Report - news.itnews.asia/T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw==

Report Overview

URL

news.itnews.asia/T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw==
IP

159.127.187.12

ASN

#19137 EPSILON-INTERACTIVE
Submitted

2022-11-30T04:25:18Z

Access
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

1

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
news.itnews.asia (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	967	290	159.127.187.12
r3.o.lencr.org (6)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2028	5320	23.36.77.32
www.itnews.asia (36)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	25034	208224	203.176.102.69
49368eaf372812dcb5e1ade7acdc5959.safeframe.googlesyndication.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	549	3495	142.250.74.97
pagead2.googlesyndication.com (1)	101	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445	11891	216.58.207.226
js.hs-analytics.net (1)	2411	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	390	631	104.17.69.176
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	54.189.139.67
www.facebook.com (2)	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1929	698	31.13.72.36
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2372	34.102.187.140
www.googletagmanager.com (1)	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	381	42290	142.250.74.168
adservice.google.com (1)	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	398	779	142.250.74.162
tpc.googlesyndication.com (1)	126	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	409	10239	216.58.211.1
js.hs-banner.com (1)	2426	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	370	1691	172.64.154.85
js-agent.newrelic.com (1)	378	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375	18926	151.101.130.137
ajax.googleapis.com (1)	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	426	9152	142.250.74.42
region1.analytics.google.com (1)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1029	562	216.239.34.36
fonts.gstatic.com (7)	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3375	152258	216.58.207.227
connect.facebook.net (1)	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	373	28638	31.13.72.12
securepubads.g.doubleclick.net (1)	190	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	379	28118	142.250.74.130
bam.nr-data.net (1)	630	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	950	606	162.247.241.14
fonts.googleapis.com (2)	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	820	1492	142.250.74.106
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
ocsp.pki.goog (21)	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7203	14697	216.58.211.3
www.google-analytics.com (1)	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	372	20685	142.250.74.46
track.hubspot.com (1)	2528	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	939	1199	104.19.155.83
ocsp.digicert.com (8)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2728	5599	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5844	34.160.144.191
cdnjs.cloudflare.com (1)	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	423	6652	104.17.24.14
stats.g.doubleclick.net (1)	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	483	562	74.125.131.156
i.nextmedia.com.au (6)	500052	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2918	255921	203.176.102.67
www.google.no (1)	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	480	694	142.250.74.67
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3243	66105	34.120.237.76
js.hs-scripts.com (1)	2571	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	386	1238	104.17.212.204
adservice.google.no (1)	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	397	1104	142.250.74.2
www.google.com (1)	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484	1429	142.250.74.132

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	news.itnews.asia/T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw==	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

HTTP Transactions (121)

URL IP Response Size

news.itnews.asia/T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw==

159.127.187.12

302

URL HTTP/1.1

news.itnews.asia/T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw==
IP

159.127.187.12:0
ASN

#19137 EPSILON-INTERACTIVE

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

                                        GET /T/v600000184c6c44a359d59ed6e96c65848/b41ac30558a34e1b0000021ef3a0bce5/b41ac305-58a3-4e1b-9686-3d26de4607d0?__F__=v0fUYvjHMDjRPMSh3tviDHXIoXcPxvDgUUCCPvXMWoX_0JoZLAZABQF5hKG3y_QnkuWIYTSWcm3ljbNm1SGDHXmHX_VitMQmXdXICExlIoEvoiiZeTZLpMgda8A4H_tDDL_8uCuzRaWgwyu96RI9ws_Yc0uwFURir-iftRGlbY9YlqpQnNdqBZfIn9ir_B63pYRDIRgFleMtZCisJhh7nq99AYUMmN7rka-qy_543XF5QPEW7UdQNyPUhyoZY9emc51vpGHRJhyvx3lIKJYT5zMuACtzDSqjZSac7C7l1fJ1QRw_C7ci3c2DPO2Scb4HU8c2SBAgkEwgpPS4n9_kzat_pMNmsNf6GXc55oxGKhFK6xEEv3GioI87KOJN6W8RfDVF4DRdlr9MZIDp4oqo6rztM96GOHQHh44pQqAVE4Glo5IQlExjnWj7l6vCKzeTsakLGKvPnT0QdBgVJxkDdTCgL9d-gyuwMslppF6b4wQ6AaMiJk-Et9vw== HTTP/1.1
Host: news.itnews.asia
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 302 
location: https://www.itnews.asia/news/us-court-allows-class-action-lawsuit-against-google-588447?eid=89&edate=20221130&utm_source=20221130_&utm_medium=newsletter&utm_campaign=daily_newsletter
cache-control: no-cache
content-length: 0
date: Wed, 30 Nov 2022 04:25:06 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

a5daf4dc99951793ae2315d4795e8146

4427507ca4d3a5632cc8f598afbc85e2195d00bd

94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4563
Expires: Wed, 30 Nov 2022 05:41:09 GMT
Date: Wed, 30 Nov 2022 04:25:06 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

4ed065cb23b5fca1a179dd73b3c5b7b2

4422eb24688f5e056fc1b18b127c7f63b1dbf5e0

b723d770d0dec7441d8505dc5a4e7d34f55c9f564ec52f20d9b70c7c3a0d9d35

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 193
Cache-Control: max-age=108558
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:25:06 GMT
Etag: "6385df6f-1d7"
Expires: Thu, 01 Dec 2022 10:34:24 GMT
Last-Modified: Tue, 29 Nov 2022 10:31:11 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

34.102.187.140:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

14cd9a0afb6ba9a763651d5112760d1e

75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 04:19:39 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 327
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.77.32:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

9fce5679881bf302a8978a0b462f01a9

b699fe030ea13ac73813e655c42ed9b531925e2b

a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9405
Expires: Wed, 30 Nov 2022 07:01:51 GMT
Date: Wed, 30 Nov 2022 04:25:06 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

9ebddc2b260d081ebbefee47c037cb28

492bad62a7ca6a74738921ef5ae6f0be5edebf39

74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: ZxRbX+Wem3rWzmtyg59lYMpb0aGiIdCjKR2nDXgdOYbk/X7NmEIWLky11l8py35nXUo14x4sOE8=
x-amz-request-id: 0Y76D1FE6W3K4XV5
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 03:45:04 GMT
age: 2402
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 04:25:06 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

34.102.187.140:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 04:11:13 GMT
cache-control: public,max-age=3600
age: 834
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471

URL HTTP/1.1

ocsp.digicert.com/
IP

93.184.220.29:0
ASN

#15133 EDGECAST

Magic

data

Size

471
Hash

3c8c689bd654417640d85f3da51af313

85123b6d46230a23d03768bf304b386e5d301305

516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

                                        POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 186
Cache-Control: max-age=103487
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:25:07 GMT
Etag: "6385cba8-1d7"
Expires: Thu, 01 Dec 2022 09:09:54 GMT
Last-Modified: Tue, 29 Nov 2022 09:06:48 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

54.189.139.67

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

54.189.139.67:0
ASN

#16509 AMAZON-02

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8EtF/DfYBD8LZUZPXJl2Aw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o83907hKxMF7bCXcU/EclscsK6E=

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

f50fd635895870df33a17fe377a6a038

dd65dfbbc810b095432cfd59f971af04a9e31ab7

ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-5TNPVQC

142.250.74.168

200 OK

41527

URL HTTP/2

www.googletagmanager.com/gtm.js?id=GTM-5TNPVQC
IP

142.250.74.168:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (2612)

Size

41527
Hash

e616d74a021243cc5df115cb2956e90c

440350109f77c227c135b501c285862c0e5f6b44

183cc45ac437336b7007f056ca13f8e5e1d9df438dc6948b39d545039fd22020

HTTP Headers

                                        GET /gtm.js?id=GTM-5TNPVQC HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itnews.asia/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 30 Nov 2022 04:25:08 GMT
expires: Wed, 30 Nov 2022 04:25:08 GMT
cache-control: private, max-age=900
last-modified: Wed, 30 Nov 2022 03:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41527
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

f50fd635895870df33a17fe377a6a038

dd65dfbbc810b095432cfd59f971af04a9e31ab7

ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.24.14

200 OK

5631

URL HTTP/2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP

104.17.24.14:0
ASN

#13335 CLOUDFLARENET

Magic

ASCII text, with very long lines (30837)

Size

5631
Hash

109d1ed85cd01f9cdab73a4cac5bf80d

d6c6498ad46de2d8e2008a8ff68e364ae7f16b32

8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

                                        GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.itnews.asia/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
date: Wed, 30 Nov 2022 04:25:08 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 23496
expires: Mon, 20 Nov 2023 04:25:08 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=epTMb2Sc3HLUFaMlHMzRU67epFtowNNr32klzFc2%2BOn1US7jfNUvlzFcKj20ZuCUwfmKGlT%2BmvHbtj5XqYnY993cGSGNRyGzzpcgmvgMiwi7gxarCospD6tV4Z7O3gczZE4AGRZG"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 7720d1442c73b4fd-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

URL HTTP/1.1

ocsp.pki.goog/gts1c3
IP

216.58.211.3:0
ASN

#15169 GOOGLE

Magic

data

Size

472
Hash

146dac10a93604a686550631e14eefb9

b4af601ce6d515d9ec124938ce626060e0d43099

bac5bc94c1a95af45522dadbf1639aff31e691fa2314314c6cce1ab1e70bba87

HTTP Headers

                                        POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 04:25:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

216.58.211.3

200 OK

472

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (161)

#1 JS:Script (size: 23930)

#2 JS:Script (size: 17314)

#3 JS:Script (size: 2689)

#4 JS:Script (size: 614)

#5 JS:Script (size: 207)

#6 JS:Script (size: 299850)

#7 JS:Script (size: 18)

#8 JS:Script (size: 636)

#9 JS:Script (size: 30)

#10 JS:Script (size: 150)

#11 JS:Script (size: 868)

#12 JS:Script (size: 425)

#13 JS:Script (size: 157)

#14 JS:Script (size: 9)

#15 JS:Script (size: 49)

#16 JS:Script (size: 50049)

#17 JS:Script (size: 292)

#18 JS:Script (size: 267)

#19 JS:Script (size: 390498)

#20 JS:Script (size: 6005)

#21 JS:Script (size: 19)

#22 JS:Script (size: 632)

#23 JS:Script (size: 150)

#24 JS:Script (size: 36695)

#25 JS:Script (size: 240427)

#26 JS:Script (size: 128513)

#27 JS:Script (size: 1)

#28 JS:Script (size: 50230)

#29 JS:Script (size: 80476)

#30 JS:Script (size: 6991)

#31 JS:Script (size: 639)

#32 JS:Script (size: 157753)

#33 JS:Script (size: 107789)

#34 JS:Script (size: 217680)

#35 JS:Script (size: 452)

#36 JS:Script (size: 61568)

#37 JS:Script (size: 105267)

#38 JS:Script (size: 107)

#39 JS:Script (size: 150)

#40 JS:Script (size: 12763)

#41 JS:Script (size: 95931)

#42 JS:Script (size: 4114)

#43 JS:Script (size: 29)

#44 JS:Script (size: 14618)

#45 JS:Script (size: 632)

#46 JS:Script (size: 625)

#47 JS:Script (size: 31046)

#48 JS:Script (size: 468)

#49 JS:Script (size: 65869)

#50 JS:Script (size: 300250)

#51 JS:Script (size: 48)

#52 JS:Script (size: 2012)

#1 JS:Eval (size: 19)

#2 JS:Eval (size: 1)

#3 JS:Eval (size: 22)

#4 JS:Eval (size: 134)

#5 JS:Eval (size: 71)