Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

URLScan

urlscan

1

https://update-incom...

windows10-2004-x64

1

Analysis

  • max time kernel
    141s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    08/08/2023, 05:26 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    https://update-income.info/in

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 10 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 11 IoCs
  • Suspicious use of FindShellTrayWindow 25 IoCs
  • Suspicious use of SendNotifyMessage 24 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://update-income.info/in
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4964
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffdcff446f8,0x7ffdcff44708,0x7ffdcff44718
      2⤵
        PID:616
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2232 /prefetch:3
        2⤵
        • Suspicious behavior: EnumeratesProcesses
        PID:920
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2
        2⤵
          PID:2692
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2824 /prefetch:8
          2⤵
            PID:2408
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
            2⤵
              PID:3956
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3432 /prefetch:1
              2⤵
                PID:4916
              • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
                2⤵
                  PID:3704
                • C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8
                  2⤵
                  • Suspicious behavior: EnumeratesProcesses
                  PID:4444
                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=180 /prefetch:1
                  2⤵
                    PID:3460
                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5428 /prefetch:1
                    2⤵
                      PID:2704
                    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3564 /prefetch:1
                      2⤵
                        PID:2156
                      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5760 /prefetch:1
                        2⤵
                          PID:924
                        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2740 /prefetch:1
                          2⤵
                            PID:4344
                          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1924 /prefetch:1
                            2⤵
                              PID:1396
                            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=1260 /prefetch:1
                              2⤵
                                PID:4088
                              • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6092 /prefetch:1
                                2⤵
                                  PID:4004
                                • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6068 /prefetch:1
                                  2⤵
                                    PID:636
                                  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
                                    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2168,15763149232688633701,1988537913626523917,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2608 /prefetch:2
                                    2⤵
                                    • Suspicious behavior: EnumeratesProcesses
                                    PID:4556
                                • C:\Windows\System32\CompPkgSrv.exe
                                  C:\Windows\System32\CompPkgSrv.exe -Embedding
                                  1⤵
                                    PID:1288
                                  • C:\Windows\System32\CompPkgSrv.exe
                                    C:\Windows\System32\CompPkgSrv.exe -Embedding
                                    1⤵
                                      PID:900

                                    Network

                                    • flag-us
                                      DNS
                                      2.136.104.51.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      2.136.104.51.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      update-income.info
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      update-income.info
                                      IN A
                                      Response
                                      update-income.info
                                      IN A
                                      188.114.97.0
                                      update-income.info
                                      IN A
                                      188.114.96.0
                                    • flag-us
                                      GET
                                      https://update-income.info/in
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      dnt: 1
                                      upgrade-insecure-requests: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: none
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      Response
                                      HTTP/2.0 503
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/html; charset=utf-8
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      set-cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY; path=/; expires=Wed, 09-Aug-23 05:27:05 GMT; Max-Age=86400;
                                      set-cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425; path=/; expires=Wed, 09-Aug-23 05:27:05 GMT; Max-Age=86400;
                                      set-cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825; path=/; expires=Wed, 09-Aug-23 05:27:05 GMT; Max-Age=86400;
                                      set-cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0; path=/; expires=Wed, 09-Aug-23 05:27:05 GMT; Max-Age=86400;
                                      x-frame-options: SAMEORIGIN
                                      cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                      pragma: no-cache
                                      expires: 0
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f3559521c070bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://update-income.info/in
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      POST /in HTTP/2.0
                                      host: update-income.info
                                      content-length: 22
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      x-requested-timestamp-expire:
                                      sec-ch-ua-mobile: ?0
                                      x-requested-timestamp-combination:
                                      x-requested-type-combination: GET
                                      1ksh5ampislbb17zog2r3jasng: 27312830
                                      content-type: application/x-www-form-urlencoded
                                      x-requested-type: GET
                                      x-requested-with: XMLHttpRequest
                                      x-requested-timestamp:
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      origin: https://update-income.info
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      referer: https://update-income.info/in
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      Response
                                      HTTP/2.0 302
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      access-control-allow-origin: *
                                      location: /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
                                      vary: accept-encoding
                                      cache-control: max-age=300, public
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=peIbWKqkH6JEEHWKIw0cPJSn0PsTu%2BKguy8OL8wD6I5F7ihMj1%2Fbl0lFCHXMncKUldhmGx2x0N33Z0SGkVugJ5EWq4jiMJDG7VRgO8EqRXyOYr%2BgkPiC4Og6XZBapnZBFJUmoI4%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355952ed1b0bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/favicon.ico
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /favicon.ico HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: application/javascript; charset=UTF-8
                                      x-content-type-options: nosniff
                                      vary: accept-encoding
                                      cache-control: max-age=14400, public
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EBonD4pFJ2JwwM%2BWF5iWwpNJ4jITS2eh0amT5jtXlkeYtd23deS7WX5Nia9ZPU1liQwaMvRTGkD0yxMLFLHOf6rsd2vUfi%2FfEixjpkpjl2APuH84AVGK%2BJP0ca31gg8oIvU5tLk%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f3559532d540bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/cdn-cgi/challenge-platform/scripts/invisible.js
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/scripts/invisible.js HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      Response
                                      HTTP/2.0 204
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      set-cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      x-frame-options: SAMEORIGIN
                                      cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                      pragma: no-cache
                                      expires: 0
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zMMLsq90df7NHL%2BRbkRu3oTiyPFIwuyvJfOh12dKC%2BwcjBeey9nirgdPL8h4V64zl8IicyYkGSjPrH2d8mriAsK%2B1711rjg03jllK1jniIZnlLlStRKTC2afUDu9MxFwMG%2BQM7g%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355952dd0e0bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: */*
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: script
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      Response
                                      HTTP/2.0 503
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/html; charset=utf-8
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: public, max-age=0 no-store, no-cache, must-revalidate, post-check=0, pre-check=0
                                      pragma: no-cache
                                      x-frame-options: SAMEORIGIN
                                      expires: 0
                                      cf-cache-status: BYPASS
                                      set-cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      set-cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE; path=/; expires=Wed, 09-Aug-23 05:27:11 GMT; Max-Age=86400;
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DJrWBRddQiB2dkoiyoxdVwq4tnRJYwr8zSSg2jwBUWRi7iojwyFUqNkc2LcSOCqdMfeinSGcYweonO77QaHMP%2BPGz9apL%2BgeTXU%2BfIej0PNFkX6xfTdC9fwUu5AP5CzMXRyEc9c%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      vary: Accept-Encoding
                                      server: cloudflare
                                      cf-ray: 7f355952ed1a0bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://update-income.info/cdn-cgi/challenge-platform/h/g/cv/result/7f3559521c070bdb
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      POST /cdn-cgi/challenge-platform/h/g/cv/result/7f3559521c070bdb HTTP/2.0
                                      host: update-income.info
                                      content-length: 14062
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      content-type: application/json
                                      accept: */*
                                      origin: https://update-income.info
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: cors
                                      sec-fetch-dest: empty
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/plain; charset=UTF-8
                                      set-cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433; path=/; expires=Wed, 07-Aug-24 05:27:13 GMT; domain=.update-income.info; HttpOnly; Secure; SameSite=None
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lfBBi8U7Skl2u6YKa4gdR4RVbRckJXCyYhPcelmUQnnS2EnzFuQbIGI%2FQZhFE3oI1jf8sYlE8VhNv6AhFt2LJQ%2FxmmIdMHroQAd2yfEDgtIVvkkVUYaTz4I5H4pJDGIHvra9DwA%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f3559545e5f0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: document
                                      referer: https://update-income.info/in
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      Response
                                      HTTP/2.0 301
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/html; charset=iso-8859-1
                                      location: http://update-income.info/in/
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      x-nginx-upstream-cache-status: MISS
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MPu5Fc8kkEKTPeDrmbFPYIifCGJqdTsd3EvZtUYnWlI5fKQI58aDvL5jHbgK2dTxjZFYgbv1sAA53bQYDamHBoeTNUp2vHu5xtwSj0pyZwKbYfG4ILikH58xcw3xCsZCkeO%2FN4g%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355954ced40bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/ HTTP/2.0
                                      host: update-income.info
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: cross-site
                                      sec-fetch-mode: navigate
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/html
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      last-modified: Sat, 21 Jan 2023 04:22:24 GMT
                                      x-nginx-upstream-cache-status: EXPIRED
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B6R%2BVZ%2FlvZJar5j1Or%2BaECg0HdTHIp67BX67%2Fux4l6th20Tlt2GVR1CIaGeofzGI2ZprUXjuyfFla5PSvichx2SF5liQAgNckRU2ixhNq7tEFTvcKkvmCJFGOfoQdoV8q1vnx2s%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355956083b0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/css/mgv2-application.css
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/css/mgv2-application.css HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/css,*/*;q=0.1
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: style
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/css
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: max-age=2592000
                                      pragma: public
                                      last-modified: Wed, 21 Dec 2022 23:24:46 GMT
                                      expires: Thu, 07 Sep 2023 05:27:12 GMT
                                      x-nginx-upstream-cache-status: STALE
                                      x-server-powered-by: Engintron
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snqkWhiUWYlopFVHbdWdZxH4ha4i%2BO6jHHKK0wWpQThUpecfNX%2Bre%2BL4i2N3Kq0yV%2B8J8vN5wr6ASrWKsUu4qwBNDlyRdzuMWuXxrrFSrUlHyJufL1KbcbF9zPNieTwyjeCbBuA%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355956d90e0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/css/blugov.css
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/css/blugov.css HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/css,*/*;q=0.1
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: style
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: text/css
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: max-age=2592000
                                      pragma: public
                                      last-modified: Fri, 23 Dec 2022 00:50:42 GMT
                                      expires: Thu, 07 Sep 2023 05:27:12 GMT
                                      x-nginx-upstream-cache-status: STALE
                                      x-server-powered-by: Engintron
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hFVaqhPqMi%2BRy%2BPMAoCCQ7X874CcneMZ39370uOmPc4NxQWfbmVvRhWZNtuRenW0hpeTgyTms6s6jWfAfA%2FIteDacsxSbplkyolnGXOoCSUzJnCc2lF0D6wI4GXDjLJ6tktq%2Fjs%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355956d90d0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/images/myGov-cobranded-logo-black.svg
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/images/myGov-cobranded-logo-black.svg HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: image/svg+xml
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: max-age=5184000
                                      pragma: public
                                      last-modified: Wed, 21 Dec 2022 23:22:02 GMT
                                      expires: Sat, 07 Oct 2023 05:27:12 GMT
                                      x-nginx-upstream-cache-status: STALE
                                      x-server-powered-by: Engintron
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VEP4oTpQ405ozQjLUbUY5meFlelMbiJKJTANr4Bw2CNrl%2BstgQ8KjQ%2BbI6gsJIT6iXyOaJWQEtINMUilABu2nNPqtCcUEKFZ2qVLTSg2yZccuaB4xyEHcXzWH4HG%2FT0BpH4aiAE%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355956d90f0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/images/myGov-cobranded-logo-white.svg
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/images/myGov-cobranded-logo-white.svg HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:27:13 GMT
                                      content-type: image/svg+xml
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: max-age=5184000
                                      pragma: public
                                      last-modified: Wed, 21 Dec 2022 23:22:04 GMT
                                      expires: Sat, 07 Oct 2023 05:27:12 GMT
                                      x-nginx-upstream-cache-status: STALE
                                      x-server-powered-by: Engintron
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TmwTx7Ba3M7AT0iQcvpSORgfr8%2FC57VMI51BVRVCN9%2FswCjE2TBopnr8SDiYgvvcgNYLD4Y%2FpetGSN10Wac1%2Fzu7rBe70OvehrydeLGMxOdCNZAaqxlLezLvsopuy5y3dKI7gTw%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355956d9100bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/icons/icon-blugov-info.svg
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/icons/icon-blugov-info.svg HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in/css/blugov.css
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 404
                                      date: Tue, 08 Aug 2023 05:27:14 GMT
                                      content-type: text/html; charset=iso-8859-1
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                                      pragma: public
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mywaTQotMO4NwvUfXUDXLydb8eFVuTSU5ipqYPT4Gep9rznPqS1mMEnmh9jpbztQM0HbljNtMTz3ZXbqGXN0ANsz8SmL4JpF8YtDKFLGgh%2FYVC3lpnF0jS%2FnxtqrfnSD82agiDw%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f3559584a7d0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/favicon.ico
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/favicon.ico HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 404
                                      date: Tue, 08 Aug 2023 05:27:14 GMT
                                      content-type: text/html; charset=iso-8859-1
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                                      pragma: public
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VirxjvmGg%2B5HmMwJywtB8J1u26rx44rgQJUbKofaQnkEVJK89KdrQm1ubIxSGZLOJ39hYxFTi%2FT81GyhEclpxQ290Rn9houpal0gwdf%2BE7RwM413YcxX2kxYGoB9NCCreLyilXc%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f3559592b4b0bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://update-income.info/in/prohqcker.php
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      POST /in/prohqcker.php HTTP/2.0
                                      host: update-income.info
                                      content-length: 90
                                      cache-control: max-age=0
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      origin: https://update-income.info
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      content-type: application/x-www-form-urlencoded
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 302
                                      date: Tue, 08 Aug 2023 05:28:28 GMT
                                      content-type: text/html; charset=UTF-8
                                      location: index2.html
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xW63aJSkEzUiVwas1KcR57p6e5YecoffpaVbll8LeDsA8LyDsGMM0TAiNi%2F5maiOeI3Z22lcbcmKpTM1il2Gn0aqG%2BDndUPRLhG7vcujWCmvWpxywn6QSFGd3q867iZWwd%2BPzaY%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355b2a7a180bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/index2.html
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/index2.html HTTP/2.0
                                      host: update-income.info
                                      cache-control: max-age=0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      referer: https://update-income.info/in/
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:28:28 GMT
                                      content-type: text/html
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      last-modified: Sat, 21 Jan 2023 04:23:02 GMT
                                      x-nginx-upstream-cache-status: EXPIRED
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=67rKdurTmX6O3pKZOHW6WnKzqGwwQstb8yYYqkEr%2BqMmkiqTQgVYgoWmeW0MS9wH2VuIrRvDoWWduOEhiPQccFeT2QgrV7vqw9mPD84u43fLSwU9qnW5bTV%2B0lkNIpg4f6xfAXU%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355b2c7c270bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      POST
                                      https://update-income.info/in/prohqcker1.php
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      POST /in/prohqcker1.php HTTP/2.0
                                      host: update-income.info
                                      content-length: 70
                                      cache-control: max-age=0
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      origin: https://update-income.info
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      content-type: application/x-www-form-urlencoded
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      referer: https://update-income.info/in/index2.html
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 302
                                      date: Tue, 08 Aug 2023 05:28:57 GMT
                                      content-type: text/html; charset=UTF-8
                                      location: otp.html
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d5FkwFCCYny%2BscxqYxTexroVNHjMmu5d5Um2sGAz9KWj3jKL%2FWM492ouewCQBpRGQHT7m3BUvdzE6LnYtJgJSficguDXtOs7VcUbqZrwdh9fqyr5D5ucRS9ByFQ2otCDEuU3iB4%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355bdce81d0bdb-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/otp.html
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/otp.html HTTP/2.0
                                      host: update-income.info
                                      cache-control: max-age=0
                                      upgrade-insecure-requests: 1
                                      dnt: 1
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: navigate
                                      sec-fetch-user: ?1
                                      sec-fetch-dest: document
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      sec-ch-ua-mobile: ?0
                                      referer: https://update-income.info/in/index2.html
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 200
                                      date: Tue, 08 Aug 2023 05:28:57 GMT
                                      content-type: text/html
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      last-modified: Sat, 21 Jan 2023 04:27:46 GMT
                                      x-nginx-upstream-cache-status: MISS
                                      x-server-powered-by: Engintron
                                      cf-cache-status: DYNAMIC
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eYsdyRnvEp5%2BMUOznVoTbyBhow%2BmCS%2B6Pipd%2BN%2Fkpaal9at51f8KocwLivB%2FsmTgsjhdBQfnVWvPD08Dc7XHSnRWlTOK81nphQIfWyY7U5c8CdW0mfkJWfuij7%2BJDn4wvMTkGgg%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355bded9c80bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      GET
                                      https://update-income.info/in/icons/link-arrow.svg
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:443
                                      Request
                                      GET /in/icons/link-arrow.svg HTTP/2.0
                                      host: update-income.info
                                      sec-ch-ua: "Chromium";v="92", " Not A;Brand";v="99", "Microsoft Edge";v="92"
                                      dnt: 1
                                      sec-ch-ua-mobile: ?0
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept: image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
                                      sec-fetch-site: same-origin
                                      sec-fetch-mode: no-cors
                                      sec-fetch-dest: image
                                      referer: https://update-income.info/in/css/blugov.css
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                      cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY
                                      cookie: Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425
                                      cookie: SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825
                                      cookie: Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0
                                      cookie: JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA
                                      cookie: ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431
                                      cookie: zbv1scnjzirAMWH_IoEDInVVAgo=1691558831
                                      cookie: 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      cookie: cf_clearance=VWR.lZM0WQxkAIxxhSZXyq5FNdTaW.Ufa3IdNgtteU8-1691472433-0-1-3173c76.2da7bcc6.54166396-0.2.1691472433
                                      Response
                                      HTTP/2.0 404
                                      date: Tue, 08 Aug 2023 05:28:57 GMT
                                      content-type: text/html; charset=iso-8859-1
                                      vary: Accept-Encoding
                                      x-content-type-options: nosniff
                                      x-content-type-options: nosniff
                                      x-xss-protection: 1; mode=block
                                      x-xss-protection: 1; mode=block
                                      cache-control: public, max-age=315360000, stale-while-revalidate=315360000, stale-if-error=315360000, immutable
                                      pragma: public
                                      cf-cache-status: MISS
                                      report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0rcYOk9o9NS7dfLjjIf6BakNdPUrqe68Jrg7GRNbcCIucqlZ7V2pxh9nel7ctmfaEyl88h3arZvJpEYw9RVmTq2WvuHNIdNYsCXXKIaCaF4HGULc9ytwbg%2FF4eDFKuNovwAPTOs%3D"}],"group":"cf-nel","max_age":604800}
                                      nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      server: cloudflare
                                      cf-ray: 7f355bdfdab40bdb-AMS
                                      content-encoding: br
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      DNS
                                      apps.identrust.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      apps.identrust.com
                                      IN A
                                      Response
                                      apps.identrust.com
                                      IN CNAME
                                      identrust.edgesuite.net
                                      identrust.edgesuite.net
                                      IN CNAME
                                      a1952.dscq.akamai.net
                                      a1952.dscq.akamai.net
                                      IN A
                                      88.221.25.170
                                      a1952.dscq.akamai.net
                                      IN A
                                      84.53.175.19
                                    • flag-nl
                                      GET
                                      http://apps.identrust.com/roots/dstrootcax3.p7c
                                      msedge.exe
                                      Remote address:
                                      88.221.25.170:80
                                      Request
                                      GET /roots/dstrootcax3.p7c HTTP/1.1
                                      Connection: Keep-Alive
                                      Accept: */*
                                      User-Agent: Microsoft-CryptoAPI/10.0
                                      Host: apps.identrust.com
                                      Response
                                      HTTP/1.1 200 OK
                                      X-XSS-Protection: 1; mode=block
                                      Strict-Transport-Security: max-age=15768000
                                      X-Frame-Options: SAMEORIGIN
                                      X-Content-Type-Options: nosniff
                                      Content-Security-Policy: default-src 'self' *.identrust.com
                                      Last-Modified: Wed, 08 Feb 2023 16:52:56 GMT
                                      ETag: "37d-5f433188daa00"
                                      Accept-Ranges: bytes
                                      Content-Length: 893
                                      X-Content-Type-Options: nosniff
                                      X-Frame-Options: sameorigin
                                      Content-Type: application/pkcs7-mime
                                      Cache-Control: max-age=3600
                                      Expires: Tue, 08 Aug 2023 06:27:12 GMT
                                      Date: Tue, 08 Aug 2023 05:27:12 GMT
                                      Connection: keep-alive
                                    • flag-us
                                      DNS
                                      75.159.190.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      75.159.190.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      0.97.114.188.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      0.97.114.188.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      95.221.229.192.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      95.221.229.192.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      170.25.221.88.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      170.25.221.88.in-addr.arpa
                                      IN PTR
                                      Response
                                      170.25.221.88.in-addr.arpa
                                      IN PTR
                                      a88-221-25-170deploystaticakamaitechnologiescom
                                    • flag-us
                                      DNS
                                      a.nel.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      a.nel.cloudflare.com
                                      IN A
                                      Response
                                      a.nel.cloudflare.com
                                      IN A
                                      35.190.80.1
                                    • flag-us
                                      OPTIONS
                                      https://a.nel.cloudflare.com/report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D
                                      msedge.exe
                                      Remote address:
                                      35.190.80.1:443
                                      Request
                                      OPTIONS /report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D HTTP/2.0
                                      host: a.nel.cloudflare.com
                                      origin: https://update-income.info
                                      access-control-request-method: POST
                                      access-control-request-headers: content-type
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      POST
                                      https://a.nel.cloudflare.com/report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D
                                      msedge.exe
                                      Remote address:
                                      35.190.80.1:443
                                      Request
                                      POST /report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D HTTP/2.0
                                      host: a.nel.cloudflare.com
                                      content-length: 403
                                      content-type: application/reports+json
                                      user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      accept-encoding: gzip, deflate, br
                                      accept-language: en-US,en;q=0.9
                                    • flag-us
                                      GET
                                      http://update-income.info/in/
                                      msedge.exe
                                      Remote address:
                                      188.114.97.0:80
                                      Request
                                      GET /in/ HTTP/1.1
                                      Host: update-income.info
                                      Connection: keep-alive
                                      Upgrade-Insecure-Requests: 1
                                      DNT: 1
                                      User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36 Edg/92.0.902.67
                                      Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
                                      Accept-Encoding: gzip, deflate
                                      Accept-Language: en-US,en;q=0.9
                                      Cookie: 37KBKJMz4z6fRvWCNnlrV3ozREo=XsD9kdkCNwbYHDsKD-DUkZs62lY; Rh0zLeDTp_Y0Ovzm4tFrl0R0bkk=1691472425; SL9T5oz1h-3jGqu_MHbkNVlBkNY=1691558825; Qhmyac5rSqwbRFWfuSUwWj908_E=iDkNbHH8Fbc9Of8NqWyUwX0OSB0; JnsRiVuvaMQbNQdqPB4fA766H9U=aCw_Ay0z6PiSoLxfa4acq_nGNvA; ddFqXg20cSPAWwwFQy0BlHkUiJQ=1691472431; zbv1scnjzirAMWH_IoEDInVVAgo=1691558831; 9jhf2CBd4gbdulflBZXMroYAXcY=Jjr6vhiX8kJnFfT5Lxf7y9wFzqE
                                      Response
                                      HTTP/1.1 301 Moved Permanently
                                      Date: Tue, 08 Aug 2023 05:27:13 GMT
                                      Transfer-Encoding: chunked
                                      Connection: keep-alive
                                      Cache-Control: max-age=3600
                                      Expires: Tue, 08 Aug 2023 06:27:13 GMT
                                      Location: https://update-income.info/in/
                                      Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mLswx1FB9P3z6zmYHKcQSZGHZX3LyWkIYo7u1lEdIds2VSqfVWAo0Y7MsW4JwtjliEsXczVyHyx%2F%2B6O3Jvrmmht6mADzFK1obS9uLkOhezbZXDwzog1uCqgdrWa%2FAUr4UXkr9Yc%3D"}],"group":"cf-nel","max_age":604800}
                                      NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
                                      Vary: Accept-Encoding
                                      Server: cloudflare
                                      CF-RAY: 7f355955d83a0bbc-AMS
                                      alt-svc: h3=":443"; ma=86400
                                    • flag-us
                                      DNS
                                      1.80.190.35.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      1.80.190.35.in-addr.arpa
                                      IN PTR
                                      Response
                                      1.80.190.35.in-addr.arpa
                                      IN PTR
                                      18019035bcgoogleusercontentcom
                                    • flag-us
                                      DNS
                                      106.208.58.216.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      106.208.58.216.in-addr.arpa
                                      IN PTR
                                      Response
                                      106.208.58.216.in-addr.arpa
                                      IN PTR
                                      ams17s08-in-f101e100net
                                      106.208.58.216.in-addr.arpa
                                      IN PTR
                                      sof01s11-in-f106�I
                                    • flag-us
                                      DNS
                                      131.179.250.142.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      131.179.250.142.in-addr.arpa
                                      IN PTR
                                      Response
                                      131.179.250.142.in-addr.arpa
                                      IN PTR
                                      ams17s10-in-f31e100net
                                    • flag-us
                                      DNS
                                      146.78.124.51.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      146.78.124.51.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      86.23.85.13.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      86.23.85.13.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      108.211.229.192.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      108.211.229.192.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      devtools.azureedge.net
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      devtools.azureedge.net
                                      IN A
                                      Response
                                      devtools.azureedge.net
                                      IN CNAME
                                      devtools.afd.azureedge.net
                                      devtools.afd.azureedge.net
                                      IN CNAME
                                      star-azureedge-prod.trafficmanager.net
                                      star-azureedge-prod.trafficmanager.net
                                      IN CNAME
                                      dual.part-0039.t-0009.t-msedge.net
                                      dual.part-0039.t-0009.t-msedge.net
                                      IN CNAME
                                      part-0039.t-0009.t-msedge.net
                                      part-0039.t-0009.t-msedge.net
                                      IN A
                                      13.107.246.67
                                      part-0039.t-0009.t-msedge.net
                                      IN A
                                      13.107.213.67
                                    • flag-us
                                      DNS
                                      67.246.107.13.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      67.246.107.13.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      a.nel.cloudflare.com
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      a.nel.cloudflare.com
                                      IN A
                                      Response
                                      a.nel.cloudflare.com
                                      IN A
                                      35.190.80.1
                                    • flag-us
                                      DNS
                                      update-income.info
                                      msedge.exe
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      update-income.info
                                      IN A
                                      Response
                                      update-income.info
                                      IN A
                                      188.114.97.0
                                      update-income.info
                                      IN A
                                      188.114.96.0
                                    • flag-us
                                      DNS
                                      0.77.109.52.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      0.77.109.52.in-addr.arpa
                                      IN PTR
                                      Response
                                    • flag-us
                                      DNS
                                      8.173.189.20.in-addr.arpa
                                      Remote address:
                                      8.8.8.8:53
                                      Request
                                      8.173.189.20.in-addr.arpa
                                      IN PTR
                                      Response
                                    • 188.114.97.0:443
                                      https://update-income.info/in/icons/link-arrow.svg
                                      tls, http2
                                      msedge.exe
                                      37.6kB
                                       136.1kB
                                       129
                                      174

                                      HTTP Request

                                      GET https://update-income.info/in

                                      HTTP Response

                                      503

                                      HTTP Request

                                      POST https://update-income.info/in

                                      HTTP Request

                                      GET https://update-income.info/favicon.ico

                                      HTTP Request

                                      GET https://update-income.info/cdn-cgi/challenge-platform/scripts/invisible.js

                                      HTTP Response

                                      302

                                      HTTP Request

                                      GET https://update-income.info/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js

                                      HTTP Response

                                      200

                                      HTTP Response

                                      204

                                      HTTP Response

                                      503

                                      HTTP Request

                                      POST https://update-income.info/cdn-cgi/challenge-platform/h/g/cv/result/7f3559521c070bdb

                                      HTTP Request

                                      GET https://update-income.info/in

                                      HTTP Response

                                      200

                                      HTTP Response

                                      301

                                      HTTP Request

                                      GET https://update-income.info/in/

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://update-income.info/in/css/mgv2-application.css

                                      HTTP Request

                                      GET https://update-income.info/in/css/blugov.css

                                      HTTP Request

                                      GET https://update-income.info/in/images/myGov-cobranded-logo-black.svg

                                      HTTP Request

                                      GET https://update-income.info/in/images/myGov-cobranded-logo-white.svg

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://update-income.info/in/icons/icon-blugov-info.svg

                                      HTTP Response

                                      404

                                      HTTP Request

                                      GET https://update-income.info/in/favicon.ico

                                      HTTP Response

                                      404

                                      HTTP Request

                                      POST https://update-income.info/in/prohqcker.php

                                      HTTP Response

                                      302

                                      HTTP Request

                                      GET https://update-income.info/in/index2.html

                                      HTTP Response

                                      200

                                      HTTP Request

                                      POST https://update-income.info/in/prohqcker1.php

                                      HTTP Response

                                      302

                                      HTTP Request

                                      GET https://update-income.info/in/otp.html

                                      HTTP Response

                                      200

                                      HTTP Request

                                      GET https://update-income.info/in/icons/link-arrow.svg

                                      HTTP Response

                                      404
                                    • 88.221.25.170:80
                                      http://apps.identrust.com/roots/dstrootcax3.p7c
                                      http
                                      msedge.exe
                                      416 B
                                       1.7kB
                                       6
                                      5

                                      HTTP Request

                                      GET http://apps.identrust.com/roots/dstrootcax3.p7c

                                      HTTP Response

                                      200
                                    • 35.190.80.1:443
                                      https://a.nel.cloudflare.com/report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D
                                      tls, http2
                                      msedge.exe
                                      2.7kB
                                       6.3kB
                                       19
                                      21

                                      HTTP Request

                                      OPTIONS https://a.nel.cloudflare.com/report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D

                                      HTTP Request

                                      POST https://a.nel.cloudflare.com/report/v3?s=tnaXjZmTmrGznSDI2MZ93KowQO8RQTm6U%2BNRTM269ChGZSDsVsmHBl6xXrdvz9KP%2BfpkBi3WrA7E0ktv%2Bgm36al%2BFZYtHSqmEJgup%2B1Iu1kINlsoFfZtLOTLJobR46Cexkm9Okw%3D
                                    • 188.114.97.0:80
                                      http://update-income.info/in/
                                      http
                                      msedge.exe
                                      1.2kB
                                       959 B
                                       7
                                      6

                                      HTTP Request

                                      GET http://update-income.info/in/

                                      HTTP Response

                                      301
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 13.107.246.67:443
                                      devtools.azureedge.net
                                      tls
                                      msedge.exe
                                      5.2kB
                                       9.4kB
                                       23
                                      26
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 127.0.0.1:9229
                                      msedge.exe
                                    • 8.8.8.8:53
                                      2.136.104.51.in-addr.arpa
                                      dns
                                      71 B
                                       157 B
                                       1
                                      1

                                      DNS Request

                                      2.136.104.51.in-addr.arpa

                                    • 8.8.8.8:53
                                      update-income.info
                                      dns
                                      msedge.exe
                                      64 B
                                       96 B
                                       1
                                      1

                                      DNS Request

                                      update-income.info

                                      DNS Response

                                      188.114.97.0
                                      188.114.96.0

                                    • 8.8.8.8:53
                                      apps.identrust.com
                                      dns
                                      msedge.exe
                                      64 B
                                       165 B
                                       1
                                      1

                                      DNS Request

                                      apps.identrust.com

                                      DNS Response

                                      88.221.25.170
                                      84.53.175.19

                                    • 8.8.8.8:53
                                      75.159.190.20.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      75.159.190.20.in-addr.arpa

                                    • 8.8.8.8:53
                                      0.97.114.188.in-addr.arpa
                                      dns
                                      71 B
                                       133 B
                                       1
                                      1

                                      DNS Request

                                      0.97.114.188.in-addr.arpa

                                    • 8.8.8.8:53
                                      95.221.229.192.in-addr.arpa
                                      dns
                                      73 B
                                       144 B
                                       1
                                      1

                                      DNS Request

                                      95.221.229.192.in-addr.arpa

                                    • 8.8.8.8:53
                                      170.25.221.88.in-addr.arpa
                                      dns
                                      72 B
                                       137 B
                                       1
                                      1

                                      DNS Request

                                      170.25.221.88.in-addr.arpa

                                    • 8.8.8.8:53
                                      a.nel.cloudflare.com
                                      dns
                                      msedge.exe
                                      66 B
                                       82 B
                                       1
                                      1

                                      DNS Request

                                      a.nel.cloudflare.com

                                      DNS Response

                                      35.190.80.1

                                    • 35.190.80.1:443
                                      a.nel.cloudflare.com
                                      https
                                      msedge.exe
                                      1.8kB
                                       5.0kB
                                       5
                                      7
                                    • 8.8.8.8:53
                                      1.80.190.35.in-addr.arpa
                                      dns
                                      70 B
                                       120 B
                                       1
                                      1

                                      DNS Request

                                      1.80.190.35.in-addr.arpa

                                    • 8.8.8.8:53
                                      106.208.58.216.in-addr.arpa
                                      dns
                                      73 B
                                       143 B
                                       1
                                      1

                                      DNS Request

                                      106.208.58.216.in-addr.arpa

                                    • 8.8.8.8:53
                                      131.179.250.142.in-addr.arpa
                                      dns
                                      74 B
                                       112 B
                                       1
                                      1

                                      DNS Request

                                      131.179.250.142.in-addr.arpa

                                    • 224.0.0.251:5353
                                      888 B
                                       14
                                    • 8.8.8.8:53
                                      146.78.124.51.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      146.78.124.51.in-addr.arpa

                                    • 8.8.8.8:53
                                      86.23.85.13.in-addr.arpa
                                      dns
                                      70 B
                                       144 B
                                       1
                                      1

                                      DNS Request

                                      86.23.85.13.in-addr.arpa

                                    • 8.8.8.8:53
                                      108.211.229.192.in-addr.arpa
                                      dns
                                      74 B
                                       145 B
                                       1
                                      1

                                      DNS Request

                                      108.211.229.192.in-addr.arpa

                                    • 8.8.8.8:53
                                      devtools.azureedge.net
                                      dns
                                      msedge.exe
                                      68 B
                                       235 B
                                       1
                                      1

                                      DNS Request

                                      devtools.azureedge.net

                                      DNS Response

                                      13.107.246.67
                                      13.107.213.67

                                    • 8.8.8.8:53
                                      67.246.107.13.in-addr.arpa
                                      dns
                                      72 B
                                       158 B
                                       1
                                      1

                                      DNS Request

                                      67.246.107.13.in-addr.arpa

                                    • 8.8.8.8:53
                                      a.nel.cloudflare.com
                                      dns
                                      msedge.exe
                                      66 B
                                       82 B
                                       1
                                      1

                                      DNS Request

                                      a.nel.cloudflare.com

                                      DNS Response

                                      35.190.80.1

                                    • 35.190.80.1:443
                                      a.nel.cloudflare.com
                                      https
                                      msedge.exe
                                      3.8kB
                                       2.6kB
                                       10
                                      10
                                    • 8.8.8.8:53
                                      update-income.info
                                      dns
                                      msedge.exe
                                      64 B
                                       96 B
                                       1
                                      1

                                      DNS Request

                                      update-income.info

                                      DNS Response

                                      188.114.97.0
                                      188.114.96.0

                                    • 8.8.8.8:53
                                      0.77.109.52.in-addr.arpa
                                      dns
                                      70 B
                                       144 B
                                       1
                                      1

                                      DNS Request

                                      0.77.109.52.in-addr.arpa

                                    • 35.190.80.1:443
                                      a.nel.cloudflare.com
                                      https
                                      msedge.exe
                                      4.0kB
                                       2.5kB
                                       9
                                      8
                                    • 8.8.8.8:53
                                      8.173.189.20.in-addr.arpa
                                      dns
                                      71 B
                                       157 B
                                       1
                                      1

                                      DNS Request

                                      8.173.189.20.in-addr.arpa

                                    MITRE ATT&CK Matrix

                                    Replay Monitor

                                    Loading Replay Monitor...

                                    Downloads

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
                                      Filesize

                                      152B

                                      MD5

                                      f6f47b83c67fe32ee32811d6611d269c

                                      SHA1

                                      b32353d1d0ed26e0dd5b5f1f402ffd41a105d025

                                      SHA256

                                      ac1866f15ff34d1df4dafa761dbb7dc2c712fe01ac0e171706ef29e205549cbc

                                      SHA512

                                      6ee068efa9fbd3c972169427be2f6377a1204bf99b61579e4d78643e89e729ad65f2abcc70007fd0dd38428e7cd39010a253d6f9cd5e90409e207ddaf5d6720d

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000002
                                      Filesize

                                      20KB

                                      MD5

                                      3d8fb837c8955e6418258bf20d428098

                                      SHA1

                                      81f6b08da7bf258fe71e06fbdcda6bc31b401196

                                      SHA256

                                      c2e04505107f514612c7fa14570c0c47a9c45e9d8a0337639b51b5e7d06a708a

                                      SHA512

                                      024d80e7b997eb42726e77ce2a101687ff5dc5cccb5a738d242ced834a188334da6e8b90b845773eaf914d26e5edb3b4fd1462b431d8688adc6c4cb4520a44a6

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
                                      Filesize

                                      72B

                                      MD5

                                      d02cc8a191f92affefaf50c8a7ec9c42

                                      SHA1

                                      7435402e2c11b63cec6362d7deee98bfb10deca2

                                      SHA256

                                      dfd915edb0d382dec08b7a7dbe58e7b3390aa6f8459760f1638f0b01ed31f955

                                      SHA512

                                      cb48e61c6b6a1885275be06a9d5dbab93e6d7e83f4cbad1cc38de4d75c71c15eb9994020d03ab7399273acb017d0b26775472a4c88d8388958036d5edfb4c6ba

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                      Filesize

                                      951B

                                      MD5

                                      16bab5d6c917da7c421c3e8ee2dd0b1a

                                      SHA1

                                      7eee44caf5040658b1cb02809abfd700745abeb5

                                      SHA256

                                      b7fc28b7f4a27c0a115563105978a79ae250511fd9dec38a98a96fbaca4b3e92

                                      SHA512

                                      b419ba73755444bd47b35d0e0b0203bf2e124877b2dcec13a73469f776df34082680d0acbbe23a49e8c17581502ad8b83cb67ca2e920051329974b569e77a17c

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
                                      Filesize

                                      111B

                                      MD5

                                      285252a2f6327d41eab203dc2f402c67

                                      SHA1

                                      acedb7ba5fbc3ce914a8bf386a6f72ca7baa33c6

                                      SHA256

                                      5dfc321417fc31359f23320ea68014ebfd793c5bbed55f77dab4180bbd4a2026

                                      SHA512

                                      11ce7cb484fee66894e63c31db0d6b7ef66ad0327d4e7e2eb85f3bcc2e836a3a522c68d681e84542e471e54f765e091efe1ee4065641b0299b15613eb32dcc0d

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      8KB

                                      MD5

                                      04185b690afefa49811583f857e821bf

                                      SHA1

                                      a2b109ba9b514ad15bf7178e7e49743ccb8e8f54

                                      SHA256

                                      b64bfc55140fc9467721e2369587715b9642015689d7564e999dd725ae97fce9

                                      SHA512

                                      e1d9524b7f6f9b0e6453731bf4ae0fa79a501061dfd34f65905b2e27da648dd6ffdac7ba674b9ffc71af0f1f84497b9c075f39d8a58decfb3b2a5f8ec1a1fd62

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      8KB

                                      MD5

                                      74cab0d495ec03a206c3660bbaaf9072

                                      SHA1

                                      f9795afdbfe8fcc91c5b23bbc4cd913e71c92fb4

                                      SHA256

                                      6a3f28ccc2f523fe980b37c38bf291655f21a723c2d41470e63d0137eec27c43

                                      SHA512

                                      027d2fce2d214645eff43f00804be3a4b5c699df08eff4af142005f7ec4f9d2df5559066df20367d71ca221fbaaf9136fbda54b78729f091bd5626b0596c229c

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      8KB

                                      MD5

                                      8db6416322c4a92d631e816c0cc8a8c8

                                      SHA1

                                      301f70f298c6ad10da89d693587accad50013700

                                      SHA256

                                      12ea1443330ced9828f120ad420a7b8395df1dc1802ccddbf49e2518937513b7

                                      SHA512

                                      518489491fe832a730b3f2696894ccf1f5567f6ae5b552e12de3f683a0124ecb0d8cac36c3505e8b20b9d314761c3908f1e14a3be70fae18322da6245d3fd3d9

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      5KB

                                      MD5

                                      b25abf4a85ba1db470179d06fd3fe732

                                      SHA1

                                      8f94ed40eac611a36d0884b3274e22cbc275dcfe

                                      SHA256

                                      66ca16982c0253f1ed38bcc03574a946c28e6c78792240cfe1b095496ed850be

                                      SHA512

                                      7b6055826fbf7ba0bc3140b9748a18a18a0387f51f0394fb71276f69e9c3ebd5239d454ede9469c1456911c6a7076318a9cb2f3c79db55632a4fb418aeafae66

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
                                      Filesize

                                      5KB

                                      MD5

                                      dbd6d5b6fd5d0dae432995154a133ea8

                                      SHA1

                                      a5b2582ff698d96730019cbe85101c37feb883e2

                                      SHA256

                                      18471acf8691096b80a7e959159f4453269204e3fb777527fa920500f38d20ce

                                      SHA512

                                      7543a7d592d1d665feb61a5c5bd0c6c4ec03ac2333eab3fbc1d3dc130f9ab3dc08f71c02218f89c832a387b428e4b7584c28cb234cbbf774d4ce65d99dd9a09a

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences
                                      Filesize

                                      24KB

                                      MD5

                                      5544c64f2a8f49dabc19eb84267b1c9b

                                      SHA1

                                      c5b78d63a8bab1c7b985f7ea2f268d0d7809071e

                                      SHA256

                                      a1fcfee2974a77e76a7431a2069db301861ab42dd41769cead8697f41f5a497f

                                      SHA512

                                      38c80d7c810441fc87beff38929473088cf426b0a25a30820d8a060f493350d99bb8521b314afe00578ea54648fce2aa4e55880a83a4f1048c56307991726565

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
                                      Filesize

                                      16B

                                      MD5

                                      6752a1d65b201c13b62ea44016eb221f

                                      SHA1

                                      58ecf154d01a62233ed7fb494ace3c3d4ffce08b

                                      SHA256

                                      0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd

                                      SHA512

                                      9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                      Filesize

                                      12KB

                                      MD5

                                      5f20ba3b75b2be191d81b012d7fe2499

                                      SHA1

                                      0ac8dbc817bd24b93e8d33ac18edcf9d93557660

                                      SHA256

                                      f5a05236c437b8b6c969d3afdf8182d461b53601ca93d05cefb641435ad18813

                                      SHA512

                                      61474f8c6d8fe685dc7efbb4678f8d8e1d33d6971e413f015b803dd193b8506eddf5c1db8610d937df03a590b5fda9d88cbb7056288855ddb86b8c90165b46e1

                                      Download Submit

                                    • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
                                      Filesize

                                      13KB

                                      MD5

                                      aa48e85e3361599adec27f5ee575ddb9

                                      SHA1

                                      f2736cf514d28953c57b946d7da2422755a415c0

                                      SHA256

                                      1e26b34b547d7250b33503f8e83e245e38e06870291ab1d2386114e30fbe7dbb

                                      SHA512

                                      a1165ed82971cbbfd45c4d8f5499945f437d7f7444491425a64f6e4e335c56f33231e3d98ee1e88c5470c02c1e28445532e4309342c8eb1dfef7891ba977b2b6

                                      Download Submit

                                    We care about your privacy.

                                    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.