r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6173
Expires: Fri, 31 Mar 2023 10:25:27 GMT
Date: Fri, 31 Mar 2023 08:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cca063332ba9a89eadd62a8dd7f81a9b
d473b2a7a32c964599ff3bac8f98fa578f03d1d1
02fb74c7c695ad99f7f2fd7c02ae2b88e2da1c5db339f883333d9090291931dc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02FB74C7C695AD99F7F2FD7C02AE2B88E2DA1C5DB339F883333D9090291931DC"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8185
Expires: Fri, 31 Mar 2023 10:58:59 GMT
Date: Fri, 31 Mar 2023 08:42:34 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 76218c893040d958ae1c4231cdd2133c
6a7b336dee91d4aec26ace0a5883ecdfac52e68f
d35492b04d16ed00e9e195e7c84c99aa6a2b8a93abeb656baae0918986f0a7e4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D35492B04D16ED00E9E195E7C84C99AA6A2B8A93ABEB656BAAE0918986F0A7E4"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6547
Expires: Fri, 31 Mar 2023 10:31:41 GMT
Date: Fri, 31 Mar 2023 08:42:34 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 31 Mar 2023 08:28:22 GMT
content-type: application/json
age: 852
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mQnQ0dUqvRBubZJXu2JwKNgffEkDT1nXWTOYqEKK+dG7Hlxa/g9Jkx+pox/rEtxah9edbHuuuAA=
x-amz-request-id: 6V0B1MMCF1BEEV01
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 31 Mar 2023 08:03:16 GMT
age: 2358
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 31 Mar 2023 08:42:34 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.42375t.top/
172.67.206.32200 OK 489 B IP 172.67.206.32:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (500)
Hash 8b87363f79b4b53be88a7841d55d6267
d66fdbe3337a2dc3b2ded1ec285d0396ef425913
8b52524976c970b7b5a66835122f8b172dc549299d8afd9ac2d88db57fe8ee84
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
NIDS Severity Alert suricata medium ET INFO HTTP Request to a *.top domain
GET / HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:35 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Eza7uuItTjI%2BWRTAOg6F%2FFC2w%2BOl%2FaLUPYzzVzA7WsMWfg7d5xtqAj%2FIZBRivWkMI30kUdCeDvpKFMBGYdb5eulsTZgS8HQsCa2Q7s%2Bc3vBIYzLroBTXIQtnrVPGkZaLUA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cbf3a8f0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.42375t.top/static/index.63b34199.css
172.67.206.32200 OK 30 kB URL HTTP/1.1 www.42375t.top/static/index.63b34199.css
IP 172.67.206.32:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 0d4b9ae04c27bb0dea7591a886dc245d
a25ad440eee7e2014b3968fdae8048774329db91
9b562a2ca797729e5d112fdf033d7227378ca4007659b5ec9d237a468952473e
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/index.63b34199.css HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:35 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Vary: Accept-Encoding
ETag: W/"64255242-17884"
Expires: Fri, 31 Mar 2023 12:03:44 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 31131
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oAtQxOMluNZaUSpGQQt3Cj5oR1HuERjy7vP%2FHtEPAYIiVxNKzZrzJ3zmzy%2BA9V35vYD2lX1dRYiCfqXHnuULDHiHaTxDsrRJR7UGSWqQlU%2BzRjoD6gez%2B9jJNvCIOgms6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cc2b91bb50c-OSL
alt-svc: h2=":443"; ma=60
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Backoff, Last-Modified, Alert, Content-Length, Pragma, Cache-Control, Retry-After, ETag, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 31 Mar 2023 08:17:26 GMT
age: 1509
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 782ca4845ea5e0ec981e33231b1e61cb
032116b75e124c57877524e9e4f523b6d7c65820
94d007862fc7a4cd67f582ff22f2339619177435559c1dd5075a08c7240f3520
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94D007862FC7A4CD67F582FF22F2339619177435559C1DD5075A08C7240F3520"
Last-Modified: Wed, 29 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19138
Expires: Fri, 31 Mar 2023 14:01:33 GMT
Date: Fri, 31 Mar 2023 08:42:35 GMT
Connection: keep-alive
push.services.mozilla.com/
35.163.49.154101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.163.49.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: tYkKCc+GHDRrwlbFt409CQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 2aXhXgvQrs7+RJue21qYx8rk9Kg=
www.42375t.top/static/js/index.57ca21c0.js
172.67.206.32200 OK 34 kB URL HTTP/1.1 www.42375t.top/static/js/index.57ca21c0.js
IP 172.67.206.32:0
File type Unicode text, UTF-8 text, with very long lines (57717), with no line terminators
Hash 9c5cfa9a6af9796b885c7e3d4d54e1b5
ff8c430005792f56b36581c73aa35f2c5a61ca3d
5c5899ea748451c92f51cfb06401125aca53ae1ed6e81c25017abc4328968b29
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
GET /static/js/index.57ca21c0.js HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:36 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Vary: Accept-Encoding
ETag: W/"64255242-19275"
Expires: Fri, 31 Mar 2023 20:42:35 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gDyfgeSX2ppl6uWBf2kNfT%2B%2BiPd0D6AjODmWqqwOPojMRJ1etQY3PiJiOrpKNX9LcjJxcaehCFdQZATyRpKnRiSPq0%2B5lb7AJ2DNGs1QIJcNemXPIm60H6dD%2FnvY%2FSzBTg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cc2ca7fb4f4-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/js/chunk-vendors.db763284.js
172.67.206.32200 OK 336 kB URL HTTP/1.1 www.42375t.top/static/js/chunk-vendors.db763284.js
IP 172.67.206.32:0
File type Unicode text, UTF-8 text, with very long lines (65176), with no line terminators
Size 336 kB (336053 bytes)
Hash f174b9c54082fb5d21cd5f4892dc13fe
0356739201aaea513e1dc198c285a5049d0f1059
00d9e023cd725d2405fb7d462dbb4602a6e835d3caebedb9ca505d17421dc507
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/js/chunk-vendors.db763284.js HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:35 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Vary: Accept-Encoding
ETag: W/"64255242-e0936"
Expires: Fri, 31 Mar 2023 20:42:35 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FKaYjEOBFqgHXGcUNmlY5I6d8hW05fyiGT8lArYZi52frBa9SKgpbu5pM%2FGgwSCSRxJ%2FL6VRhYl7FIyS%2FPo%2FfD07rJmX9DD91rSng65dI8sGCvk26j5li3m7b3dMG7%2BtJQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cc2be410b3d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:42:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:42:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:42:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6435
Expires: Fri, 31 Mar 2023 10:29:52 GMT
Date: Fri, 31 Mar 2023 08:42:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8a2b8f737604b7983cf686c82599dc73
aa63be93c4cd641f09ce0d5144ef60aab21caed1
78835586bfd170fee7e6f70b2b426ed186f5aeae969459c6dcbf527ba9c0deec
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccede828-1c24-4287-bb00-f793263370cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6380
x-amzn-requestid: 0a129a69-0720-47a0-8b0e-b3200de24204
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUn6E19IAMF9SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260165-564474a42e79d1dc4eb9558f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:45 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: L6tgzFrj9t69Rnfd9bziAPiROAX0tvcj9Kcg8sXkto8qRFeKqiwkpg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:17:06 GMT
age: 37531
etag: "aa63be93c4cd641f09ce0d5144ef60aab21caed1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ef54a1ed997cc09495edb102ccdf6803
f5637efb37b5eecff77e60e6bcf5f599991f334f
fa76d7a82dc15baf02b207cea874d1332c20a0ebe1eea99929a6f2746608412c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0794d5a0-7014-425b-9ea0-5dca44ddb4dd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8745
x-amzn-requestid: e1d8dab6-4c15-4752-b528-21854c93a11c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CguJ5Hy5oAMFyAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64235d72-4bd62c8472f7257a155b2a80;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 21:34:42 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: LAAUFZcFBIpdMUkaDQXGW1sdwLK9c_uhQQHLiJHGF7dEvfJ0KX7MaA==
via: 1.1 8f251d23da31b683c3c9d6fad6ca944c.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Fri, 31 Mar 2023 06:44:37 GMT
age: 7080
etag: "f5637efb37b5eecff77e60e6bcf5f599991f334f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1688ae550e5e9181de2448a9cade8a26
a46eb0cd75f46778dc802b648f7c391ce801c700
e717e6e64c928571506bc6d19e3d9ce19bea3292f01618a6d9ddbbaffe65ffd1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d531a5-067e-452b-8349-d9f2a461ba4a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9055
x-amzn-requestid: 1fad6d1e-3380-4574-9796-ca6bde35b507
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUneEK8IAMF1EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260162-690f6e9933616e9b74b70435;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 5qljjE3ByqQaRJhcpkBZFcYVH4lCoP2idQM0iPBAT7znLfoZmO0lUg==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:46:29 GMT
age: 39368
etag: "a46eb0cd75f46778dc802b648f7c391ce801c700"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 876e5464aba1639f3b07b07d1d694514
93885a6205be71d16187782b1803f53d5c8538cb
6e2b6b15f462922a9e8260f55cfcd94d488d1a48435458db43270ea3b825d8c4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F067b6c49-6e52-4dcc-af72-f7292299f912.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13775
x-amzn-requestid: 43d1a1f3-b189-4fcd-a298-429123d1921b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUloF9woAMFU4w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-13778451622503253ea252eb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: bXA995GxGti4_AzSi9F19ZNvUwm5_ZSBw0BB0lRIfNHcmX7Ajt6bSg==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 21:52:34 GMT
age: 39003
etag: "93885a6205be71d16187782b1803f53d5c8538cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e55c2ccec92fa37b631f5616ba5e1b77
c3f1113bad672968f22e63693ef4481f7f5616fe
10bfe1a2cf0b6e0a2a548935a1afc061fc61990a121a84580f3969df68b7974c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5ac5665-fe23-4026-a00b-567f98678f9e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10706
x-amzn-requestid: 2e382033-306f-40ed-b259-76790e5e3ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CnUlmGujoAMFamQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64260156-3856db4579fce52a18219166;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 21:38:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: cYDbU2yRL1y7tFVehv7XBDdywykpvl7kVurr1JvsGPTlYkmsOBwczg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 aa623e134417515bd2496cb01d5e5626.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 22:04:58 GMT
age: 38259
etag: "c3f1113bad672968f22e63693ef4481f7f5616fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 211d737362f7cbcd8c77cee7d29fa2f5
668d1d80c88082928c6ca01fbf1ccbfcd079f64f
05672d4ab964a706c41d73b51592ca2425983e77544f08198dd2d3a7dcc5b3a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29b45e61-5c2e-4b1b-929e-70c72bde0787.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11114
x-amzn-requestid: e9e6a6b5-e6e8-4ca4-9302-a1fc023a38af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkypoH5goAMF6Hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424fe3d-63c6c8465407f5dc26e9aced;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Thu, 30 Mar 2023 03:13:01 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: HsI--rdD7nPKwY0W7f_eIm1y-oz6BbWkLea2jX-JmxY6_I8ncpD-cg==
via: 1.1 8ead054384c1626556ee4410cad35692.cloudfront.net (CloudFront), 1.1 4c48e9fb20d53d40e9fe273dbdae1098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 30 Mar 2023 14:31:29 GMT
age: 65468
etag: "668d1d80c88082928c6ca01fbf1ccbfcd079f64f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.42375t.top/static/js/pages-index-index.4c4c484a.js
172.67.206.32200 OK 3.7 kB URL HTTP/1.1 www.42375t.top/static/js/pages-index-index.4c4c484a.js
IP 172.67.206.32:0
File type Unicode text, UTF-8 text, with very long lines (10885), with no line terminators
Hash d001535856d43e41669ff26b0951f83e
ff4a89006d96780946a41e21738ba350f436a343
780583408a2a7d406d85088b8767f0e1448c09d476416eeed4f34c64a4456709
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
GET /static/js/pages-index-index.4c4c484a.js HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Vary: Accept-Encoding
ETag: W/"64255242-2ca9"
Expires: Fri, 31 Mar 2023 20:42:37 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OQ0riqWvLXS1ahvYoRXzyARj4su4myMroDnDyL5KdsRmEKqsSGElm79ltd3qzsayeCDzOpH5UHoFxANw5vEKJs8TWFrT7MP2HzLWwH9KnWhBHv15b9thHwg1i92QGLtGjg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074ccd492eb4f4-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/them01/tar5.png
172.67.206.32200 OK 3.8 kB URL HTTP/1.1 www.42375t.top/static/them01/tar5.png
IP 172.67.206.32:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash eafac12688364995c32843f1a2212d7b
6efcc5ca2b9beb7e40433e0c0bbc7567314a9daa
8f200f041fa06887fbae63158c75fb29b34aed1e99ee8572e22e938f10e0d038
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/them01/tar5.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: image/png
Content-Length: 3753
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-ea9"
Expires: Sun, 30 Apr 2023 08:42:37 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YLdrPSFXAEtfQ%2FtSH1oABzH1toR%2F2fEACDUt%2FOu3l14ZTNeusOyK49%2Bift2j0ZGMi3C8Afhp%2BQCd6lBg8FiTnIwlD8Y9frLjcaO275KQ61wHHmy2Kc8HAFMERirIHhNoBQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074ccd6b7b0b4d-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/them01/tar2.png
172.67.206.32200 OK 3.3 kB URL HTTP/1.1 www.42375t.top/static/them01/tar2.png
IP 172.67.206.32:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash cead6fc3ae34a69799ea108bde9d380e
0e22c1dc96aa009a0438748c3a6c416d29f715b1
016d43541d68a6383ed137e8720bd1fdf19a42ff6d8f270c4973562d00253bc3
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/them01/tar2.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: image/png
Content-Length: 3280
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-cd0"
Expires: Sun, 30 Apr 2023 08:42:37 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=maGubTCPvaM10cLwOaakw%2BATwMk3fX54vB5ZzYlEtMdL7NXr1i9hD%2Bxs8aiWeycORCjNotPa3GWoLNCOjSj1Y2FpEHeTJ8rhwvpMylPSMnBnhhsoKCQwe3E2uxdxpnOROA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074ccd690e0b3d-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/them01/tar3.png
172.67.206.32200 OK 7.3 kB URL HTTP/1.1 www.42375t.top/static/them01/tar3.png
IP 172.67.206.32:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a6f331bd1f220c3405807cdc82e1e3a5
7ad88bfe40cc5c6a64e5184c396efeb651f66067
00b5d971ac46c511f67e3afa7245294756e79bec25741e56ce1e79ed482614b4
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/them01/tar3.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: image/png
Content-Length: 7253
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-1c55"
Expires: Sun, 30 Apr 2023 08:42:37 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mYHfQDdig7JXHeenlrOcEJqSg87qdC%2Bi6H3W5Udl5d9snM4LW4mgoTCT9UgnCb3FtLvvj2%2F%2Bo5vCpgvVPYOqgIeaoYQXSy9FdpnJzO%2FixVGKmQdbijZOo6ePDXUSJN2pnw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074ccd6f66b50f-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/them01/tar1s.png
172.67.206.32200 OK 5.4 kB URL HTTP/1.1 www.42375t.top/static/them01/tar1s.png
IP 172.67.206.32:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 7e9726a1b564b05ed70e9e54493f3818
710ae344cf830a19da02d612c95ca4718d526a4e
521f8ccb7e2a30d22f84dd90bdf9701ab492ee93d1472c53fedbca51a436a2a0
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/them01/tar1s.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: image/png
Content-Length: 5448
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-1548"
Expires: Sun, 30 Apr 2023 08:42:37 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WAxsR6WWCXbPtu0VPTfBVm9qYfBrpLmzCA%2B%2FGyVMjw7FbtQdnSr7CWdh85P3qgCx3fp7dvoSJF3rYozAE63SR5JjR3rM7rHJw8pxl05ry5c%2BLc4eBvzh7I1yZqqdsyFL3A%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074ccd5891b50c-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/them01/tar4.png
172.67.206.32200 OK 4.0 kB URL HTTP/1.1 www.42375t.top/static/them01/tar4.png
IP 172.67.206.32:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c28e2e0198f7e0d61ebbf40fc6d42941
63aa35096ba7aea6747bba73141ab6b46684cad1
836ab862621e8cb35969d77b1e56ad1d9e179beedb7b3df195670a3e58d1be1c
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/them01/tar4.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: image/png
Content-Length: 3973
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-f85"
Expires: Sun, 30 Apr 2023 08:42:37 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mUS19AEOwhMwcM4Iv5o2uBOdfsvNNDs3%2B2utI%2BZGDJQdWuqlYVSPDDm6VxLRqZgDsGmJXpWenyoNbFzmPHZPJnutO6qucBnbGlUYSemQbFAnFK23pxM3bF9EIHpMpnm%2BVg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074ccd68a2b50c-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/js/pages-login-login.56a9653f.js
172.67.206.32200 OK 3.6 kB URL HTTP/1.1 www.42375t.top/static/js/pages-login-login.56a9653f.js
IP 172.67.206.32:0
File type Unicode text, UTF-8 text, with very long lines (8510), with no line terminators
Hash 94d9cdf8b4d764b0ea4caa5b3ab3810f
86d5699d02f98187650b28f6fb24d39146c829ed
3189464c818f535c2ed24587b11b78b696b19477848edd3c4966b9bfbdae45f2
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
GET /static/js/pages-login-login.56a9653f.js HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:37 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
Vary: Accept-Encoding
ETag: W/"64255242-2362"
Expires: Fri, 31 Mar 2023 20:42:37 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6a4PMt1rkSwoF298p5autWoGMLl3pu9gdBYeypdzcjc7sp3mShyusXlcGw8KCQ3f1v552C53g1K7%2FtlrzsbclrboM1ybo%2B1QbsqfPneBtYoUufiYJUKQGIJvU3TgnkdfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cd02cebb4f4-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/favicon.ico
172.67.206.32404 Not Found 109 B URL HTTP/1.1 www.42375t.top/favicon.ico
IP 172.67.206.32:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /favicon.ico HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 08:42:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: EXPIRED
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tgvMrhhFXYo%2B3jgw5%2B09zFzmY9ramjzwF%2BOcfSXwttXPJOjIIvvv6xi2EznmyUQNwlUvH6%2FmbiPesGucx7MKmI9K5z3%2B6yh5af7pI%2FB6Z7KzICInaZI%2BrZLjQ4fhHQtaYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cd26f1cb50c-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
www.42375t.top/undefined
172.67.206.32404 Not Found 115 B IP 172.67.206.32:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash c79273e9b9de357e24b445594f31d7f8
e27e10e96ca7708dbad2cd41a416ffcab6a94600
941433f5957dd44b3ec474726aadfc556c41e94c1a6969d8fef8a931414f6baf
Analyzer Verdict Alert openphish Amazon.com Inc.
fortinet Phishing
GET /undefined HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 404 Not Found
Date: Fri, 31 Mar 2023 08:42:38 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ror4hN78MxrX2B3YOMPI8I4ucfsKp%2F8xRUpKuFCQ6nSXsEl2uQbhyh8pvs3hHkXOlticib%2Br0usq1LNEvxXMShqYINyAP3nqIRvbrKTq0OzLawdQM6YE3tF0IaeKfxIPBw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7b074cd3590cb4f4-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.7 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash c2c1f9e2d87401f9a9fd9e90a14f8561
cdb6c72e70938cd1976220c5b6da00aabf0e4102
dc438bbb80088779084e26bb75e3d3f6f0e0fb3563be4e3162dd9286486d8f59
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=444
Date: Fri, 31 Mar 2023 08:42:39 GMT
Connection: keep-alive
X-N: S
www.42375t.top/static/gq/zh.png
172.67.206.32200 OK 1.9 kB URL HTTP/1.1 www.42375t.top/static/gq/zh.png
IP 172.67.206.32:0
Hash d0a4589e1aa0f7e2abb433721c6f29d1
838d26d7ea90bf888a0a0b45c671895f59cff19b
7916eab1f228b2f37af2477eaf5f8bfeb896662f59e9163b470dab179acef5dd
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/zh.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:39 GMT
Content-Type: image/png
Content-Length: 1604
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-644"
Expires: Sun, 30 Apr 2023 08:42:39 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vi4MFYNegk3w1KV2mPwt5fYwUBorq6sAjepRtLoeNd24Gp4MsPfXHkwX%2BK9PdENZCkCowG5BDgAcjd5pkquew0%2BDVI793U%2B8QJrl1iMWPEy3EUHdAI8qiCCZ5rpw9iWRSA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdd8dcdb50c-OSL
alt-svc: h2=":443"; ma=60
www.58964u.top/1.php
104.21.32.110200 OK 5.3 kB IP 104.21.32.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash def8e0c32b791af2f0d447f024b9a071
2e12fc2dc8e01a94287a9cdbb1003da81b6dff1d
af448c73cbe2521aba1ea6902b7afedc7f78a4c1e925250b38854ee1ba8b1ff9
GET /1.php HTTP/1.1
Host: www.58964u.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d9u2ata%2FG3BXB7jLW6NXkp9i%2B6rWtKTzTasT5UGRdiVEnR2XvOXOBwbbuxK%2B%2BAeaTsRBvrF4Cifnmb7e%2Fc7V4tNZ36toQANLrs3i4X6w5Cy7XvytX%2BJhCeN4jWbaS42aUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074ccecbc9fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.42375t.top/static/gq/en.png
172.67.206.32200 OK 1.9 kB URL HTTP/1.1 www.42375t.top/static/gq/en.png
IP 172.67.206.32:0
File type PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 19e8aa640b1d129c94e299dfd580f210
ccfa030c16120a11d224fa1ba72afd55f0776523
7385aee2de7d89a525b33e6ff1e8c1246de9234fcc7346f5877ee7d3301f8ca1
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/en.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 1856
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-740"
Expires: Sun, 30 Apr 2023 08:42:39 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I1d5NTg9t8e60AfkQhW9H3jzDw8MUdCArSaCvvdNALGCADtQ4QTXIlMUGMLzaYHNHdkw5d1U1ImqlU69AcauYwYfQHntB21WnaP%2FVGn%2FZgyCeh%2F44bnnxmhNfwTvCDbQRg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdd6e3db4f4-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/gq/taiguo.png
172.67.206.32200 OK 1.8 kB URL HTTP/1.1 www.42375t.top/static/gq/taiguo.png
IP 172.67.206.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 100x100, segment length 16, baseline, precision 8, 200x132, components 3\012- data
Hash 8bee5bd031c5cc00e5b37c2479fdab77
71fa024309e521b57da52088812dabb67db3defb
37b01ac6c4b097faf7372b4a2c895549fe9349bf57dbef9d185ace92b4b3fdb7
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/taiguo.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 1771
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-6eb"
Expires: Sun, 30 Apr 2023 08:42:39 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w2fLXCVbXk4InrzBO6dIm3Bt5VVfB86Nk7Q%2B3wj74RSSgLBJl6i7%2FkbboxtEw7BhWagJFtoLQZ3vxk34Ix3Mu4x%2BcNXWPvOSP5F%2BthAfDDkM24Fgt3CztJErjK1ymhfDAw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdd99ff0b3d-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/gq/hk.png
172.67.206.32200 OK 1.5 kB URL HTTP/1.1 www.42375t.top/static/gq/hk.png
IP 172.67.206.32:0
File type PNG image data, 49 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 199fe88db3fdff594016f2344256f05e
e05d0b865be8418dc92a019a2b90e61bbbf315c8
417a37b4988d0520ea83dc2c570100c6a7a86dbcd5bf7ca1113659c38d5101d9
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/hk.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 1520
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-5f0"
Expires: Sun, 30 Apr 2023 08:42:39 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8KUJ%2BhtH8HhpFQSTNRX6bD7hgsTinhDJ5wQM%2B67eYZFG1i%2Bnvg2y7bpG%2BFXcnDehNhKoiy9%2F1bVSheP31lSP4WApLAiauU%2BwuCOkVCX1Q0cMRhexH3mXyn7oj%2FP2NltdtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdd999ab50f-OSL
alt-svc: h2=":443"; ma=60
www.42375t.top/static/gq/riben.png
172.67.206.32200 OK 1.6 kB URL HTTP/1.1 www.42375t.top/static/gq/riben.png
IP 172.67.206.32:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 200x133, components 3\012- data
Hash 25063f09ffd7e1a9953280e672d09e49
2d9456c4fb45f581ac280cd1d1dfcbae816befc5
c9fb77d53b59899ffe6c3b70e68710fba28ac210bcd826ace5bcbf81e22374c5
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/riben.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 1573
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-625"
Expires: Sun, 30 Apr 2023 08:42:39 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bSCEDH7%2FcA8rccfC%2FeIs6Y6K8MD1MJKg5FSJ95OctWNrN79e1tkKcRj5HpauxyJ2HdUnUML1v6Nsi%2FHA863DuZanBLfgp4CdMnpeZ9FTpkxRrUwejNhqaOB%2FSNwJ31m0ug%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdd9c5e0b4d-OSL
alt-svc: h2=":443"; ma=60
www.58964u.top/1.php
104.21.32.110200 OK 6.4 kB IP 104.21.32.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash dc7674d6f15ecd47a590d1be42681a07
9c96690419a77fee256ace52e9f9b906481197bc
4fafd81b386c8e6275b11815ac2b2c5b272283e0bc95d79770a7374e547ad2ef
GET /1.php HTTP/1.1
Host: www.58964u.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AVsHRDM5IKxNq8bc%2F7AXe%2BAM6JPE10ypvXlhJ16sRhlAELucK1%2FhisJLqib%2BFrKre%2BKtoOPgyd2mMLe1mKet4NdvKDDNOHgEuA7aqcGDkT5sH101fNamHmldX4O7aqY3MA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074ccecbd2fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.42375t.top/static/gq/yuenan.png
172.67.206.32200 OK 1.7 kB URL HTTP/1.1 www.42375t.top/static/gq/yuenan.png
IP 172.67.206.32:0
File type Targa image data - Mono 70 x 257 x 1 +18960 +18758 "H"\012- data
Hash d5ca359563f12eec0b32838a3eb5f98b
f65e16a64e20f061ba3e8356635bf162ff19bf51
0e319e9203dde57d13db8c00913cdd5532290c7eb3759684edea8ddaa1170f5d
Analyzer Verdict Alert openphish Amazon.com Inc.
GET /static/gq/yuenan.png HTTP/1.1
Host: www.42375t.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.42375t.top/
HTTP/1.1 200 OK
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 1659
Connection: keep-alive
Last-Modified: Thu, 30 Mar 2023 09:11:30 GMT
ETag: "64255242-67b"
Expires: Sun, 30 Apr 2023 08:42:40 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: MISS
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QTf5uFSjDgmsv47JU%2Bf%2FOmzUqBJNxq6G7NT0QBcS9pLN4CMZ5UAHHqc%2FKXIDfgC9W731cip4wA1AhwpCUphc2ob6pvAKMCz2eqOnc0BatuFoxcPLu3yWzHoRVB6zbdX7Yg%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7b074cdf1fd9b50c-OSL
alt-svc: h2=":443"; ma=60
cdn.dcloud.net.cn/img/shadow-grey.png
120.26.70.71200 OK 136 B URL HTTP/1.1 cdn.dcloud.net.cn/img/shadow-grey.png
IP 120.26.70.71:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 1 x 6, 4-bit colormap, non-interlaced\012- data
Hash 5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 31 Mar 2023 08:42:40 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Fri, 31 Mar 2023 10:42:40 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=CgIBXWQmnQAY7gSOJSWAAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
www.58964u.top/1.php
104.21.32.110200 OK 3.9 kB IP 104.21.32.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8f1e060cab1c1cce25a8b68bca1bacfe
8a18564a0cc879daa1fa078f76d7c01e76dd5734
ab926f456933d066028703f15e259722dff30cb048b1ae50a24b740c16a4db85
GET /1.php HTTP/1.1
Host: www.58964u.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1PZmxFz%2B162inN39gnLP9pxwcp98Gkx9OEmb0%2BmOaY%2BoOKNNaoWYRoZumva2TkyhExRbNFZyQ%2Br60MCM3ZeuF77l84YQ6PvArS3I8CBh4je8U77yZ1NrAePgXSODc3HAA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074ccecbd1fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.58964u.top/1.php
104.21.32.110200 OK 8.0 kB IP 104.21.32.110:0
File type JSON data\012- , ASCII text, with no line terminators
Hash baaf36303f1fcfee1f26ff3a8fd51926
cee1c21abec8a979f004fb3252bf4b8eb6dc34bd
9eeb18444158fc1e169cbfbc7a73ecf5bcbe278f49c93cbc30589907446a62d3
GET /1.php HTTP/1.1
Host: www.58964u.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:37 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-methods: POST,GET
access-control-allow-credentials: true
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1BMOZ8rC%2F06drB6DiJDdaBlQ9nZlcrTNDLSdePoZ8fL%2BR5KIrnhphtqaNnDvxSpdQXu6ajlYEuhcrBmuPjOt4TFG%2BPyrEvxA%2Fbdjs9MyhzzUMbBpQ2%2F%2BxEM4%2BYakoL6WLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074ccecbd4fabc-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/siteobj
188.114.97.1200 OK 153 kB URL HTTP/2 www.95743c.top/api/user/siteobj
IP 188.114.97.1:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (640), with no line terminators
Size 153 kB (153291 bytes)
Hash 588e0221f4b1651a4fbedfee17ff07a6
a9fc8e06e392d4d7114a238c14d3adb7cf8da17e
d8fd325c3679c06f94653955f79f76ce3c6fa63a351dc8eedd498b201b154634
GET /api/user/siteobj HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RcP8Ub%2BJIWGmkm7whIPCzNtxQasjPmm3pKxFz3GCBoHRja521WJH%2BfJ5FisBIO5exI4glIeWSOjSbXOOGZQ1YngTGccOJKyTnezNhkP1Ci1VoQCsSnRr8OHdyhRkH1e5Ig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd3cce5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/setlang?lang=en
188.114.97.1200 OK 0 B URL HTTP/2 www.95743c.top/api/user/setlang?lang=en
IP 188.114.97.1:0
GET /api/user/setlang?lang=en HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
set-cookie: think_var=en; path=/
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CHpsh19OnDBSIsg%2BUM4ixT%2FYZcWnUppviHShj1Tomzv8UkFhV90g772T8hpczo9PzfmJrD2uSYg5hNaW%2F8%2FSCbd%2BTMX9w%2FEkEY6qyaIdoSoifm1YkSffrr4CGR9i51Gi7Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd74a8eb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/siteobj
188.114.97.1200 OK 0 B URL HTTP/2 www.95743c.top/api/user/siteobj
IP 188.114.97.1:0
GET /api/user/siteobj HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eeylYm4Chl0XYlFLecr4UGTeSQ36EAWorz3xKb5LBoWuLd7VZzGJmehIrzJ6LWir%2FCRccvkSwAit920RU8sZErtC3Pia0EFH3xcXM27IWTVTjZGrm4WUA8zDFeynATcPdQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd3bcc8b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/siteobj
188.114.97.1200 OK 0 B URL HTTP/2 www.95743c.top/api/user/siteobj
IP 188.114.97.1:0
GET /api/user/siteobj HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1TQtywz63HU6qPnttwOJ6%2FF2ZVTG7LLy48IPFz%2F7nm8OY4CCSurVseGsH6heJvq6V8KGrEKxX2B%2BiLWmpszUT9mAEhmEoUDkT99W3JYAu8MsfQusSUeYsC3ThNZNZAvIXA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd3bcc5b4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/siteobj
188.114.97.1200 OK 0 B URL HTTP/2 www.95743c.top/api/user/siteobj
IP 188.114.97.1:0
GET /api/user/siteobj HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8%2BD9gFnXZb1oNXPzzfawXOlILjxT4OmUCAZD1PAeB13Sr4OJwtcFAs0jCo66bfQOWujDLRDyQf3A3nDhBJGkAJCn6mwbJLi90PoKI6vDcZ%2B%2FQoGtjRJaBIFZEVqFvtQMlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd3bccfb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.95743c.top/api/user/siteobj
188.114.97.1200 OK 0 B URL HTTP/2 www.95743c.top/api/user/siteobj
IP 188.114.97.1:0
GET /api/user/siteobj HTTP/1.1
Host: www.95743c.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.42375t.top
Connection: keep-alive
Referer: http://www.42375t.top/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Fri, 31 Mar 2023 08:42:38 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: http://www.42375t.top
access-control-allow-credentials: true
access-control-max-age: 86400
strict-transport-security: max-age=31536000
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yLCNkJ8T5XXShnadMs5l%2BJxZdmc0JTYvne2RTJahIoV0T0jOru%2BVLmQI95ylsXNm%2Bfvo5eQhhUMYr1cXxyVAO0VoEUvb3bKCmzwcDvXsc2%2Fi0U%2FYor1j6v%2FxdFXCe%2FK8Vg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7b074cd3bcdeb4fa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2