r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2943
Expires: Wed, 08 Feb 2023 01:29:42 GMT
Date: Wed, 08 Feb 2023 00:40:39 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6198
Expires: Wed, 08 Feb 2023 02:23:57 GMT
Date: Wed, 08 Feb 2023 00:40:39 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 08 Feb 2023 00:34:10 GMT
content-type: application/json
age: 389
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5663
Expires: Wed, 08 Feb 2023 02:15:02 GMT
Date: Wed, 08 Feb 2023 00:40:39 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: UiW1RBwGGmjjPNgFT1RrvKj6LEY9ifbbhGAIpb1ooXb6eD9DIcaPSCF2ZsWHHRKpRFxyk/A+RYU=
x-amz-request-id: 726PQTAR1NZTHMQ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 23:45:45 GMT
age: 3294
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 08 Feb 2023 00:40:39 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Content-Type, Pragma, ETag, Retry-After, Backoff, Expires, Alert, Cache-Control, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 08 Feb 2023 00:14:52 GMT
age: 1547
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16373
Expires: Wed, 08 Feb 2023 05:13:33 GMT
Date: Wed, 08 Feb 2023 00:40:40 GMT
Connection: keep-alive
push.services.mozilla.com/
54.191.5.58101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.5.58:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bSoKp1V7jaqi7PWj/QKgKg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /39zRbyKqEuupnYz/dHnufmoH4U=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Wed, 08 Feb 2023 01:18:40 GMT
Date: Wed, 08 Feb 2023 00:40:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Wed, 08 Feb 2023 01:18:40 GMT
Date: Wed, 08 Feb 2023 00:40:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Wed, 08 Feb 2023 01:18:40 GMT
Date: Wed, 08 Feb 2023 00:40:41 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2279
Expires: Wed, 08 Feb 2023 01:18:40 GMT
Date: Wed, 08 Feb 2023 00:40:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 62695
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 8484
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25fb37d8b072e47aae74933481fb9418
b073d213a6a7939efed7ee5ef62a5548e00082bc
59a9c61013b3a4faab6f1c578f45bb87397d2f9e7975ae58e53e2c4e4a791da2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8122ba3b-f49a-49fa-acfb-88990087de42.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6177
x-amzn-requestid: 1b73f423-5a28-48f6-9ad1-9e42c38bebc6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f-tCnF09IAMFt4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e28edd-294711995de49ebb380b4ca2;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 17:48:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zr0wkfqHvE3x4qvNObXp9uIF_oXpoZuHKgyboR5ezBuiHDdxFPpswA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 18:09:39 GMT
age: 23462
etag: "b073d213a6a7939efed7ee5ef62a5548e00082bc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9c2a9eee923b84d4e06438a8b2acaff
520b122e3ce52220af153fee26bb7067283f9075
9ff4236fdcd05210a9c8bb48ea68179e142b1b05c8b19dd66282590dff69fa22
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdcf61053-67f6-4767-ad44-fa802c5ef5b4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10058
x-amzn-requestid: 94374454-1e89-4c43-895b-0a90f39b851d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O5vEgcoAMFctg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c50a-0bf11cad4b0818c36188ba91;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1R4SRNvqhRHbrDZsGB06NJbBXf8WRgJEHmXTbop8pqf8etTJSlmQwQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:06:05 GMT
age: 9276
etag: "520b122e3ce52220af153fee26bb7067283f9075"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb0e725719ac378134b01b6473a6581
a8a1780c88e8ae219048bed28ecfbd8019d9af35
187d4e83edc0af857334f84bd6853234193d4654d06c43367f39b4e125defe08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5abcabc9-1cda-4d86-8630-67943159604b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6679
x-amzn-requestid: 97c19ad5-c127-4dc1-b529-1eca84645316
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f59MzHgloAMFwow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e0a8b8-79d6b8d31b69153d4929b7b7;Sampled=0
x-amzn-remapped-date: Mon, 06 Feb 2023 07:14:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x_tr-xummuF51PvAM4y3DgvLWuJOwxgquKO8baQfcoN6ta5M3ll7ug==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:49:38 GMT
age: 60663
etag: "a8a1780c88e8ae219048bed28ecfbd8019d9af35"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 33b061f03be149fea0df63b42a8ec226
e5e491c6ef8b6234450a34ee5df28b9a58a8ad43
a5970bbb40be173878cd2e920bd1a6ed27775fbdc222bb66ccbc5969984882f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a8e532-be72-47cc-8389-e8f28ffc3c2a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4269
x-amzn-requestid: df152b3a-fa15-4dac-96f9-41b9ea8e5136
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_OkQH5PoAMFl1g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c481-63636a42419209fb0c17eceb;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViawdcUij4_pKnUmO34Oaqjmbtv19ModMaku0MWYTHDeLCR1ikzB_A==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:42:03 GMT
age: 10718
etag: "e5e491c6ef8b6234450a34ee5df28b9a58a8ad43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
servicdhredrev.desmart.com.my/public/Nh84oSPOcx7KfGj52Y8rIvfRhXh6VDXF
194.233.69.154302 Found 215 B URL HTTP/1.1 servicdhredrev.desmart.com.my/public/Nh84oSPOcx7KfGj52Y8rIvfRhXh6VDXF
IP 194.233.69.154:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 292b0876ca78914a85e40147ac801bd4
32eaace09f340803a44918662f812506e3832c76
fd22f362ff3695965f28baf9be001100466f3da75d2e4c6479d349b90e55dcff
Analyzer Verdict Alert fortinet Phishing
GET /public/Nh84oSPOcx7KfGj52Y8rIvfRhXh6VDXF HTTP/1.1
Host: servicdhredrev.desmart.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://servicdhredrev.desmart.com.my/public
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6ImJBUjIwdWk2dmxCbTYzNE9GQ0Fzd2c9PSIsInZhbHVlIjoiSEtmcEczdUo3QTJiWVVyRElKeFAybVdRQ2RmYTZXVkZadjNXSzFPV2lsNnlYQkVHbXhhYXlGQ3pLZDgyNlRQdXEzb0tjSVVnUURXazdZUGZSOWtTeHdZK3VaTFcya1Jpb2FQWndaNXJoR0Q2VkJYMjlaRnJ4ekV4Q3BEc1BIekYiLCJtYWMiOiIyN2YxOTE5ZWM4NDdjZGJkOGU2NmVlZjlmODg4OWNhZjk3OTBiM2FlODc3NjQ3NDE0YzMyMTU1OGZjYjZlYmQ2IiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:41 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InAvd2tGMnM1U2lwTmVOTzdVMkxTT3c9PSIsInZhbHVlIjoiVjV3RGM5NStrNWtwWVJmZTluL09HMzB1Rk11V01KRFRsOXFjK1JiNDNscVFPNVNGcHI0Q1BWM3VydmlNQ09jelkwOHVrazZOdm1NUUJNYTZEc1BmOEhXM0JkdGhXTThNSGhCTkRuYnIyT3VUU0o1SUNQZXpJMldRMVIrZEZLdU8iLCJtYWMiOiI2NTBhMTgxY2YyMTBmNDdjODBhZjExOWQ0Nzg1YjZlZmUwMTliMWIwYjAzZmNhY2VjZWZiODBmMjEwZWIxMjQwIiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 215
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 08 Feb 2023 00:40:41 GMT
servicdhredrev.desmart.com.my/public
194.233.69.154301 Moved Permanently 707 B URL HTTP/1.1 servicdhredrev.desmart.com.my/public
IP 194.233.69.154:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
GET /public HTTP/1.1
Host: servicdhredrev.desmart.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJBUjIwdWk2dmxCbTYzNE9GQ0Fzd2c9PSIsInZhbHVlIjoiSEtmcEczdUo3QTJiWVVyRElKeFAybVdRQ2RmYTZXVkZadjNXSzFPV2lsNnlYQkVHbXhhYXlGQ3pLZDgyNlRQdXEzb0tjSVVnUURXazdZUGZSOWtTeHdZK3VaTFcya1Jpb2FQWndaNXJoR0Q2VkJYMjlaRnJ4ekV4Q3BEc1BIekYiLCJtYWMiOiIyN2YxOTE5ZWM4NDdjZGJkOGU2NmVlZjlmODg4OWNhZjk3OTBiM2FlODc3NjQ3NDE0YzMyMTU1OGZjYjZlYmQ2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InAvd2tGMnM1U2lwTmVOTzdVMkxTT3c9PSIsInZhbHVlIjoiVjV3RGM5NStrNWtwWVJmZTluL09HMzB1Rk11V01KRFRsOXFjK1JiNDNscVFPNVNGcHI0Q1BWM3VydmlNQ09jelkwOHVrazZOdm1NUUJNYTZEc1BmOEhXM0JkdGhXTThNSGhCTkRuYnIyT3VUU0o1SUNQZXpJMldRMVIrZEZLdU8iLCJtYWMiOiI2NTBhMTgxY2YyMTBmNDdjODBhZjExOWQ0Nzg1YjZlZmUwMTliMWIwYjAzZmNhY2VjZWZiODBmMjEwZWIxMjQwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 08 Feb 2023 00:40:42 GMT
location: http://servicdhredrev.desmart.com.my/public/
servicdhredrev.desmart.com.my/public/
194.233.69.154200 OK 374 B URL HTTP/1.1 servicdhredrev.desmart.com.my/public/
IP 194.233.69.154:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash f9103ddcec7cc0d53482648ed86aa7cd
88d39537ab126113311c5736656c9886dd9a09b5
34ac8da67ce958231409ac5a59a189cc2d90b342e3bc6787badd7030241a66dd
GET /public/ HTTP/1.1
Host: servicdhredrev.desmart.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImJBUjIwdWk2dmxCbTYzNE9GQ0Fzd2c9PSIsInZhbHVlIjoiSEtmcEczdUo3QTJiWVVyRElKeFAybVdRQ2RmYTZXVkZadjNXSzFPV2lsNnlYQkVHbXhhYXlGQ3pLZDgyNlRQdXEzb0tjSVVnUURXazdZUGZSOWtTeHdZK3VaTFcya1Jpb2FQWndaNXJoR0Q2VkJYMjlaRnJ4ekV4Q3BEc1BIekYiLCJtYWMiOiIyN2YxOTE5ZWM4NDdjZGJkOGU2NmVlZjlmODg4OWNhZjk3OTBiM2FlODc3NjQ3NDE0YzMyMTU1OGZjYjZlYmQ2IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InAvd2tGMnM1U2lwTmVOTzdVMkxTT3c9PSIsInZhbHVlIjoiVjV3RGM5NStrNWtwWVJmZTluL09HMzB1Rk11V01KRFRsOXFjK1JiNDNscVFPNVNGcHI0Q1BWM3VydmlNQ09jelkwOHVrazZOdm1NUUJNYTZEc1BmOEhXM0JkdGhXTThNSGhCTkRuYnIyT3VUU0o1SUNQZXpJMldRMVIrZEZLdU8iLCJtYWMiOiI2NTBhMTgxY2YyMTBmNDdjODBhZjExOWQ0Nzg1YjZlZmUwMTliMWIwYjAzZmNhY2VjZWZiODBmMjEwZWIxMjQwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImVuazJ1TWNPV0JydDJCbWJOeXNJQUE9PSIsInZhbHVlIjoiRFR3M3ZKS3dlaGc4T1BmRDdtcXFINGFHbDN0L1M5RFVJM1ZVOTA2UCsxcEt2Y2FwWHBibDgvOU5Bcm5tVnowb0lvV1NpK21YbWtraVhpSGxCWDE4WmJSRW1LOCt2elpnSkNMNkV1Y0s1N2JheTkwSi9yM3lsL0NrOWM1L0dyUU8iLCJtYWMiOiJmNDE2MWI4MWVlYThmYmZhYjA4NGNhN2RlOGMwNWFlMWJmNTIzMTY3ZWM1NWVjY2Q0ZTE2MTc2OWNkNTEwNTU5IiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:44 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjY3dXdaZ1JTd01XYkNjMHpvVVJreXc9PSIsInZhbHVlIjoiSk9VcDVWLytZTjBjM1ptSURnby9ZNGhEWDUzT1FzTDVOUnhYNU5rT2p1blpLYStPUTFxZ1AyeTJGQkg1MlBQVnRMTkgweDV1TmZmd0RYeFB2eXUwRXQvUXE3a2tyTTc2NUFnTXpwcmJoQU1ybit1QmFQR2FrNjJNcVA2UGpGVjciLCJtYWMiOiJjNWU4OTdhNjU0NTc3N2M3Mzc2NzQwNzVlYTBiMWFmY2Y2ZDhiY2IyZGYxMWQ4ODhmMTY4ZDQyMzk5OWNjZmE2IiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:44 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 374
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 08 Feb 2023 00:40:44 GMT
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
151.101.193.229200 OK 1.2 kB URL HTTP/2 cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP 151.101.193.229:0
File type ASCII text, with very long lines (2400)
Hash 00d8e4bf35e3ecfb78d1e8a64284059b
560445b7f347a8945bcb2073767fa8593dbef22d
8f2a3c4a3919454b2578b5bbadc9b8f135d5e12ce37e717a6010d808d40a1a05
GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://servicdhredrev.desmart.com.my/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 08 Feb 2023 00:40:44 GMT
age: 8870
x-served-by: cache-fra-eddf8230107-FRA, cache-bma1670-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1167
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP 104.18.20.226:0
Hash df16f452eeb9a80147c4abd1b80393e1
248aed7cea9103d076b9f0b7413a66c0cfa862ac
efbaaea0cbbdd13fadfd3391f6434de9797b1fe82fb1a5741b037048d967966d
POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 08 Feb 2023 00:40:44 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "FB4F19A7C4C4D6912C276B3C3CEF0DED23725967"
Expires: Wed, 08 Feb 2023 12:00:00 GMT
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1698
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796050cebb710b69-OSL
servicdhredrev.desmart.com.my/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL/
194.233.69.154301 Moved Permanently 707 B URL HTTP/1.1 servicdhredrev.desmart.com.my/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL/
IP 194.233.69.154:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Phishing
GET /prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL/ HTTP/1.1
Host: servicdhredrev.desmart.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://servicdhredrev.desmart.com.my/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImVuazJ1TWNPV0JydDJCbWJOeXNJQUE9PSIsInZhbHVlIjoiRFR3M3ZKS3dlaGc4T1BmRDdtcXFINGFHbDN0L1M5RFVJM1ZVOTA2UCsxcEt2Y2FwWHBibDgvOU5Bcm5tVnowb0lvV1NpK21YbWtraVhpSGxCWDE4WmJSRW1LOCt2elpnSkNMNkV1Y0s1N2JheTkwSi9yM3lsL0NrOWM1L0dyUU8iLCJtYWMiOiJmNDE2MWI4MWVlYThmYmZhYjA4NGNhN2RlOGMwNWFlMWJmNTIzMTY3ZWM1NWVjY2Q0ZTE2MTc2OWNkNTEwNTU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjY3dXdaZ1JTd01XYkNjMHpvVVJreXc9PSIsInZhbHVlIjoiSk9VcDVWLytZTjBjM1ptSURnby9ZNGhEWDUzT1FzTDVOUnhYNU5rT2p1blpLYStPUTFxZ1AyeTJGQkg1MlBQVnRMTkgweDV1TmZmd0RYeFB2eXUwRXQvUXE3a2tyTTc2NUFnTXpwcmJoQU1ybit1QmFQR2FrNjJNcVA2UGpGVjciLCJtYWMiOiJjNWU4OTdhNjU0NTc3N2M3Mzc2NzQwNzVlYTBiMWFmY2Y2ZDhiY2IyZGYxMWQ4ODhmMTY4ZDQyMzk5OWNjZmE2IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Wed, 08 Feb 2023 00:40:44 GMT
location: http://servicdhredrev.desmart.com.my/public/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 02fde25be5ded120af759d19d8304f73
8d2a4d9ab5947113ce0737d4d4bed3e30a971026
7cdf26668cca22f28eee047d3fcf30cea8d97b1d8804fe2132728f26cd11558d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b5f2a3-c53c-4690-b548-2c3d0f556f73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8629
x-amzn-requestid: cc20d28e-3937-4826-97ef-100fb5dd2645
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFn3oAMF61A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-6e764236604212fa26dab38a;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: GIAPTJF7sfpuubLSngEDMrowvBWW5c1xRlyVf7PQ3o6rGWdFITVioA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:15:10 GMT
etag: "8d2a4d9ab5947113ce0737d4d4bed3e30a971026"
content-type: image/jpeg
age: 8738
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
servicdhredrev.desmart.com.my/public/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL
194.233.69.154200 OK 5.8 kB URL HTTP/1.1 servicdhredrev.desmart.com.my/public/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL
IP 194.233.69.154:0
ASN #141995 Contabo Asia Private Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 4076f9ec7e144efa1f31e3e9ccb667b0
66682550475413f33818a23faac9046b420ac915
c976243d9002ab09801c37e6c28471a4fcc4d1771dc0841b788e9da9a17fda02
Analyzer Verdict Alert fortinet Phishing
GET /public/prZ8kVRXpDn8boCBcCcy7hfQzLCNlycL HTTP/1.1
Host: servicdhredrev.desmart.com.my
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://servicdhredrev.desmart.com.my/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImVuazJ1TWNPV0JydDJCbWJOeXNJQUE9PSIsInZhbHVlIjoiRFR3M3ZKS3dlaGc4T1BmRDdtcXFINGFHbDN0L1M5RFVJM1ZVOTA2UCsxcEt2Y2FwWHBibDgvOU5Bcm5tVnowb0lvV1NpK21YbWtraVhpSGxCWDE4WmJSRW1LOCt2elpnSkNMNkV1Y0s1N2JheTkwSi9yM3lsL0NrOWM1L0dyUU8iLCJtYWMiOiJmNDE2MWI4MWVlYThmYmZhYjA4NGNhN2RlOGMwNWFlMWJmNTIzMTY3ZWM1NWVjY2Q0ZTE2MTc2OWNkNTEwNTU5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjY3dXdaZ1JTd01XYkNjMHpvVVJreXc9PSIsInZhbHVlIjoiSk9VcDVWLytZTjBjM1ptSURnby9ZNGhEWDUzT1FzTDVOUnhYNU5rT2p1blpLYStPUTFxZ1AyeTJGQkg1MlBQVnRMTkgweDV1TmZmd0RYeFB2eXUwRXQvUXE3a2tyTTc2NUFnTXpwcmJoQU1ybit1QmFQR2FrNjJNcVA2UGpGVjciLCJtYWMiOiJjNWU4OTdhNjU0NTc3N2M3Mzc2NzQwNzVlYTBiMWFmY2Y2ZDhiY2IyZGYxMWQ4ODhmMTY4ZDQyMzk5OWNjZmE2IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IlNNeVhUR05XaENGUkRRTFBsL3RjTGc9PSIsInZhbHVlIjoiamZIZlA1WGI1SGNpNmNzWHFZZTFVN0Nsek1PSlpyUjUwWis2RnM0MzN3Nys1TUszeU9zZTEzQXdDQ0FmaWNxeWtId3FHVE9GV3B2YnJUY00rWGloRXN5Z2VISGRlT1ZxeUtFOXZqdjc0Um41U0hpVFFGOUhLTU5qVGt5U1lydFEiLCJtYWMiOiIzOGM3OWNkOWUzYTczMjUzNDZmZTExMWI5N2IzODcyZGFmM2E3MzkyYWJjM2E1MDBkYmMyZjI2NjZlNzFlYzhjIiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:48 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImRPMkJxZFkrOGpTNzlpcFJxdVlBSUE9PSIsInZhbHVlIjoiQlVEdVJzell1cGlJdzhBUUd5bk9kdFBOQ1I1SWtmRTZZK0w3UG1rVU5RRERHemN3L0lUYTZCMEhKQ05RZjhkVGZKWkYrTHRQL3hwY2FlRWdOM053WWkzaEE3OG50WXc4bmhoeWc4ZzBKYXRKRVovRTFMLzlEdXRrRllESTFZOUUiLCJtYWMiOiJjNmZiMmE0ODFiNDQzZjRiYTdlYzg4NDQyMWQ5MTk0ZTE4NTk0ZGQyNzY3YWRiMjU4YjY1MzI2YzIzMTQ5ZDAzIiwidGFnIjoiIn0%3D; expires=Wed, 08-Feb-2023 02:40:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax
transfer-encoding: chunked
content-encoding: gzip
vary: Accept-Encoding
date: Wed, 08 Feb 2023 00:40:48 GMT