTTP/3annatyle.com/cdn-cgi/styles/cf.errors.css IP188.114.97.1:443
Requested byhttps://annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= CertificateIssuerGoogle Trust Services LLC Subjectannatyle.com Fingerprint80:69:E0:80:CB:78:9D:BC:A2:B7:67:0F:E2:1C:18:61:E7:05:CB:B6 ValidityWed, 13 Mar 2024 11:42:23 GMT - Tue, 11 Jun 2024 11:42:22 GMT
File typeASCII text, with very long lines (24131) Hasha1cedc21f16b5a97114857154fab35e9 95e9890a15a4f7f94f7f19d2c297e4b07503c526 1103290e25ebda2712abe344a87facbac00ddaba712729be9fe5feef807bf91b
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked | Quad9 DNS | malicious | Sinkholed |
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: annatyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign=
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 11:00:44 GMT
content-type: text/css
last-modified: Fri, 22 Mar 2024 11:37:58 GMT
etag: W/"65fd6d96-5e44"
server: cloudflare
cf-ray: 86bf5ba0491c56a8-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Fri, 29 Mar 2024 13:00:44 GMT
cache-control: max-age=7200, public
content-encoding: gzip
|
|
| annatyle.com/favicon.ico | 188.114.97.1 | 200 OK | 4.7 kB |
IP188.114.97.1:443
Requested byhttps://annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign= CertificateIssuerGoogle Trust Services LLC Subjectannatyle.com Fingerprint80:69:E0:80:CB:78:9D:BC:A2:B7:67:0F:E2:1C:18:61:E7:05:CB:B6 ValidityWed, 13 Mar 2024 11:42:23 GMT - Tue, 11 Jun 2024 11:42:22 GMT
File typeHTML document, ASCII text, with very long lines (4977), with no line terminators Hashe423bad014ef6f3a40709e1bc1ebbbe1 f0f66eea6c6ba4d5e924c31c8c8f873f3e33211a 7e00fb41633802e283e88f786c8062f90c026492631ae8f52bce2e03fac0eb00
Analyzer | Verdict | Alert | Quad9 DNS | malicious | Sinkholed |
GET /favicon.ico HTTP/1.1
Host: annatyle.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://annatyle.com/adex/auth/yzwfemsrnxh2l8spva7fsittopm7uuunyho7psyfzhth172kvkxnjvo50fjnzqesz2dxnq64jgfl0klbwxs8y4md4bpkvb12v0gy6lz54fo5aheqzzo5uucvtjmaphcpwkafkndffyjuax6tsrezpkexhmd0aiiq0xcqzgqrdfdpbwlbg2bieyaz05ngjyorwonmxdok/c3RlcGhlbkBzZWFtYXJrZHViYWkuY29t?utm_source=promotions&utm_medium=email&utm_campaign=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
HTTP/3 200 OK
date: Fri, 29 Mar 2024 11:00:44 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XCGOdihNMOXhEh1ntLvL4uxLfgPRRHXPpR7CMjQyYyez5Ge5uiG4FJPPcc0nnXLvCRTxfmLeIJS0soHJJcx4RgNl4HidB8dlWlLnOBxxWc28Fvcy%2F4IbL1FlsHBLn4Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 86bf5ba0798a56a8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
|
|