Report - www.clickforcontent.com/wp-includes/Text/tab/dab/conect/

Report Overview

Submitted URL
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/
IP
162.241.194.161
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-09-13 15:06:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
20

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	105 kB	142.250.74.72
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	371 B	35 kB	142.250.74.106
park.io	486107	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	262 kB	34.224.175.55
www.resonacard.co.jp	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	810 B	14.0.41.231
static.karte.io	67834	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	361 B	499 B	143.204.55.104
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	3.5 kB	95.101.11.115
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	143.204.55.25
www.clickforcontent.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.4 kB	469 kB	162.241.194.161
path.to	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	891 B	4.9 kB	3.227.93.35
netdna.bootstrapcdn.com	3413	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	292 B	9.2 kB	104.18.11.207
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	482 B	46 kB	142.250.74.163
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	270 B	20 kB	142.250.74.174
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381 B	746 B	142.250.74.10
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	143.204.55.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.8 kB	93.184.220.29
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	3.8 kB	54.230.245.118
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	54.148.148.62
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	7.0 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	63 kB	34.120.237.76
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
sb.resonabank.co.jp	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	400 B	3.7 kB	95.101.10.177

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js	Phishing
2022-09-13	medium	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (17)

	URL	Size	First Seen	Last Seen
	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	337 B	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash adaba0d67d1501d974250d6fbafb7818 4cb317ed19683464c86e6413b00f3a1718049797 cbb41bcd33c797783648ea2bdc6830154da5cac00113e0e16cd665abf214613a Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	80 B	2023-03-07	2023-12-02
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-12-02 03:48:29 Times Seen4 Hash 0ac3e644f9754479d2f4b30880002944 47995b39e2ce4096855454ef1a641c9664b9abce 1dee7c0697f4499da5da3f4814cb3889f8fdb6de2bb97927029a0df2b87a7d7f Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	278 B	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash c34b76be1411760362c97761d8c63227 7d487334b2de2d4afda161c24a8026b38c249aca 2a46f07d022334251bb8050e5756680a9533b027d4de7d66da93927e5f94ab22 Loading...

	static.karte.io/libs/tracker.js	314 kB	2023-03-07	2023-03-13
Pretty URL static.karte.io/libs/tracker.js IP 143.204.55.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:00 Last Seen2023-03-13 21:32:31 Times Seen1 Hash fc69b59d6a74cacc75e414b21d0c341b c26db25a9434d069d80b39d46872118456d5fcee 5dd6053b7b4515542e69009f0217adc815324f361537510bb09768861d16ef64 Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	454 B	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash 4deab01ecc6cc355d26591f67a62951a 67322566c0c8ee8009e7e2b8e4adcb94d5e9a2e5 469cef02ff9750d0a96140aad7fe3a6a30df17cc933ce268b5b3317de7fb8cd4 Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js	96 kB	2023-03-07	2024-04-26
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js IP 142.250.74.106 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-26 04:22:27 Times Seen18530 Hash 8fc25e27d42774aeae6edbc0a18b72aa b66ed708717bf0b4a005a4d0113af8843ef3b8ff b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682 Loading...

	path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1	473 B	2023-03-07	2023-03-14
Pretty URL path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1 IP 3.227.93.35 ASN #14618 AMAZON-AES Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash 96b125c1f8aee4f4a3ce18400e538b22 d1df32b9cc1f94629d71f8081a10ba0379a07e46 dc6b1f55ba82a648f6c8b90aa690e254d1b1361ba78081517e9d9d47ae23876c Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	47 B	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash fe1bb7ce172a751b29644f3ce07e4b8a c181f556bf34da2c2e285af4d4f59a226a796c3b bd0cbbf088a23765e8531ed5adca38f4489c09d04638f5ddce97a7b0b07fd07d Loading...

	www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ	452 kB	2023-03-07	2023-03-07
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ IP 142.250.74.72 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:52:15 Last Seen2023-03-07 15:52:15 Times Seen1 Hash 851ee5f366b5c92714cd720cca0cd02a d019c3ec2d6fd09a720d15ea8f342b71cf59e910 e011ad0fe998e61ff5fb97888e13bb776a870fa204abc0f0e4297da9a3171d4b Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js	222 kB	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash aa7b78f951f0a6bd2bfab7c7f5584d4e 0fd40025081ea03fc7bef5e5a04453ee358edd9a 489b80f26bdc7cb6f57e4d34cc5ece491943c1481e5fd2f65a7f67035f2bfddc Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js	105 kB	2023-03-07	2023-12-25
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-12-25 06:51:26 Times Seen44 Hash 8f7b03c4597c463a5b72ff25b9a5d7a2 deec535ab3683ae22ecbb3b40dc25e5204145072 7b5538ffa3c5d4e18bdafe5af55bb39242b2d72c3b9d8ef687974c418b42c56b Loading...

	netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js	28 kB	2023-03-07	2024-04-23
Pretty URL netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:21 Last Seen2024-04-23 21:51:29 Times Seen1248 Hash 9e25e8e29ef0ea358e9778082ffd97d8 75a42212affc118fef849aba4b9326a7da2acda1 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7 Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js	6.8 kB	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash 33fa1649ae37d8fca662a216fc831116 2643191baf5a3405f8547fdeba1f681e1bad1311 7a4dd228db6d78de230fd00022761ecc57db7b05f8d4b4e494d5e0fdc9a8c931 Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	88 B	2023-03-07	2023-03-14
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2023-03-14 02:51:36 Times Seen1 Hash 2f6f20b6d02152fcfd3f400549fb0e7a c91e2c99d42050c46b4ab746b9beae0f65860866 0ccf0e1b836dec968fa3de97ec374aceef7cc66e186fbdcfb527429a6fd46e05 Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/	929 B	2023-03-07	2024-02-17
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/ IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:46:32 Last Seen2024-02-17 06:47:28 Times Seen7 Hash 5c024e4dcac97f3639c61ef750854f2a 524bbd5f1d3ecbe4d6cc6469858b7b77447dcd3b c26b20d8b5c7edd95f28ae0b72d76f34301462993196fbbcf973af648218e7c6 Loading...

	www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js	50 kB	2023-03-07	2024-04-25
Pretty URL www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js IP 162.241.194.161 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-25 19:24:16 Times Seen842 Hash d40531c5e99a6f84e42535859476fe35 a901817d77b2fe5259c298c91bc65c54d7f8a1a9 a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 43bebea3d96cf3710d4a77ccb08cf1af	48 B	2023-03-07	2024-02-17
Pretty Observations First Seen2023-03-07 15:46:32 Last Seen2024-02-17 06:47:29 Times Seen7 Hash 43bebea3d96cf3710d4a77ccb08cf1af 4dd86b62b802f541564cd361cdbe694c82223333 ba2d150e4f6f98f3a6e81aa03477eb87eae3e32291d109e443753619bc8f9bda Loading...

HTTP Transactions (66)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.115

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 14:08:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NvkSC19PRfZXnhMCjmMk1a12kR7sdX00LB-661ZUxGB1xMDy7rC6hA==
Age: 3447

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6816
Expires: Tue, 13 Sep 2022 16:59:49 GMT
Date: Tue, 13 Sep 2022 15:06:13 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain

143.204.55.25

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
143.204.55.25:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: eum02w-fYKsMSlyav-D-tl2c-kr7ekXRQRYINL5Wr3-vRtQqRadJRw==
age: 37859
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 15:06:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.115

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.115:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Tue, 13 Sep 2022 15:03:22 GMT
Expires: Tue, 13 Sep 2022 15:13:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: H5WUqk6uqWJo3vRTtiwVBD6la-DDIuHlLH1XKAT3u2mgA3qX5lEuPw==
Age: 171

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 760
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:14 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:34 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/

162.241.194.161

302 Moved Temporarily

0 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/ HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Moved Temporarily
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
location: 9f960
X-Server-Cache: true
X-Proxy-Cache: MISS
Set-Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf; path=/

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960

162.241.194.161

301 Moved Permanently

277 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
277 B (277 bytes)
Hash
3d00be74f584f40093cef2d85635cdbb
4c08e5e73e9e37670c9d197304125cfa26e10efe
21281c61e9cee824edf6fe0a6140ba71fff05477cb3344a6187ede0f5675ea1d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960 HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=iso-8859-1
Content-Length: 277
Location: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
X-Server-Cache: false

push.services.mozilla.com/

54.148.148.62

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.148.148.62:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: o25Wm0iQl+K5TVl+msmAuw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0oiRtFnzxoBkN5J/7PRbJLv7dHg=

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/

162.241.194.161

200 OK

6.0 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1414)
Size
6.0 kB (5958 bytes)
Hash
80bbbf18c9d65c1dd33ba848dd2fd444
2c91da5607d6994d3f26fb8e9c8c80edceb59343
9e386243bfe542303f26ce9c6c5868bf24ac768fa6aea1c9aa5a31cad94aef65

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/ HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Type: text/html; charset=UTF-8
Content-Length: 5958
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css

162.241.194.161

200 OK

3.4 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Non-ISO extended-ASCII text, with CRLF line terminators
Size
3.4 kB (3376 bytes)
Hash
a7661ca868fe8c999b15ffbd54cb635d
d34237baadf29da1cceeaabc49fe109cb9902891
5a226b7dc795c3522e6855f035c79ffbd319f6276bc4d12ae3d371dda0f578d9

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3376
Content-Type: text/css

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js

162.241.194.161

200 OK

1.6 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (6524), with no line terminators
Size
1.6 kB (1621 bytes)
Hash
bb15daa91b7e5f11a3b944dedcc6734a
bff255d6fead3554757aa1f8fdbdf18fd8513438
b0f240e991fe56107237163ae0b0cd35cdab9fea0402aa7bb63f746a90c03069

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/custom_4e588d08afda9814698a46572afbf27c.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1621
Content-Type: application/javascript

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css

162.241.194.161

200 OK

359 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with CRLF line terminators
Size
359 B (359 bytes)
Hash
d538201958198fe84fb6d2d55c1b2480
6bbf9868f8a51827c28ab4f92091907482ca1902
fc3d41b67faa8d468d6a87ebcb951c5700853ef40b910223c5116414b12c5dfc

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SCS1902010.css HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 359
Content-Type: text/css

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js

162.241.194.161

200 OK

1.2 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- exported SGML document, Non-ISO extended-ASCII text, with CRLF line terminators
Size
1.2 kB (1243 bytes)
Hash
43cdde14be966ea647f2dc7bb13db3b2
b8634b08747f3615383eb2d91dc634eea3b70cc1
152467e192c5e90b75c0ac7a155d070196cd67f1e5bef29ba6451b1adbf7c65e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/SResonaCommon.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1243
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js

162.241.194.161

200 OK

24 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (1325)
Size
24 kB (24011 bytes)
Hash
adde81c29c1bb71ef85a28e0cf1cacb8
274fac6b33ff074afaa20cd6f27932c7e2b46a26
00ed53021065f463df09ac7dbeb5982665ad5111eab046634483c1bf4a765803

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/analytics.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png

162.241.194.161

200 OK

170 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 9 x 9, 8-bit/color RGBA, non-interlaced\012- data
Size
170 B (170 bytes)
Hash
1ef2d9ad1765b6134febc2d696ce0976
3a5eb23ea8d32c103ccf951837b2ac2f5f61fb9c
9a5c1c7d2aa5626a759eecc3402cae440dd07cb971142d51bbc5adb743923896

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/bullet_arrow_top.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 170
Content-Type: image/png

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png

162.241.194.161

200 OK

1.7 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 23 x 25, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1749 bytes)
Hash
7eebe59a91352e88ddc8bdeb33351192
5d20632f19f4fbe1e35b3db32735bca97dda7e8b
0923b154b710ec5c80a8477ab7617e0620ac9da66937bf9e8e2780fe0556860b

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/icon_comment.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 1749
Content-Type: image/png

www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ

142.250.74.72

200 OK

104 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-5FQFWZZ
IP
142.250.74.72:0
ASN
#15169 GOOGLE

File type
Unicode text, UTF-8 text, with very long lines (49400)
Size
104 kB (103848 bytes)
Hash
128f55a14b13ab17b8cc77ee1abfa445
c59bbc24fab5a135dbe351838a6337efb591495c
6f77fb32ead0fe09494f79e24c9a3d930ff4a13cbab4e4f39035331940cf56f7

HTTP Headers

GET /gtm.js?id=GTM-5FQFWZZ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 13 Sep 2022 15:06:15 GMT
expires: Tue, 13 Sep 2022 15:06:15 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 103848
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
5d7fbe704ff0819b57464e2f70366c5a
daf724276821ad91fa4e9f7e8242fbdfcd8cfe99
01428488b3f9be8793f27c2b2ad8fb751b107508aee0280455af14ee51111386

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:15 GMT
Last-Modified: Tue, 13 Sep 2022 14:53:48 GMT
Server: ECS (dcb/7EA6)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: injnPNefL4a_zQv03LWKl7juOQq85jswsUFsD2GyD_B9MQ0eW1W7Yw==
Age: 747

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
c79a6d9219e52788c0288a4288601f0b
a55c74c35279d08872bb4b0805d3f8ff684bc322
345482ec25a567e189a52a824fa13f6bbcfa8ce636c40f3619232b9cff65fa6a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.clickforcontent.com/IB/Images/SmartPhone/SP1.png

162.241.194.161

404 Not Found

462 B

URL HTTP/1.1
www.clickforcontent.com/IB/Images/SmartPhone/SP1.png
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
462 B (462 bytes)
Hash
3b58a4197a90ce28f053f853e9f5201a
1764aa95ccf139706beb229625b9d6d6f154bd5d
e63cc6fceab87ebcfc2e83b5d9354ef92bd45c582ac8202ff6d141f39ec17648

HTTP Headers

GET /IB/Images/SmartPhone/SP1.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/common.css
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 404 Not Found
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Sun, 28 Feb 2021 00:56:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 462
Content-Type: text/html

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png

162.241.194.161

200 OK

4.2 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 126 x 32, 8-bit/color RGBA, non-interlaced\012- data
Size
4.2 kB (4179 bytes)
Hash
f534e361b03a9a1384140e1293fce6cc
da2cf6df7d628da88e5ca88ed4a87017f0cb6a11
2930fe159b32a9dd59017b729e11979f74eabfec285c1657391146ecf3663d70

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/logo.png HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 4179
Content-Type: image/png

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm

162.241.194.161

200 OK

167 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
9fa32a0ec02cf0d013bc46c803112737
a0c784832cc7b4b92a7296260b77e99415401bde
8f623e90adae05768787b4e9bff1fd103a77b65e7a8a79a5aebda0a8a83ae1fb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: nginx/1.21.6
Content-Type: text/html
Content-Length: 167
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
X-Server-Cache: false

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js

162.241.194.161

200 OK

155 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (49400)
Size
155 kB (154791 bytes)
Hash
4f195982c115807c3c227da1dbe63e7d
44fd2419a4f5b7c37eefdb246dafd306c722cf7e
9af5e9582ff8a7aa44a63d78e702c4616e28aa18d087ff917b7effd67ccde04f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/gtm.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif

162.241.194.161

200 OK

2.9 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
GIF image data, version 89a, 122 x 33\012- data
Size
2.9 kB (2872 bytes)
Hash
ac3d42802042a690adf5328a0cc8e239
7616199e2d188a271d6e4cd13ea4e37db7febc42
7be78c98a5f6c37f9eb313cfc3c07b1c525807b1c0ac350e3b639413d63e0daa

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/ci.gif HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Content-Length: 2872
Content-Type: image/gif

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8708
Expires: Tue, 13 Sep 2022 17:31:23 GMT
Date: Tue, 13 Sep 2022 15:06:15 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9466 bytes)
Hash
6174529fff57758e958da5432344962f
05ec2076b32398d60ee77fab8c14345bc7dfe647
65284a76355864efa944dff5033575013c6d74a019a7b731e0236603f2f656a7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81f9b0a3-fe8f-4665-9e54-9dfaf5d4876b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9466
x-amzn-requestid: ba3f7eac-61c9-4b5f-ae8a-b372906a25ba
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YOTeoHMKoAMFr5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631bff90-1e70e2c444242a2d46387986;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 03:08:00 GMT
x-amz-cf-pop: SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: -SwaUjMInlOaGpH6yK1W1a57QCQMgY-l43RdUfKVtZA1zJzMrLzC6g==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 f7283f3fe2c258cf54f8b7d3dd272e0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 04:49:30 GMT
age: 37005
etag: "05ec2076b32398d60ee77fab8c14345bc7dfe647"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8764 bytes)
Hash
9d97e56f75165efcc71ae54952ded405
28d47359e70789115b2954b6c94711bb783b3c8c
564eac2ae99724e5f43aa1ae0afe4dec03697f888f51774e70e1b9c273c2d9d6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f033f00-b116-4419-9d21-3aed9c73ea2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8764
x-amzn-requestid: 48f44e2c-3d91-46cf-8701-3c5028e0a86d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YE-gLG4_oAMFn-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63184467-46abfc77601bd90f39a2c840;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 07:12:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tE5GZDktiELwfFRC_IEAqoat6cN7vb_TA17d-zRO6saTLEGRqB94Pw==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:47 GMT
age: 61468
etag: "28d47359e70789115b2954b6c94711bb783b3c8c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10849 bytes)
Hash
838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 4rpwcrZLDlgcwBtH7wpoHMOb8hhFbKbZSQpjWqUqbt_Sl4ud3dm9Vg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:18 GMT
age: 62637
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.9 kB (9945 bytes)
Hash
c9ab2ec10c79b91d15edb1d1e3dc763c
744fee4a0baa22ba3aa352d60620a916972b47dd
f7bb66f5bb572d73f936fc74823f51ede1f2c4e309a939b39d9529ff8f757fbe

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2830e2cb-8887-441e-8c0c-906b8fbb2366.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9945
x-amzn-requestid: a347749f-a63a-4533-a274-7151b9f235ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXcX8HAKoAMF5EQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa765-56cff18515b2a5b3397231df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:40:53 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: lZ3FmD1gM8YBgZNt97kuYSol1kj0GQqRjyLT_7715VtH9GR1WpMDxA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:42:20 GMT
age: 62635
etag: "744fee4a0baa22ba3aa352d60620a916972b47dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9815 bytes)
Hash
239262b6ab17cb19414c35cd4f761092
48eddcf9838e980e67cc8f9cbb05b475df2f0331
cd27cbce632d769288d9c33c5c8e887ba02df5677f10f7a6d03139b590ba24b4

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6b50df-cdcd-4b44-9ed3-90a502ea29ad.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9815
x-amzn-requestid: 89243e57-94eb-4c6b-903f-aa01df030ecc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUIxnEAjoAMF_Ig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e54d6-199403e2695b214711f5117f;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 21:36:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: gUhO_jZ9W_10cAK-2lOVSmQ9r1DIZvNDaqpJs5oc6lt85qAkWbBcXg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:48:14 GMT
age: 62281
etag: "48eddcf9838e980e67cc8f9cbb05b475df2f0331"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7720 bytes)
Hash
ae7d16fad4da4300a1953a916fb59688
488c58f73c81bb4d45e496c458fe3197a0884c26
4d4946932d53caad6e97bcc66527bd9cad658c0cf6f4215d01943b8a9e832959

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4acf448-2a96-49a3-8257-7743a38525f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7720
x-amzn-requestid: 7670a969-cb9c-4583-8455-10f7512ee9c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YT9YJG__oAMF4YA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e429a-674ef5a4727826ab0d60529e;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 20:18:34 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OOCryyfLht-3ebVn-5aWtQI_JnVkWxMGggv07cUoomDlgb5ogru7vg==
via: 1.1 d16c3f15bd14953a9d4109eaaa991de2.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 22:01:55 GMT
age: 61460
etag: "488c58f73c81bb4d45e496c458fe3197a0884c26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js

162.241.194.161

200 OK

222 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (20993)
Size
222 kB (222304 bytes)
Hash
aa7b78f951f0a6bd2bfab7c7f5584d4e
0fd40025081ea03fc7bef5e5a04453ee358edd9a
489b80f26bdc7cb6f57e4d34cc5ece491943c1481e5fd2f65a7f67035f2bfddc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: nginx/1.21.6
Content-Length: 222304
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
X-Server-Cache: false

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js

162.241.194.161

200 OK

41 kB

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text, with very long lines (497), with CRLF, LF line terminators
Size
41 kB (40561 bytes)
Hash
3f23bb07d256fb0251ae8951317d72bd
fef5125eb8b6bd803578ae171f1325576bee0001
68e6d6d6e600612b0e30066bf22fb12fb62841e1e398de44acef541ad3b294bb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt_data/build.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/empt.htm
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf; _gcl_au=1.1.365610885.1663081562

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:15 GMT
Server: Apache
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f1642580b2cb55b10e45c9b8f504223b
631e64028c951d1ba9f1cf8711b90e464244a991
d6d3260749f7881525b09541fcdc4c8e30f942a8ed38670303c648892dd6c8e3

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5711
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:15 GMT
Last-Modified: Tue, 13 Sep 2022 13:31:04 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

path.to/provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1

3.227.93.35

302 Found

354 B

URL HTTP/1.1
path.to/provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
IP
3.227.93.35:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
354 B (354 bytes)
Hash
1510707b8009fb719432b85d866e6811
b11d4fd28c44fbe1b4dcc3d622f39b1c92bad6fd
f4e1411e9bc7350b3ac5a6dc90ab97d7f0b966878feac91f3e86928c00122628

HTTP Headers

GET /provider/?xdm_e=http%3A%2F%2Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1 HTTP/1.1
Host: path.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 354
Connection: keep-alive
Server: Apache/2.2.34 (Amazon)
Location: http://path.to?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1

path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1

3.227.93.35

200 OK

4.0 kB

URL HTTP/1.1
path.to/?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1
IP
3.227.93.35:0
ASN
#14618 AMAZON-AES

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
4.0 kB (4037 bytes)
Hash
499c5a496b5d061bc82fa22e8fc33269
683a6231fe2cbf28073b279ea52fdba83cbecf44
0bd7bfdd3777435c8e3448c6617ecc62d97e957f5bf9dc211605790d08517ff9

HTTP Headers

GET /?xdm_e=http%253A%252F%252Fwww.clickforcontent.com&xdm_c=default8491&xdm_p=1 HTTP/1.1
Host: path.to
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.clickforcontent.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 4037
Connection: keep-alive
Server: Apache/2.2.34 (Amazon)
X-Powered-By: PHP/5.3.29

netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js

104.18.11.207

200 OK

8.3 kB

URL HTTP/1.1
netdna.bootstrapcdn.com/bootstrap/3.0.0/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27605)
Size
8.3 kB (8305 bytes)
Hash
50515345c44ca28863efddf0e1a42947
e8cbc9092fad0e01b4063ffe0bb5630f018c3617
fa816963eed7dd26ea02b634adeac8a7ecc698a959a9e85fee0c29ebc3bb1244

HTTP Headers

GET /bootstrap/3.0.0/js/bootstrap.min.js HTTP/1.1
Host: netdna.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://path.to/

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: application/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: SE
CDN-EdgeStorageId: 601, 617, 617
Last-Modified: Mon, 25 Jan 2021 22:03:55 GMT
CDN-CachedAt: 2021-04-22 22:34:54
CDN-RequestPullSuccess: True
CDN-RequestPullCode: 200
Cache-Control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
CDN-RequestId: ba30007c64a1c052c1a81ad19491d293
Content-Encoding: gzip
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 11191784
Server: cloudflare
CF-RAY: 74a1c92b8fd9b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js

162.241.194.161

200 OK

0 B

URL HTTP/1.1
www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js
IP
162.241.194.161:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /wp-includes/Text/tab/dab/conect/9f960/%E3%82%8A%E3%81%9D%E3%81%AA%E9%8A%80%E8%A1%8C%E3%80%80%E3%83%9E%E3%82%A4%E3%82%B2%E3%83%BC%E3%83%88_files/tracker.js HTTP/1.1
Host: www.clickforcontent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.clickforcontent.com/wp-includes/Text/tab/dab/conect/9f960/
Cookie: PHPSESSID=6b9a73add4fcae323a43d48f16147ddf

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:14 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade
Last-Modified: Tue, 13 Sep 2022 15:06:14 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Transfer-Encoding: chunked
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

142.250.74.106

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32341)
Size
34 kB (33576 bytes)
Hash
856f85cc1b07156fa844b44a10c236c2
7cef457c0e1cd0c20f4e699564ea8997f0332021
c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01

HTTP Headers

GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33576
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 08:19:08 GMT
expires: Tue, 12 Sep 2023 08:19:08 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 110828
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
6526c70eb74c821b7a95487ad9a4e13d
0b8c610a7755437ab815b845f52cbb27e6c95008
059d15ca6ac7cb1830286ae635731e03b56c01d7d050291dabe2b3f3db866c9a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
75ba5dfff6c5ac83de13846f0d700980
927065e77f5ee18a7551522e6705089c023e9557
0ff3c66e31de5d00a8fa835c961e1c28bf46f95d8ce56bcd0002cd37df88f56e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Server: ECS (amb/6B8E)
Content-Length: 471

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=120239
Date: Tue, 13 Sep 2022 15:06:16 GMT
Etag: "631fbe51-1d7"
Expires: Thu, 15 Sep 2022 00:30:15 GMT
Last-Modified: Mon, 12 Sep 2022 23:18:41 GMT
Server: ECS (dcb/7ECB)
X-Cache: Miss from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8T7IvdBt0plCJxAQ0foAZReNbn3zybhNAhybhUzOIw8ygf-CZ8Wcwg==
Age: 4294

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:16 GMT
Last-Modified: Tue, 13 Sep 2022 13:27:43 GMT
Server: ECS (dcb/7EC9)
X-Cache: Miss from cloudfront
Via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 3EmMsl0uDTOT8NQQgmbv2VYrkERVLxE0yaGV6bEg5mkbVuvmmh0w9w==
Age: 5913

ocsp.sca1b.amazontrust.com/

54.230.245.118

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
54.230.245.118:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
0b844ee1d885bfba8e57ee6cae2fe795
269941b0e4b5cc61a384f7d1ca8efc6b8c6f1ea9
fb59630f0ab631a4b899eb4cdfbf6f03c60278d5e65f1ccb6ef8f79cb22b9623

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 13 Sep 2022 15:06:16 GMT
Last-Modified: Tue, 13 Sep 2022 14:57:22 GMT
Server: ECS (dcb/7F5B)
X-Cache: Miss from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XsCSDq4d66vax_QPaXNNPGWVS6oAmzghETtrYlJIqNUSSb3HUb8C7Q==
Age: 534

park.io/css/park.css

34.224.175.55

200 OK

11 kB

URL HTTP/2
park.io/css/park.css
IP
34.224.175.55:0
ASN
#14618 AMAZON-AES

File type
ASCII text
Size
11 kB (10619 bytes)
Hash
1a4e263942e0a159174a4f3779b7713d
404f619b24981bd707698f44c8cf18dc85d960d5
fe28fa0c14b3d2cbf6744fca6a9b4625724dc7d0a97e5a6de78df4b3ba6aa12f

HTTP Headers

GET /css/park.css HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/css
content-length: 10619
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 10 Aug 2022 19:38:50 GMT
etag: "60f14-297b-5e5e832ca6bc4"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
75ba5dfff6c5ac83de13846f0d700980
927065e77f5ee18a7551522e6705089c023e9557
0ff3c66e31de5d00a8fa835c961e1c28bf46f95d8ce56bcd0002cd37df88f56e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:16 GMT
Server: ECS (amb/6B9F)
Content-Length: 471

www.resonacard.co.jp/favicon.ico

14.0.41.231

200 OK

318 B

URL HTTP/1.1
www.resonacard.co.jp/favicon.ico
IP
14.0.41.231:0
ASN
#54994 QUANTILNETWORKS

File type
MS Windows icon resource - 1 icon, 16x16, 16 colors\012- data
Size
318 B (318 bytes)
Hash
15cb18c4b4ba3e32f5a229d328f47911
f96ef91718ab997015fe5d7772ed80c285a405a3
72dee9206d303ed0273e3a1cd587deaf223f4d8e37e4ab438601d813a534872d

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: www.resonacard.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 15:06:16 GMT
Content-Type: image/x-icon
Content-Length: 318
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Last-Modified: Wed, 13 Sep 2017 03:40:49 GMT
ETag: "13e-55909ecfaf240"
Accept-Ranges: bytes
X-Content-Type-Options: nosniff
Age: 218
Via: 1.1 bd134:5 (W), 1.1 PSrbdbOSA1gs91:22 (W)
X-Px: ht PSrbdbOSA1gs91KIX
X-Ws-Request-Id: 63209c68_PSrbdbOSA1ap90_38201-31153
Server: PWS/8.3.1.0.8
Cache-Control: max-age=600

park.io/js/bootstrap.min.js

34.224.175.55

200 OK

28 kB

URL HTTP/2
park.io/js/bootstrap.min.js
IP
34.224.175.55:0
ASN
#14618 AMAZON-AES

File type
ASCII text, with very long lines (27605)
Size
28 kB (27726 bytes)
Hash
9e25e8e29ef0ea358e9778082ffd97d8
75a42212affc118fef849aba4b9326a7da2acda1
54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7

HTTP Headers

GET /js/bootstrap.min.js HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/javascript
content-length: 27726
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60f4d-6c4e-555c8d539a81c"
accept-ranges: bytes
X-Firefox-Spdy: h2

park.io/css/bootstrap-park.css

34.224.175.55

200 OK

105 kB

URL HTTP/2
park.io/css/bootstrap-park.css
IP
34.224.175.55:0
ASN
#14618 AMAZON-AES

File type
assembler source, ASCII text
Size
105 kB (104820 bytes)
Hash
1f3bd1c5be02fa9c6c627b4d52866c41
0a6056eb2caeda0f51847078a0929cab669c5286
04a170b9976a4c2b5518f51c7a9badeb70089bdc78ef9cc18ac80d8b7e2f92d4

HTTP Headers

GET /css/bootstrap-park.css HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:16 GMT
content-type: text/css
content-length: 104820
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60ee7-19974-555c8d53959fc"
accept-ranges: bytes
X-Firefox-Spdy: h2

park.io/images/body-bg.png

34.224.175.55

200 OK

118 kB

URL HTTP/2
park.io/images/body-bg.png
IP
34.224.175.55:0
ASN
#14618 AMAZON-AES

File type
PNG image data, 3384 x 2233, 8-bit/color RGBA, non-interlaced\012- data
Size
118 kB (117590 bytes)
Hash
a3baa7d2b3cabd978c5bda18d801c7a6
c7da5a1bdf29a5f84effb1d13b83fce1d7458de6
41bdfe36294129b956f194e5412dab8549728ef699e4e6bc4deb235f5cf2d3a9

HTTP Headers

GET /images/body-bg.png HTTP/1.1
Host: park.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://park.io/css/park.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Tue, 13 Sep 2022 15:06:17 GMT
content-type: image/png
content-length: 117590
server: Apache/2.2.34 (Amazon)
last-modified: Wed, 02 Aug 2017 17:45:42 GMT
etag: "60f19-1cb56-555c8d539987c"
accept-ranges: bytes
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
bd7b5eb635d48acf1428c326eaa892a1
ba9f6c0db831a88b7d6dbdd98f19e76b4b501258
557466a3b642e90e352898073ff23f6a034c3b233e8aee0f0f69cd6ca83d49f4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

142.250.74.163

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
142.250.74.163:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://path.to
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 13 Sep 2022 08:31:01 GMT
expires: Wed, 13 Sep 2023 08:31:01 GMT
cache-control: public, max-age=31536000
age: 23716
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/1.1
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20006 bytes)
Hash
56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://path.to/

HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 20006
Date: Tue, 13 Sep 2022 14:20:38 GMT
Expires: Tue, 13 Sep 2022 16:20:38 GMT
Cache-Control: public, max-age=7200
Age: 2739
Last-Modified: Wed, 13 Apr 2022 21:02:38 GMT
Content-Type: text/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 15:06:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sb.resonabank.co.jp/IB/Images/SmartPhone/home.png

95.101.10.177

200 OK

3.5 kB

URL HTTP/2
sb.resonabank.co.jp/IB/Images/SmartPhone/home.png
IP
95.101.10.177:0
ASN
#20940 Akamai International B.V.

File type
PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Size
3.5 kB (3453 bytes)
Hash
288cc2518e6e5f07d6094ef29aebb119
14ab61f4240d82499a3807f6477b10274349d3f4
ef77512d33280ababb1456865c24cd504f2a05d22eb27e2c4aea7f0bad58cd4e

HTTP Headers

GET /IB/Images/SmartPhone/home.png HTTP/1.1
Host: sb.resonabank.co.jp
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 20 Dec 2011 08:30:00 GMT
accept-ranges: bytes
etag: "0f4b90f1becc1:0"
content-length: 3453
date: Tue, 13 Sep 2022 15:06:17 GMT
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:400,700,800

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:400,700,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:400,700,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://path.to/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 13 Sep 2022 15:06:16 GMT
date: Tue, 13 Sep 2022 15:06:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.karte.io/libs/tracker.js

143.204.55.104

200 OK

0 B

URL HTTP/2
static.karte.io/libs/tracker.js
IP
143.204.55.104:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /libs/tracker.js HTTP/1.1
Host: static.karte.io
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.clickforcontent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
last-modified: Tue, 30 Aug 2022 04:23:36 GMT
server: AmazonS3
content-encoding: gzip
date: Tue, 13 Sep 2022 15:03:24 GMT
cache-control: max-age=300
etag: W/"fc69b59d6a74cacc75e414b21d0c341b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: pJKP3sZffmGwskZDr-7jJ2ndM6Ov59E-aV2EKtFgz9y8RU7J6TxCtA==
age: 192
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (17)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations