ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login.php?success_redirect_url=/
185.178.208.182301 Moved Permanently 568 B URL HTTP/1.1 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login.php?success_redirect_url=/
IP 185.178.208.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Hash 2761b98db33884ab29711096ab315edb
8cea6e53464aea178b72e06a906205d040f14ca5
9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee
GET /login.php?success_redirect_url=/ HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: ddos-guard
Date: Thu, 01 Sep 2022 06:09:16 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login.php?success_redirect_url=/
Content-Type: text/html; charset=utf8
Content-Length: 568
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 01 Sep 2022 05:41:11 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sBwErhs-KV1ydIP1vaS3yDyP8Jjce9JbqR4B2rIe8lNaBpRrtq2alA==
Age: 1685
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 517693963cc46e7a35a054296d0edfd5
11dfcd7e118e5f8d31e664e56ac29c57f973b8b3
ece269e8b9be8a5839d75c1343823d68b96930c593c2e3e8d522999176ee3149
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "ECE269E8B9BE8A5839D75C1343823D68B96930C593C2E3E8D522999176EE3149"
Last-Modified: Mon, 29 Aug 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Thu, 01 Sep 2022 09:21:42 GMT
Date: Thu, 01 Sep 2022 06:09:17 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
date: Thu, 01 Sep 2022 01:15:17 GMT
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
etag: "742edb4038f38bc533514982f3d2e861"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: brApMrPRhXpPEJqeXIi8NabO7N2Ls7wwGyfkHNhCZ6XKdHe8ONfLKA==
age: 17641
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 01 Sep 2022 06:09:17 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b43038263318e754da29daa0e3cf28fe
da5aad399f76c2a5affe8def28365b09c90d837c
41f19506407e2795d3d61df74d5e3d2dd22cd4a778858dfdc9892fd6a6c292e9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "41F19506407E2795D3D61DF74D5E3D2DD22CD4A778858DFDC9892FD6A6C292E9"
Last-Modified: Thu, 01 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 01 Sep 2022 12:09:17 GMT
Date: Thu, 01 Sep 2022 06:09:17 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Cache-Control, Pragma, Backoff, Last-Modified, ETag, Expires, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 01 Sep 2022 05:57:05 GMT
Expires: Thu, 01 Sep 2022 06:56:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yFMDHtBq8Bk0yG5q_lgs6giP-j5VRBTNcnk0kjNN-RcflP-FXMUD0Q==
Age: 732
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 83be4ca2ebb87af44323dd073807bc9e
3ef0ca2b0c351c7d1eb1b7f4daeba6453a632fc6
1ba9c4dbdbd577bf443bc6499ab1edb2e0ea3b382f529fdc2d98021276a3158b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2031
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 01 Sep 2022 06:09:17 GMT
Last-Modified: Thu, 01 Sep 2022 05:35:26 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.43.61.95101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.95:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: GvLT5R1rF3K6u9jXg2B11A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: C+JYCSJaXT15e0b90FAhk7nLQ9M=
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd
185.178.208.182200 OK 62 kB URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd
IP 185.178.208.182:0
File type Web Open Font Format (Version 2), TrueType, length 61548, version 1.0\012- data
Hash e9681ca3d29d814a5621d4764dd1a11e
bbda68459fc0531b915bdf9e524ecc8f782db0aa
51f0bacf9e49a400a5a2947ef6b14127ef3241b0760d97721e0aedd7add66456
GET /ui-library/fonts/open-sans-600.woff2?098c0a7547a49b0ce57658f41c897ecd HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.css?1659958408
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:47 GMT
content-type: font/woff2
content-length: 61548
last-modified: Mon, 08 Aug 2022 11:33:28 GMT
etag: "62f0f488-f06c"
accept-ranges: bytes
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5
185.178.208.182200 OK 60 kB URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5
IP 185.178.208.182:0
File type Web Open Font Format (Version 2), TrueType, length 59600, version 1.0\012- data
Hash e78dce533ecee30c5efd812bb23c248d
87d988c2f0343952ccded7c17b000e33db6f3d15
03e2544599e5a06566b2579f82ac6e445b724435fccb1f3e8988e58f45b1fc5e
Analyzer Verdict Alert fortinet Phishing
GET /ui-library/fonts/open-sans-regular.woff2?e7777b3c2bb7ae4d50f3abe9ee4f1eb5 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.css?1659958408
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:47 GMT
content-type: font/woff2
content-length: 59600
last-modified: Mon, 08 Aug 2022 11:33:28 GMT
etag: "62f0f488-e8d0"
accept-ranges: bytes
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/images/apple-touch-icon.png?1660478537
185.178.208.182200 OK 4.5 kB URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/images/apple-touch-icon.png?1660478537
IP 185.178.208.182:0
File type PNG image data, 180 x 180, 8-bit/color RGBA, non-interlaced\012- data
Hash ebbd61fb584cc8ae62ffa726070c952f
7aefbffc866e859207b23f736faeac97f51414e6
b23ec702f16e22329aa8d8a74cede38c886e609acd467517a004439cbbb1da1c
GET /images/apple-touch-icon.png?1660478537 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:47 GMT
content-type: image/png
content-length: 4528
last-modified: Sun, 14 Aug 2022 12:02:17 GMT
etag: "62f8e449-11b0"
accept-ranges: bytes
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1f0cb6a9cb68406fb2511fd73f36c80c
8af77ffcb774b8f3f11678e2cdddc8fb6b4308c7
612f2516664d371c1df3feb0660c05ca99ee2722762c146f7f3ca28a94c75494
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 06:09:18 GMT
Last-Modified: Thu, 01 Sep 2022 05:38:11 GMT
Server: ECS (nyb/1D1D)
X-Cache: Miss from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: OpdjwWffKTq5MUaB9p0ASvBc8NsfGWlP1WwrPdNIdLnW5elUrD0zqA==
Age: 1867
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1f0cb6a9cb68406fb2511fd73f36c80c
8af77ffcb774b8f3f11678e2cdddc8fb6b4308c7
612f2516664d371c1df3feb0660c05ca99ee2722762c146f7f3ca28a94c75494
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 01 Sep 2022 06:09:18 GMT
Last-Modified: Thu, 01 Sep 2022 05:14:16 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 e2f427863e6bdb72ad8bed72b596d81e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: DV-wCUavr7MbSUNHppjPAsDK6yMCNqRERSAXFS950P6ziA0oC_sXDw==
Age: 3302
sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7
35.188.42.15200 OK 2 B URL HTTP/1.1 sentry.io/api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7
IP 35.188.42.15:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/1327420/envelope/?sentry_key=50365a6fe24f4ff28f6b625410e04a35&sentry_version=7 HTTP/1.1
Host: sentry.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/
Content-Type: text/plain;charset=UTF-8
Origin: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
Content-Length: 416
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 01 Sep 2022 06:09:18 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
access-control-allow-origin: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
firehose.us-west-2.amazonaws.com/
35.89.72.106200 OK 20 B URL HTTP/1.1 firehose.us-west-2.amazonaws.com/
IP 35.89.72.106:0
Hash 3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
OPTIONS / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/
Origin: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amzn-RequestId: e43bac89-a6f9-16f2-bfb1-e247afb2064a
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Access-Control-Allow-Headers: authorization,content-type,x-amz-content-sha256,x-amz-date,x-amz-target,x-amz-user-agent
Access-Control-Allow-Methods: POST
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Access-Control-Max-Age: 172800
Content-Length: 20
Date: Thu, 01 Sep 2022 06:09:18 GMT
firehose.us-west-2.amazonaws.com/
35.89.72.106200 OK 247 B URL HTTP/1.1 firehose.us-west-2.amazonaws.com/
IP 35.89.72.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash c0ef5d92157273e72ece395e438bcd4c
c9d787a59cb3cc2788e4d2a68f88dfa0c4fa9af1
e1df884679120556293baf0ef63593c85562781babc98892ce3e453e7b65d401
POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1185.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: 2206695b3cef2ab76d91a33ca22b4832638275b57d105ada393664d6fcdd2ef6
X-Amz-Date: 20220901T060917Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJLZOCG766Q/20220901/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=39fa0e332f0397fb36f52fe4ade2cc10058cafc32d7b9c6c2a0b0fcb698c0c5f
Content-Length: 250
Origin: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amzn-RequestId: c6fc8563-c709-4b21-9d76-cbadce425b99
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: /DXWs+YzwDf0M2YdiIFckDZMhjnCnbcxxLz9SNS6x5RiHMSUWWXOe1xGW4j5H3Wp0FpalWe3IRlr5pDlOM9ZO2fJ8AX1E66y
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 247
Date: Thu, 01 Sep 2022 06:09:18 GMT
firehose.us-west-2.amazonaws.com/
35.89.72.106200 OK 248 B URL HTTP/1.1 firehose.us-west-2.amazonaws.com/
IP 35.89.72.106:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 45fe3eff239e7f28567bb75dfe88e3c3
cc356e26025dc24829e069d9ed638bad0dfec637
38f1395acedb834c1237c32aca7206b82f1335f83e37f4f91505dbd588f0462f
POST / HTTP/1.1
Host: firehose.us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Amz-User-Agent: aws-sdk-js/2.1185.0 callback
Content-Type: application/x-amz-json-1.1
X-Amz-Target: Firehose_20150804.PutRecord
X-Amz-Content-Sha256: bcf502221f12b01813f339a067620e05547992eea4e50fb0c08be6ee1c73a600
X-Amz-Date: 20220901T060918Z
Authorization: AWS4-HMAC-SHA256 Credential=AKIAR4YEYRJLZOCG766Q/20220901/us-west-2/firehose/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date;x-amz-target;x-amz-user-agent, Signature=72b1469ab1c6c35c2c566a2843ae1cf831cc60d62a42aabb75faae70f05735b1
Content-Length: 326
Origin: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amzn-RequestId: dd9b0b19-e809-865e-8611-45d6e14296e6
Access-Control-Allow-Origin: *
Content-Encoding: gzip
x-amz-id-2: 33bWJ/99iqUTnkfoME0QSoaMH/niz7mkcemv+cG+jYp7bOv3XFiT4w4XZVzyeeqQ4HmfKP4pGSkhrOQIbswSoPAWJfl+/GRK
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amz-request-id,x-amz-id-2,x-amzn-ErrorMessage,Date
Content-Type: application/x-amz-json-1.1
Content-Length: 248
Date: Thu, 01 Sep 2022 06:09:19 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 01 Sep 2022 09:08:27 GMT
Date: Thu, 01 Sep 2022 06:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 01 Sep 2022 09:08:27 GMT
Date: Thu, 01 Sep 2022 06:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 01 Sep 2022 09:08:27 GMT
Date: Thu, 01 Sep 2022 06:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 01 Sep 2022 09:08:27 GMT
Date: Thu, 01 Sep 2022 06:09:19 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 01 Sep 2022 09:08:27 GMT
Date: Thu, 01 Sep 2022 06:09:19 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7be4a52330d1dfc737e9d20e64d2aadb
4a7d5d62012de7275c34dfdc3a0fc2d06eff63df
fc6eaa423832b7916af6cd8b3c46a1565ba04f8073b1f9c8c29b7d7a0ab55c90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c271dd4-594e-4d42-806c-0242334ef573.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7424
x-amzn-requestid: dafda64c-1751-47c3-941d-569adb2f9bd8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiQnYGVzIAMFgKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6162-73a843de1842167551019a9a;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 18:24:34 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Bc9BwW2Lt_rUuiHYS25i0E5MhXDAo6wrwlUAimWS9Y58dL0Al5WrIg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 05:04:50 GMT
age: 3869
etag: "4a7d5d62012de7275c34dfdc3a0fc2d06eff63df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba98f63d9bef7deebb9a8d1b3126d396
d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef
b8f6c1c6b34ec452a6aa3090c30ebf3a68cb3b4d45a7b134ed32e1959f4f0682
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0198fd1f-b00c-442e-9184-8ce8ebf9593c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10777
x-amzn-requestid: 2e9a081f-2ae4-49b9-b9d4-79cae2b7eae9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv3kRFiJIAMFgNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd2e7-2f9eec0b239ceb6d617431b6;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:30:15 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: w9ACDg_Mxbl2GSEDeDAqdMlKjkCiMyWExvCUa2jHquaQy6U-4EJtbQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:37:19 GMT
age: 30720
etag: "d97a8b0e4b4dbc60dfc9eb15ba28f68e8e3731ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 13:40:03 GMT
age: 59356
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dcbf97c-e2ef-42c1-84e6-d36517138af8.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dcbf97c-e2ef-42c1-84e6-d36517138af8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba47e5bea81246b74db8fa6d1c4c376e
ef02bcd29260cae4175de741b092a2dacb5eba5c
4601bafab731540ab697b41d63083987d6a2ee46d1c14206b2abbf66627fac62
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3dcbf97c-e2ef-42c1-84e6-d36517138af8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4857
x-amzn-requestid: 758325b8-a04e-4ce9-bc27-cd6da315d9cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XaHblE2DIAMF9lw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63071f7d-6532032d144ca759147087dd;Sampled=0
x-amzn-remapped-date: Thu, 25 Aug 2022 07:06:37 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XYROC3bm0gopbkI4uy4e4szjYfs3tTW9_oqXjNNeZx0fa377kAEwXw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 04:59:16 GMT
age: 4203
etag: "ef02bcd29260cae4175de741b092a2dacb5eba5c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b0f6c541f6335bb709d2270147bd5aed
b691ef5e7a302e2678302818130a9637c3efbe3a
e63922331a4463519e6df77ae7a1ad3316a36e54dd03c00ff6b119ee3fa684c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bffab86-e623-4ccd-9297-981c9dc6e4cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 79dc68ea-ea2e-4eab-bab9-1c89b0a955a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XjMSvHJ-oAMF6Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630ac0de-2370cf5363d5f308121f0ca4;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 01:11:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1oGbbOSjJza6WWt0IDMqwsZkCk07uevGo0wML4y5LiexzhqlcHt3lA==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 14:45:21 GMT
age: 55438
etag: "b691ef5e7a302e2678302818130a9637c3efbe3a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4b629767aa19f78c2734128d2cb1e93d
2a66e9c2654e04097031304feca86eea7ab0395e
2bf73bd574a294029803eb25c23442a12519c5d186d806d165ea4fa9b8961b87
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcce30929-1614-4a6d-80aa-fd9b2f12af34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9305
x-amzn-requestid: 3ec274e1-6e02-4099-ba20-f622b20da568
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xv4ibGU-oAMFj9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630fd475-7f2b1dc86353361e105c6f7d;Sampled=0
x-amzn-remapped-date: Wed, 31 Aug 2022 21:36:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7lavV3jMxBWZYRbteRGtfXzgo7AUxR-zoTHo1RzOe7Gz7RB5lJ-5Fw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 31 Aug 2022 21:53:22 GMT
age: 29757
etag: "2a66e9c2654e04097031304feca86eea7ab0395e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
IP 185.178.208.182:0
GET /login_up.php?success_redirect_url=%2F HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: text/html; charset=utf-8
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Thu, 01 Sep 2022 06:07:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
content-encoding: gzip
x-powered-by: PleskLin
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/theme/css/main.css?1661460881
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/theme/css/main.css?1661460881
IP 185.178.208.182:0
GET /cp/theme/css/main.css?1661460881 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: text/css
last-modified: Thu, 25 Aug 2022 20:54:41 GMT
etag: W/"6307e191-4f847"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/modules/letsencrypt/global.js?1647389825
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/modules/letsencrypt/global.js?1647389825
IP 185.178.208.182:0
Analyzer Verdict Alert fortinet Phishing
GET /modules/letsencrypt/global.js?1647389825 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Wed, 16 Mar 2022 00:17:05 GMT
etag: W/"62312c81-2d6"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login.php?success_redirect_url=/
185.178.208.182303 See Other 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login.php?success_redirect_url=/
IP 185.178.208.182:0
GET /login.php?success_redirect_url=/ HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 303 See Other
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw; Domain=.uyduportal.net; HttpOnly; Path=/; Expires=Fri, 01-Sep-2023 06:09:17 GMT
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: text/html; charset=utf-8
expires: Fri, 28 May 1999 00:00:00 GMT
last-modified: Thu, 01 Sep 2022 06:07:46 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
p3p: CP="NON COR CURa ADMa OUR NOR UNI COM NAV STA"
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
location: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
x-powered-by: PleskLin
content-encoding: br
vary: Accept-Encoding
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.css?1659958408
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.css?1659958408
IP 185.178.208.182:0
Analyzer Verdict Alert fortinet Phishing
GET /ui-library/plesk-ui-library.css?1659958408 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: text/css
last-modified: Mon, 08 Aug 2022 11:33:28 GMT
etag: W/"62f0f488-2d84a"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.min.js?1659958408
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/plesk-ui-library.min.js?1659958408
IP 185.178.208.182:0
Analyzer Verdict Alert fortinet Phishing
GET /ui-library/plesk-ui-library.min.js?1659958408 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Mon, 08 Aug 2022 11:33:28 GMT
etag: W/"62f0f488-7357c"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/images/favicon.svg?1660478537
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/images/favicon.svg?1660478537
IP 185.178.208.182:0
GET /images/favicon.svg?1660478537 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:47 GMT
content-type: image/svg+xml
last-modified: Sun, 14 Aug 2022 12:02:17 GMT
etag: W/"62f8e449-27a"
accept-ranges: bytes
x-powered-by: PleskLin
content-encoding: br
vary: Accept-Encoding
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/main.js?1660208281
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/main.js?1660208281
IP 185.178.208.182:0
GET /cp/javascript/main.js?1660208281 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 08:58:01 GMT
etag: W/"62f4c499-7f471"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/externals/require.js?1660208281
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/externals/require.js?1660208281
IP 185.178.208.182:0
Analyzer Verdict Alert fortinet Phishing
GET /cp/javascript/externals/require.js?1660208281 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 08:58:01 GMT
etag: W/"62f4c499-4562"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/images/symbols.svg?6bd5879cb9a032639fb375ff6f1dcd26
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/ui-library/images/symbols.svg?6bd5879cb9a032639fb375ff6f1dcd26
IP 185.178.208.182:0
Analyzer Verdict Alert fortinet Phishing
GET /ui-library/images/symbols.svg?6bd5879cb9a032639fb375ff6f1dcd26 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: image/svg+xml
last-modified: Mon, 08 Aug 2022 11:33:28 GMT
etag: W/"62f0f488-3eef8"
accept-ranges: bytes
x-powered-by: PleskLin
content-encoding: br
vary: Accept-Encoding
age: 92
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/vendors.js?1660208281
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/vendors.js?1660208281
IP 185.178.208.182:0
GET /cp/javascript/vendors.js?1660208281 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 08:58:01 GMT
etag: W/"62f4c499-15a6fb"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/theme/images/logos/plesk/logo.svg?1660208281
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/theme/images/logos/plesk/logo.svg?1660208281
IP 185.178.208.182:0
GET /cp/theme/images/logos/plesk/logo.svg?1660208281 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: image/svg+xml
last-modified: Thu, 11 Aug 2022 08:58:01 GMT
etag: W/"62f4c499-aa8"
accept-ranges: bytes
x-powered-by: PleskLin
content-encoding: br
vary: Accept-Encoding
age: 92
ddg-cache-status: MISS
X-Firefox-Spdy: h2
ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/externals/prototype.js?1660208281
185.178.208.182200 OK 0 B URL HTTP/2 ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/cp/javascript/externals/prototype.js?1660208281
IP 185.178.208.182:0
GET /cp/javascript/externals/prototype.js?1660208281 HTTP/1.1
Host: ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://ekmera.com.cdn.cloplombifusionfurnishistage.uyduportal.net/login_up.php?success_redirect_url=%2F
Cookie: __ddg1_=FD4iuHHOJvOtnyQYudBw
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Thu, 01 Sep 2022 06:07:46 GMT
content-type: application/javascript
last-modified: Thu, 11 Aug 2022 08:58:01 GMT
etag: W/"62f4c499-17ccf"
content-encoding: gzip
x-powered-by: PleskLin
age: 91
ddg-cache-status: MISS
X-Firefox-Spdy: h2