r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12065
Expires: Tue, 10 Jan 2023 21:36:09 GMT
Date: Tue, 10 Jan 2023 18:15:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1f67827b21be68d925837dd729590f2d
dc24511141f5352e496b300d7d7e81b0cffb7475
afb1850e7c16f02d267a1310f1681367ecf598816fc62bd02447ffcd26117a9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AFB1850E7C16F02D267A1310F1681367ECF598816FC62BD02447FFCD26117A9F"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2858
Expires: Tue, 10 Jan 2023 19:02:42 GMT
Date: Tue, 10 Jan 2023 18:15:04 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 10 Jan 2023 17:48:30 GMT
content-type: application/json
age: 1594
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6854
Expires: Tue, 10 Jan 2023 20:09:18 GMT
Date: Tue, 10 Jan 2023 18:15:04 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /xTeiYCondaGJ6nyX6b6RT3Ze9Kw6eqaLA8SUeOhd9z3ynaw6MaOEWu0iO7RN75Vz9TVTuacksg=
x-amz-request-id: TMQ3JBACZAJKJHY6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 10 Jan 2023 18:01:45 GMT
age: 799
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 10 Jan 2023 18:15:04 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 10 Jan 2023 17:33:45 GMT
age: 2480
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1854
Cache-Control: max-age=141759
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Etag: "63bd2aaa-1d7"
Expires: Thu, 12 Jan 2023 09:37:44 GMT
Last-Modified: Tue, 10 Jan 2023 09:06:50 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
162.214.204.161200 OK 2.8 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 96ea4b7ceeedcd842157e805351ec368
b491f4a78159d76e746de627e8b707c47dab386c
ee35d38f9a1869c65e6917b1bc15d6771e99c9a39cd365915dc9e38d69b50266
GET /w_api/vlali/vlali/vlie/login.php?email= HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:04 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Keep-Alive: timeout=5, max=100
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20164)
Hash ae393ccddfcfe335c9b29ee90aaf72cb
6a42536ed79b4ea9e3a71c69db3b5f7205dc7e81
75cbee82410be7ca2b5b5406219b0575725c415510df701ddf1e9e7fdec22aa8
GET /ajax/libs/popper.js/1.14.3/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://creditmagnate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 10 Jan 2023 18:15:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 6451
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-4f71"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 7763831
expires: Sun, 31 Dec 2023 18:15:05 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FogVgOD%2F0sMf5fhnE98Xvx7On9F%2FsTldz2W1%2Bky5SuhsD%2FwlJKaQfFTKwO9YpVGx6eBFPS6QS%2BkNLer0UWAzBqzN3HkOGSdArWjt8cjgdY2Fjij%2F%2Bg01X2XlVxLr%2FON%2BEQaepfPq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 787765648aae0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8810f174697f3e81d7bbc68195169289
cb744e3d823e75527da980c6b57b7812c699e79e
38c3fd5a36d607d746294b99ff5f0f48bb1732f43f744639425dd2b9b6bd2b8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=119722
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Etag: "63bcd22b-118"
Expires: Thu, 12 Jan 2023 03:30:27 GMT
Last-Modified: Tue, 10 Jan 2023 02:49:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8810f174697f3e81d7bbc68195169289
cb744e3d823e75527da980c6b57b7812c699e79e
38c3fd5a36d607d746294b99ff5f0f48bb1732f43f744639425dd2b9b6bd2b8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=119722
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Etag: "63bcd22b-118"
Expires: Thu, 12 Jan 2023 03:30:27 GMT
Last-Modified: Tue, 10 Jan 2023 02:49:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8810f174697f3e81d7bbc68195169289
cb744e3d823e75527da980c6b57b7812c699e79e
38c3fd5a36d607d746294b99ff5f0f48bb1732f43f744639425dd2b9b6bd2b8a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2472
Cache-Control: max-age=119722
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Etag: "63bcd22b-118"
Expires: Thu, 12 Jan 2023 03:30:27 GMT
Last-Modified: Tue, 10 Jan 2023 02:49:15 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
142.250.74.170200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65451)
Hash 0f83cadc148d2ad7e53c91f6c4ee05bb
90035c5fffedf4b0f099465f6b929a030b46c92b
3f59aa77bbbed7760a9968af27d3c19ffddda021c948edf0bf0c0f828dd308ae
GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://creditmagnate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30399
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 22:35:23 GMT
expires: Wed, 03 Jan 2024 22:35:23 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 589182
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash b6814de21e79e28c4a59b9bef50020cb
5d6fcbdd6b70933b9367226523ce68364a1f0f1b
49821c9c4c570ff4e089276c96b05cef53c725e77e34f6c772d2b932e7c81c2d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 10 Jan 2023 18:15:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
creditmagnate.com/w_api/vlali/vlali/vlie/assets/css/login.css
162.214.204.161200 OK 2.0 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/css/login.css
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with CRLF line terminators
Hash b8c8c2dd60e847a55847f9469a138078
936ba10971c42cb21c1733e9d18577d9705fc32c
35c946cbc580e838b6b3255ee94576ad8c31a741af87ee42a9fc27ccdb852f54
GET /w_api/vlali/vlali/vlie/assets/css/login.css HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:05 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 1965
Keep-Alive: timeout=5, max=100
Content-Type: text/css
push.services.mozilla.com/
35.83.200.106101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.83.200.106:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: i//CHNyAkBd0Ni2W5ld+2A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: r9II5N0yP3JwYYnqqaI4TJHg3Io=
creditmagnate.com/w_api/vlali/vlali/vlie/assets/srcen.min.js
162.214.204.161200 OK 57 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/srcen.min.js
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (57037), with no line terminators
Hash 02281fc0c952ae1d2d8ffd66290e3849
9f0427f029c28118ca6f3e39ee6f5441b0d35a55
0d276bcf48de07e59ecb8c8318c22d4b5f0cc8c96a385eb1839ee33f8ec123d7
Analyzer Verdict Alert fortinet Phishing
GET /w_api/vlali/vlali/vlie/assets/srcen.min.js HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:05 GMT
Server: Apache
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 57037
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/logo.svg
162.214.204.161200 OK 3.7 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/logo.svg
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (3651), with no line terminators
Hash ee5c8d9fb6248c938fd0dc19370e90bd
d01a22720918b781338b5bbf9202b241a5f99ee4
04d29248ee3a13a074518c93a18d6efc491bf1f298f9b87fc989a6ae4b9fad7a
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
fortinet Phishing
GET /w_api/vlali/vlali/vlie/assets/images/logo.svg HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 3651
Keep-Alive: timeout=5, max=100
Content-Type: image/svg+xml
creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/ellipsis_white.svg
162.214.204.161200 OK 915 B URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/ellipsis_white.svg
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (915), with no line terminators
Hash 5ac590ee72bfe06a7cecfd75b588ad73
dda2cb89a241bc424746d8cf2a22a35535094611
6075736ea9c281d69c4a3d78ff97bb61b9416a5809919babe5a0c5596f99aaea
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
fortinet Phishing
GET /w_api/vlali/vlali/vlie/assets/images/ellipsis_white.svg HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:06 GMT
Server: Apache
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 915
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/svg+xml
creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/favicon.ico
162.214.204.161200 OK 17 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/favicon.ico
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Hash 12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /w_api/vlali/vlali/vlie/assets/images/favicon.ico HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/login.php?email=
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:06 GMT
Server: Apache
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 17174
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Tue, 10 Jan 2023 23:34:53 GMT
Date: Tue, 10 Jan 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Tue, 10 Jan 2023 23:34:53 GMT
Date: Tue, 10 Jan 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Tue, 10 Jan 2023 23:34:53 GMT
Date: Tue, 10 Jan 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Tue, 10 Jan 2023 23:34:53 GMT
Date: Tue, 10 Jan 2023 18:15:06 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19187
Expires: Tue, 10 Jan 2023 23:34:53 GMT
Date: Tue, 10 Jan 2023 18:15:06 GMT
Connection: keep-alive
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
104.18.10.207200 OK 24 kB URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP 104.18.10.207:0
File type ASCII text, with very long lines (50758)
Hash a405248e6b9c28534e3a46ff1d32f8f3
44d7c415e414ca28f2ec7239ea889a6248655cdb
02af0bd01ebc40965b6e489112a3e0072864f5ba1760d622f0f008fa16ccc20a
GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://creditmagnate.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 10 Jan 2023 18:15:05 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: ba24cd5415a1d57d560a008b4c00a882
cdn-cache: HIT
cf-cache-status: HIT
age: 18818605
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78776564bc2db4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bf7d09fffbdeb29c81e49c453009cf3c
5ebf09afd40909e132ea7e5f2532a558ee954f0b
e3e76a07a199dfcb42fda159438fff7f4496030f4e2bcadc7d069a0682363468
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff038f7ab-fdd3-455e-a50e-bd980a481620.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9694
x-amzn-requestid: 9d46f93f-99be-4101-a6cd-442d76487afa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0XzEYlIAMFiqg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3431-35988d5f0e3eb97443d02dbe;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VxHmDSFdC7OXcDDMRx8UPVSW1_8hf2yUptRD-hMJ7vAQQVJALYyLkA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 04:09:32 GMT
age: 50734
etag: "5ebf09afd40909e132ea7e5f2532a558ee954f0b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1427567eaf5a33fbade40a49afb785eb
d36efd23bf0846e93cf459bc745ac65801ae7536
b865810ab68ec856e11596e68437368e8bbacf84623d2f7668a7154993a6caf1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcaa8f015-6153-411e-ba89-a5e40b12f27e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14830
x-amzn-requestid: 70cae51a-4d22-40d5-a96e-5b4fd2e73aa7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efoXvFXBoAMFyYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8764-31043df63b816c8d7055bd67;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:30:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kShQM7MM5tbOc9jonjpRsu1TKsu98kax6DLPIp84bNWK_Fb3T-f4ng==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:53:45 GMT
age: 73281
etag: "d36efd23bf0846e93cf459bc745ac65801ae7536"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feebfbbfd-68f7-4ded-a474-c951cdd7773f.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feebfbbfd-68f7-4ded-a474-c951cdd7773f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ae748c9316a1db699c71c07f74eccd
42d2c5cffa7040decca69a3cab8ecc936acebc43
2b613914077dcdd5f520a26362f717d06e5756dc103aaa7924055e2cab823548
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feebfbbfd-68f7-4ded-a474-c951cdd7773f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7572
x-amzn-requestid: 195485a7-598e-483d-9c89-a23bcf33bdc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0X8HosIAMFTQA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3432-6984bf62713f6bd63fc8cdc8;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rttJ4c_pZrGzDdduW4GXN7_ijnd9V5j-yep38_6A-_jpnUZhYYJjlg==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 05:00:19 GMT
age: 47687
etag: "42d2c5cffa7040decca69a3cab8ecc936acebc43"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0fb07eed296f5106e7b0f40702adddc2
24f637156c37dce6ee8c94f40ce41c1f6ce57dca
ed656dadbcc659a4342b1c04d615adb92ef8a5f69092225e04890400951dddf3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fafe713be-1c84-4820-ac74-bdcf12a854d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12190
x-amzn-requestid: 3ab3f00d-2464-445e-8004-9efc440798e2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efo63HseIAMFgMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc8845-584746e11b0c570a215e5221;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:33:57 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qA2BDyF32p8pcA707GqHU-azEz16PtztjVgIJ-2BBZNQo5tWDENcrQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:54:28 GMT
age: 73238
etag: "24f637156c37dce6ee8c94f40ce41c1f6ce57dca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e93c4504f211614e76206db4ef758cb2
933bd495fcfd2d39ad13f1f5d0aba5a0a3a677bf
f3bde37de7ecbfbcd7c52e39178625760af7c86ffeaa6a68eb2ad1462e9a8be6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22aaa4ec-a3a2-40cd-b0a6-2727e078bd89.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9743
x-amzn-requestid: d4290427-ed0d-4805-9e4e-57bf21ea8813
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: efpx3FBroAMFZYA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bc89a5-6d54f5317723f2602860c410;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: YkH9Kc-hD0HIRIekBKzkeKwKU3quoCQiijvSWyMtWVxqRuwMCbjcbQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 21:54:28 GMT
age: 73238
etag: "933bd495fcfd2d39ad13f1f5d0aba5a0a3a677bf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/background.jpg
162.214.204.161200 OK 283 kB URL HTTP/1.1 creditmagnate.com/w_api/vlali/vlali/vlie/assets/images/background.jpg
IP 162.214.204.161:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 283 kB (283351 bytes)
Hash a5dbd4393ff6a725c7e62b61df7e72f0
55b292f885ffc92abce18750b07aa4acfa4e903e
211a907de2da0ff4a0e90917ac8054e2f35c351180977550c26e51b4909f2beb
Analyzer Verdict Alert urlquery phishing Phishing - Microsoft
GET /w_api/vlali/vlali/vlie/assets/images/background.jpg HTTP/1.1
Host: creditmagnate.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://creditmagnate.com/w_api/vlali/vlali/vlie/assets/css/login.css
Cookie: PHPSESSID=600166d6807464424182dc7bcadf0313
HTTP/1.1 200 OK
Date: Tue, 10 Jan 2023 18:15:06 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Sun, 25 Dec 2022 20:25:06 GMT
Accept-Ranges: bytes
Content-Length: 283351
Keep-Alive: timeout=5, max=100
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db3c7aaa80c366124e52b9da9aa710e2
ac50f2b47dd387175f838d4606e33fb91fec37b1
d4e19635e7ad010d0bc8eb1c34084e9174026df4e36e9a972318b9f6b7957834
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8bd889ec-302d-44e9-a290-89266ee38381.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7981
x-amzn-requestid: aef01bcd-4752-4435-a6a8-a33c78cb7d42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ1FIFQVIAMFTmQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba3553-2d2e650374cb35a322f96153;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:15:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7mLg6jPKWUrMy3N0c4eddMN0_WBzh4fDyWRL9hk5BUFoRhPSQ3dBog==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:25:45 GMT
age: 53368
etag: "ac50f2b47dd387175f838d4606e33fb91fec37b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jsonblob.com/api/jsonBlob/c039c0a3-2989-11ea-a02c-a12968f28a9c
104.21.94.191200 OK 0 B URL HTTP/2 jsonblob.com/api/jsonBlob/c039c0a3-2989-11ea-a02c-a12968f28a9c
IP 104.21.94.191:0
GET /api/jsonBlob/c039c0a3-2989-11ea-a02c-a12968f28a9c HTTP/1.1
Host: jsonblob.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://creditmagnate.com
Connection: keep-alive
Referer: http://creditmagnate.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 10 Jan 2023 18:15:06 GMT
content-type: application/json
access-control-allow-origin: http://creditmagnate.com
vary: Origin
access-control-expose-headers: X-Requested-With, X-jsonblob, X-Hello-Human, Location, Date, Content-Type, Accept, Origin
access-control-allow-credentials: true
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BhNBn6uXrrdsj6fIkB8Ba%2FrXWYBrj%2BOChdHbbIYYZEFWn0M7W71JECb2IRH%2BwUNcPgnNhMJDWtmXuTV%2BESrSH56B7og6BQ36O%2FYh9mWHQHJCaNqh38o4btXrtELQ1Ls%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7877656a8ec5b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
104.18.10.207200 OK 0 B URL HTTP/2 maxcdn.bootstrapcdn.com/bootstrap/4.1.3/css/bootstrap.min.css
IP 104.18.10.207:0
GET /bootstrap/4.1.3/css/bootstrap.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://creditmagnate.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 10 Jan 2023 18:15:05 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 12/11/2021 23:51:22
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: acf198c70c26570ccfc422a45c4d4355
cdn-cache: HIT
cf-cache-status: HIT
age: 18818588
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78776564bc35b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2