r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13001
Expires: Sat, 12 Nov 2022 06:33:07 GMT
Date: Sat, 12 Nov 2022 02:56:26 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4905
Cache-Control: max-age=118606
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:56:26 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 11:53:12 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15237
Expires: Sat, 12 Nov 2022 07:10:23 GMT
Date: Sat, 12 Nov 2022 02:56:26 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 02:43:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 747
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: GuypLvkV5WpgGjD36YvbqADOdA5wlIeRYX31fo4sCUHm2KqD+urOJmqyYtkeF+orlfm423qzF50=
x-amz-request-id: J42KHM8FSXAXX1E3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 02:50:04 GMT
age: 382
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:56:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
pilot88.com/
301 Moved Permanently 178 B IP
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sat, 12 Nov 2022 02:56:26 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.pilot88.com/
www.pilot88.com/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sat, 12 Nov 2022 02:56:26 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sat, 12 Nov 2022 03:56:26 GMT
Location: https://www.pilot88.com/
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 768bfe960aa9b50c-OSL
ocsp.digicert.com/
200 OK 280 B IP
Hash 30ebb67c389f2f3f31daa0556484d179
94898c674083f6f7ed1040a0d2802d66d33a5622
c6048aebcdb1cddfbab9fb66299be4ee1b3f65107f78d273b6f906a35bdb0286
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=102507
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:56:26 GMT
Etag: "636df8c5-118"
Expires: Sun, 13 Nov 2022 07:24:53 GMT
Last-Modified: Fri, 11 Nov 2022 07:24:53 GMT
Server: nginx
Content-Length: 280
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Cache-Control, Pragma, Retry-After, ETag, Alert, Expires, Backoff, Content-Type, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 02:24:58 GMT
cache-control: public,max-age=3600
age: 1888
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2515
Cache-Control: max-age=111141
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:56:26 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 09:48:47 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: OxUhNaE1IoZfmzeryRqIew==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HAKuFrDdE3c7QBEdIn8px1Yz1qY=
www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
200 OK 2.7 kB URL HTTP/2 www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
IP
File type ASCII text, with very long lines (9495), with no line terminators
Hash a795e8d90396496f37e7129cad9f859c
c15768d130d57e6a9510b2ee16a4da5a0b9ce8c1
96972e717b65cad21b441f68bf0335dc478a42976c31bfe0291ecca46f7db4a6
GET /assets/bundles/themes/default.min.css?ver=2022051200 HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:27 GMT
content-type: text/css
content-length: 2720
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: "023b166fb3d81:0"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 768bfe9919e10af6-OSL
X-Firefox-Spdy: h2
www.pilot88.com/assets/styles/alpha.slider-captcha.css?ver=2022051200
200 OK 1.0 kB URL HTTP/2 www.pilot88.com/assets/styles/alpha.slider-captcha.css?ver=2022051200
IP
File type ASCII text, with very long lines (3861), with CRLF line terminators
Hash 740b60715e3fd08fe7d57026aa4d4285
11beed1575ab3cc160eb52ff8a8eb8c5c970b988
13c7c4c77f8c36395049115114f53e15111655c46b240bce8e347704ce996fc7
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/alpha.slider-captcha.css?ver=2022051200 HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:27 GMT
content-type: text/css
content-length: 1036
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: "023b166fb3d81:0"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 768bfe9919e20af6-OSL
X-Firefox-Spdy: h2
www.pilot88.com/assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200
200 OK 6.4 kB URL HTTP/2 www.pilot88.com/assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200
IP
File type Unicode text, UTF-8 (with BOM) text, with very long lines (22897), with CRLF line terminators
Hash 89f62e36b37f6077d95ff5a051538d37
dcd32f4a478d4bc6e76568607152a23fcced2c97
c64693f0b56c4b1975ec2b66e5bebe39ec4a082596b2f01a9542eff789675c22
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200 HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:27 GMT
content-type: text/css
content-length: 6417
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 04:48:12 GMT
etag: "04e97632bb1d81:0"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 768bfe9919df0af6-OSL
X-Firefox-Spdy: h2
www.pilot88.com/
200 OK 3.1 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 1b73755ab912590fd014cd9d5c3448c4
66402d0f236a69b6abf9d580355ce093a244ad6c
37ecc214ddd42d1f8ed1cbb4746a3bd2d6fc5074525c223f671d231e47ab69be
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:26 GMT
content-type: text/html; charset=utf-8
cache-control: private
vary: Accept-Encoding
x-frame-options: SAMEORIGIN, SAMEORIGIN
strict-transport-security: max-age=15768000
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
set-cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; path=/; HttpOnly; SameSite=Lax
__utms=CCA818C18442477200775A68AEB788; domain=www.pilot88.com; expires=Sun, 13-Nov-2022 02:56:26 GMT; path=/; HttpOnly
__RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1; path=/; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 768bfe9699480af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.pilot88.com/assets/bundles/login.min.js?ver=2022051200
200 OK 63 kB URL HTTP/2 www.pilot88.com/assets/bundles/login.min.js?ver=2022051200
IP
File type ASCII text, with very long lines (65240), with CRLF line terminators
Hash cb580936846381e044fffbe8548b6f9e
e130ed8a53056349b6039217885ebf2e795879d6
b7d22b39260277df0ff6d03193a02e4f1b153a1611e585d3689afd9737d1235e
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/login.min.js?ver=2022051200 HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: text/javascript
content-length: 62937
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Tue, 16 Aug 2022 04:48:12 GMT
etag: "04e97632bb1d81:0"
vary: Accept-Encoding
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 768bfe9919e30af6-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 279 B IP
Hash 4819cd7cfc639e3609f2215f957c986e
e7533ef66097e447d51f80675d459199521350a0
fb132eb84c21da00b073facdb283b33a62f7673ed706101e212af811df04cd6f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=141721
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:56:28 GMT
Etag: "636e91f5-117"
Expires: Sun, 13 Nov 2022 18:18:29 GMT
Last-Modified: Fri, 11 Nov 2022 18:18:29 GMT
Server: nginx
Content-Length: 279
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17953
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17953
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17953
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17953
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash fb29db48daab83bcaed56b72093619cc
e0e0a09d729ffb1c41411419768896f1e1eb3346
08e24124f809f1ab7e6960355efcb419e13dd5fb6063c31caf04e11ebdb7a5cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08E24124F809F1AB7E6960355EFCB419E13DD5FB6063C31CAF04E11EBDB7A5CF"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17953
Expires: Sat, 12 Nov 2022 07:55:41 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c5c44bd44390f0c719f56ecee6d513
1d791a0dadbfbab7c9b377783587ff728b2008d8
5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:51 GMT
age: 17617
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lp5eW92D8SbFtcQLk-LRSaSKNMNFYCW7XTALdNdrJxN6ebgdH8_1Dw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:42:55 GMT
age: 18813
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:01:48 GMT
age: 17680
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2y97S3ITb7MLXuIIAQfCCKjgvOXisdCT5mod7OD588LOhPCy_OrUXQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:02:21 GMT
age: 17647
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:23:30 GMT
age: 16378
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7wqdiuomEgaQlE1P5gopDGXbAkmh3ohPXYDcBWczuYFEcj8nczk9_w==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:52:57 GMT
age: 18211
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.pilot88.com/assets/styles/images/crossword.png
200 OK 44 kB URL HTTP/2 www.pilot88.com/assets/styles/images/crossword.png
IP
File type PNG image data, 400 x 400, 4-bit colormap, non-interlaced\012- data
Hash b5c5ab66d8331513696fe3ec992187a0
84bc265bc6c53141f9656878b371ca93543090c0
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437
GET /assets/styles/images/crossword.png HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: image/png
content-length: 43694
cache-control: max-age=2592000
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: "023b166fb3d81:0"
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bfe9e0af00af6-OSL
X-Firefox-Spdy: h2
www.pilot88.com/assets/styles/images/sprites2.png
200 OK 6.0 kB URL HTTP/2 www.pilot88.com/assets/styles/images/sprites2.png
IP
File type PNG image data, 115 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 086f86511b0813d1d729762d4abd4240
d5dc9fccead81ab85acd0d770bf39bd8b2c7f0a0
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57
GET /assets/styles/images/sprites2.png HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: image/png
content-length: 5981
cache-control: max-age=2592000
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: "023b166fb3d81:0"
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bfe9e0af20af6-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 0b13f4f00b060e554d39f7a79e00fe6d
41e311cbded108cd6b1846cecd5fc33096eacdd8
cce6fe80dfea0620226fd3abc8f4eda6ce045225a27cad8007b03dae03407c4b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "CCE6FE80DFEA0620226FD3ABC8F4EDA6CE045225A27CAD8007B03DAE03407C4B"
Last-Modified: Fri, 11 Nov 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19056
Expires: Sat, 12 Nov 2022 08:14:04 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 4568975f6e15445b6147185cec23f385
bbe6c019263d5dc785962797bce33aa92b38a9fe
971c39d528afc59f82d67450b5c600bbf9e4ed37be3cba1d3ce38ed9f7dc00b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "971C39D528AFC59F82D67450B5C600BBF9E4ED37BE3CBA1D3CE38ED9F7DC00B3"
Last-Modified: Thu, 10 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17043
Expires: Sat, 12 Nov 2022 07:40:31 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8cd176d33acd1993d19933510e2ac06e
a698bb94193adf72d2416a50b4cc9ce6f4a14c13
8d8539e8b6fa78b222831625270863ca15b5fabb5e0173fb9628f84e316660ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8D8539E8B6FA78B222831625270863CA15B5FABB5E0173FB9628F84E316660ED"
Last-Modified: Fri, 11 Nov 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sat, 12 Nov 2022 08:56:28 GMT
Date: Sat, 12 Nov 2022 02:56:28 GMT
Connection: keep-alive
www.pilot88.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
200 OK 217 kB URL HTTP/2 www.pilot88.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
IP
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size 217 kB (217360 bytes)
Hash 629a55a7e793da068dc580d184cc0e31
3564ed0b5363df5cf277c16e0c6bedc5a682217f
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: application/x-font-ttf
content-length: 217360
cache-control: max-age=2592000
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: "023b166fb3d81:0"
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bfe9e1af40af6-OSL
X-Firefox-Spdy: h2
sc.detecas.com/di/hc.html
200 OK 205 B URL HTTP/2 sc.detecas.com/di/hc.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pilot88.com/
Origin: https://www.pilot88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Sat, 12 Nov 2022 02:56:29 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-mly-id: 4d46ee2deb238d5bb8d1b03d7a8c056c
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wbZzAv9Wr3WOnqewuPrgfTZjUks0pmjxNuI0fJj-f-2d0twtqE7Ilw==
X-Firefox-Spdy: h2
sc.casemed.net/di/hc.html
200 OK 205 B URL HTTP/2 sc.casemed.net/di/hc.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.casemed.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pilot88.com/
Origin: https://www.pilot88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Sat, 12 Nov 2022 02:56:29 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
x-mly-id: 3927e9ef1469f89fef2b0911eb42172d
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _TBa_o60iyPjxTUmjAe8stemdHJtPz6Se5ZTk3YOnnWRdt1aScnveQ==
X-Firefox-Spdy: h2
sc.saceted.com/di/hc.html
200 OK 205 B URL HTTP/2 sc.saceted.com/di/hc.html
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.saceted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.pilot88.com/
Origin: https://www.pilot88.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Sat, 12 Nov 2022 02:56:29 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-mly-id: 3a4d0f2498c7431fa39325640872eb6b
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rUUFSzdIVXyWiorrBBzgGMOf0lmoZp--y_oRmcHkZWvA40Kmo_j5Wg==
X-Firefox-Spdy: h2
sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfCkBEiJMOKTMKRw70%2FZgjCg2Vyw73ChMOROEZZwpZQw7YzA8KXwoMDB19qwo1NwrwfS8OLcWldwo7DhSvDqV1bwqnChcKvfQzCm20LRsOFPG5bDcOew59yw7fCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w5bCrlTDi8K7E1B9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
200 OK 104 B URL HTTP/2 sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfCkBEiJMOKTMKRw70%2FZgjCg2Vyw73ChMOROEZZwpZQw7YzA8KXwoMDB19qwo1NwrwfS8OLcWldwo7DhSvDqV1bwqnChcKvfQzCm20LRsOFPG5bDcOew59yw7fCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w5bCrlTDi8K7E1B9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
IP
File type ASCII text, with no line terminators
Hash ecadc54a213e2b6435cd2a5a132ac541
b50cb67b1d7c500385940903d08ac340d0a1446d
e46198275f95e9559b3d76bdf146bc32a801c900ea52b7591bf470c8135877a7
GET /di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsOZwrLDtcOLwqnDi8Kcw5LCrMKiwqbDmcOdMsKBw6TDocKBw5Y1wpMedntOworCuiTCrsKXwpjDjUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCsxpJLEHClCbDj2djJcOQw44Dw5bDnW%2FDisK7Zko9MsOYw53DkDPDjsOkw6xTwovCigdgXMKIJXExJUAecSnDlBNJwpMRRMOwK20Kw6vCkRt1GMKCw7XDlcOxwoFnw582FS1Fwooaw7A9wqJZwo%2FCtMKJwrxeFBbCnzPCmg7DpD1Jd8Ksw7wAwobDusOrdENbwqUbDT5Cw5Blw7Ufw7wPwrHDlCc0wrgjHXrCgMOXbMKFwqwqw45bPjgJEMO%2Bw4Yjwp%2FCsh8Fw7ggw4g2w7DCvVbDrMKqEMO%2Bwr%2FDrsKbwqbClMOIw74SQC0DBsKHbE5IwpIVwqHDlEw1wo%2FDq2EQbUbCqMOLWsO4w7I6wo%2FDqRtYIGM1wpnCtDPCkULCnRFxwqDCrVvDiMO9w7hySRojCcKRCMO4F8K8w7Y6dMKyA1jCjcKyISfCkBEiJMOKTMKRw70%2FZgjCg2Vyw73ChMOROEZZwpZQw7YzA8KXwoMDB19qwo1NwrwfS8OLcWldwo7DhSvDqV1bwqnChcKvfQzCm20LRsOFPG5bDcOew59yw7fCiMO1w7zCt8OxwqPCssKHMB1WSFzCvsKPLUwtwqTCmsOdwq1CdcOXwq0GwqNVYcO%2Fw7vCkibDvzHCsXcSf3zCngvDscOjQMK6cW%2FDisKTwooIclTCgMO1w5bCrlTDi8K7E1B9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 104
server: nginx
date: Sat, 12 Nov 2022 02:56:31 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 136705c9f75b6dc2e590d232cb924fa17e13f2a8a3c2e9609600e12b0b63d312
set-cookie: SameSite=None; Secure
(global.c3)=136705c9f75b6dc2e590d232cb924fa17e13f2a8a3c2e9609600e12b0b63d312; expires=Fri, 12-Nov-2032 02:56:31 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-mly-id: f8a1c7cdd3f642b696d7bec73950b066
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IuAC0qB8GaNfqeGcCGndKg8Zrg2Cy5dECrxUBSxgjUJRmkiu0NuN4Q==
X-Firefox-Spdy: h2
sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153
200 OK 7 B URL HTTP/2 sc.detecas.com/di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153
IP
File type ASCII text, with no line terminators
Hash 7682d345add5f360f96f3c8f359ca5c7
88a383fa691f59a0769abf154b8015a6274c0055
8397912ada2760dca34d1adb644cf54fc5c8d05d0ad56b4a6f99096b03ac8431
POST /di/dd.ashx?v=Mi4wLjY%3D&deviceCode=0de3b865c2e4f1f820211c2ddde04153 HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 1339
Origin: https://www.pilot88.com
Connection: keep-alive
Referer: https://www.pilot88.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 7
server: nginx
date: Sat, 12 Nov 2022 02:56:32 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 0de3b865c2e4f1f820211c2ddde04153
set-cookie: SameSite=None; Secure
(version.c3)=0de3b865c2e4f1f820211c2ddde04153; expires=Mon, 12-Dec-2022 02:56:32 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-mly-id: 9fa90d2cc67cd9bcb561363fd63e5fe3
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OaiPL8kpF6tT4kYi6kO5q7-EpY6N1ci2XN8BxGHJO3ppcD1BVH-Idw==
X-Firefox-Spdy: h2
sc.detecas.com/di/activator.ashx
200 OK 35 kB URL HTTP/2 sc.detecas.com/di/activator.ashx
IP
Hash 6d068d66f1c1bc78fcbd5fbdb339956e
67675bb73992a6ef6ee2b74843c7aa15c94d5f30
74eb8572fb311967c1d01d41f374b33cf6f7d28b644347282570d20f26f517ea
GET /di/activator.ashx HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
date: Sat, 12 Nov 2022 02:56:30 GMT
cache-control: private, max-age=600
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-mly-id: 685612060fa6a731473f72225da5d413
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nzrHJAnR9kHxTWkzKkhgMxTXml39nE39hODwxxNc8pZbjHBiNyOpwQ==
X-Firefox-Spdy: h2
www.pilot88.com/favicon.ico
200 OK 0 B URL HTTP/2 www.pilot88.com/favicon.ico
IP
GET /favicon.ico HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1; hidLanguage=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:29 GMT
content-type: image/x-icon
cache-control: max-age=2592000
last-modified: Tue, 09 Aug 2022 07:09:43 GMT
etag: W/"80d5baffbeabd81:0"
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bfea7ad6f0af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
www.pilot88.com/assets/styles/images/mode/y9.svg
200 OK 0 B URL HTTP/2 www.pilot88.com/assets/styles/images/mode/y9.svg
IP
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/images/mode/y9.svg HTTP/1.1
Host: www.pilot88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.pilot88.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=kyzodqvgz4eacipdnhawcz1x; __utms=CCA818C18442477200775A68AEB788; __RequestVerificationToken=C7kHmxodU2Secf4gZXdVZS6hYOP9mdVJaNLaIIUQLVl88OSsQYnsnfCwTFgnIYGX5O3Vip6QyEyE-2PUBXlf7AQy0AE1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: image/svg+xml
cache-control: max-age=2592000
last-modified: Fri, 19 Aug 2022 01:57:50 GMT
etag: W/"023b166fb3d81:0"
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
content-security-policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
cf-cache-status: MISS
vary: Accept-Encoding
server: cloudflare
cf-ray: 768bfe9e0af10af6-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
stcdn.agbong88.com/bundles/common/hc.css?v=1668221787624
200 OK 0 B URL HTTP/2 stcdn.agbong88.com/bundles/common/hc.css?v=1668221787624
IP
GET /bundles/common/hc.css?v=1668221787624 HTTP/1.1
Host: stcdn.agbong88.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pilot88.com
Connection: keep-alive
Referer: https://www.pilot88.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 02:36:10 GMT
etag: W/"634e111a-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 768bfea04ef7b50c-OSL
X-Firefox-Spdy: h2
stcdn.b8ag.com/bundles/common/hc.css?v=1668221787622
200 OK 0 B URL HTTP/2 stcdn.b8ag.com/bundles/common/hc.css?v=1668221787622
IP
GET /bundles/common/hc.css?v=1668221787622 HTTP/1.1
Host: stcdn.b8ag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.pilot88.com
Connection: keep-alive
Referer: https://www.pilot88.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:56:28 GMT
content-type: text/css
last-modified: Tue, 18 Oct 2022 02:36:10 GMT
etag: W/"634e111a-6"
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: MISS
server: cloudflare
cf-ray: 768bfe9ffd4eb4ee-OSL
X-Firefox-Spdy: h2
18.138.91.122
34.117.237.239
104.18.14.215
23.36.76.226
93.184.220.29