firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 13 Sep 2022 09:14:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WwSSk_cXpF2SEmj3muUZClOHbUTusUn1OTsR5DBvicio1IcSoTZs7g==
Age: 498
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8017
Expires: Tue, 13 Sep 2022 11:36:04 GMT
Date: Tue, 13 Sep 2022 09:22:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 13 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4SsuAZhUiSdR8K7_KKSEOy0RKEFtqAZR8ts4THbiXTpjLsIMp1nRtQ==
age: 17233
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/tZReZPyG3FxQfQbO8DCBsNQnHRze9G7r
193.34.145.204302 Found 700 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/tZReZPyG3FxQfQbO8DCBsNQnHRze9G7r
IP 193.34.145.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5cbdbc07a947ea7073a3de22638e5651
51542c7bd1bfed4f3003a46503579f3dcefb9a6d
61883f7435fd8ddacc4e4d9096886538e80da28b332d58314d0e95fc1160328d
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /public/tZReZPyG3FxQfQbO8DCBsNQnHRze9G7r HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:27 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IjFOR0lhL01EZm9vVHBWQ05CTStjdnc9PSIsInZhbHVlIjoiQlU5UzhJUUtpQ3JhU3hLWENCdEdTWCtad0dGdG5LaHJsalVGaCtIbHh5Mk9keVJyWVMzTHZGeHNBRzR6Qk96L2lYZFNibjhOa2dZK01wOFhsSlphSE9wOU5JeGNMSC9UbGlRUHZZTnhZaUEyZDRVbUo0b0pKNjNOL0ZwSU9rTXciLCJtYWMiOiI5ZmZiZmI4ZmZlZTcyZDQyNGJiMDM2MGE0M2JkNmQ5Zjg3MTE3YmY3MWM0Mjg5NmMyOThjZDQ4OWE5OTYzOGQyIiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:27 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjlPYVd6WUJYWmFxd011QzFYM0JLdWc9PSIsInZhbHVlIjoidkZLbktUZlBQcDUxVW9OeWVoVGZuZWVkZmZGZVhrcHhid2FLaWJ4U3NnTC9qWno1RjlweURjNEJzejhBMnpYYUFXZGM3MGNDOWE0TDlwa0dzUUZpbTZId2JVS2toeGtBR2JKSWcrSmpJUm90WkNobGZRdmdiM3RubEozb1FlUjAiLCJtYWMiOiI5MmZhOWQ1ZTliZDg1ODgyODdhNjJlNmU1YTgzZjE0YTgyM2E1ZThiYTJhZjVmYjc0MjdhNjFkODdjMTJmZDI1IiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:27 GMT; Max-Age=7200; path=/; httponly; samesite=lax
location: https://delivery.attempt.ndelectric-dz.com/public
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 13 Sep 2022 09:22:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 13 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Tue, 13 Sep 2022 09:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: EIcgcnFsJ3exurfYvs7q575lmpB2pB1fHesVzvhDXRH8bYpGpEjBPA==
Age: 1146
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3930
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 13 Sep 2022 09:22:28 GMT
Last-Modified: Tue, 13 Sep 2022 08:16:58 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.36.24.174101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.36.24.174:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hQ/xtBV28KJ/qIBevdq37g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UW9aRRm2ShDOnpeQGpGxvQt7+TQ=
delivery.attempt.ndelectric-dz.com/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN/
193.34.145.204301 Moved Permanently 290 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN/
IP 193.34.145.204:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ab364505a189665b6442d36cacc3b975
0b451bd8f460f2be949bb9c9a1201cb3fb0fbe15
ca38f13a81ffaec56b94440762babbf1faad01aa8fa1b7a05b92cacff262942c
Analyzer Verdict Alert fortinet Phishing
GET /SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN/ HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6Ii9vMXVHVStEOGlTeWNjWTdtbWtTUkE9PSIsInZhbHVlIjoicGY3NW1sbGJudU5GZkVUV0hZSmxwNHNLRC9Bc2I3Y1c2QWhRRzh6UkJPZDlTWTcwVVVuQ29ibkx5U0ZJWHAwMGhJSkpEYU5paVdSRlhoazN3QjVHU080M1JtRGJrT2VCbnowRWhLQTFhZHl6bE1hSWlWTlk4M2k1cHJTRC96MUQiLCJtYWMiOiI5YzZiNWViYmNkMTI2YzYzNWJiNzhiYmEzNjU2YjczZmQ2ZDE0N2I2NzExNWNkYTMzMjNmYjA3NjEyOWJmMWJkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBkWmZtMnl3Q2JKRG9lUnd0QXdFV2c9PSIsInZhbHVlIjoiNDlkM0EzZURBSzFYY24rZjBBM29mRXMwM2oxdWZ0TXg4TUJ3c3FtTDdKUnRtRzJwU1ZUN0hFM3ExKzhIZUFjb3psSDArUGNNR0lCM3NEd1V5V050NVp0SVk3TzFvVlRJVkwxUHZZQUpVb0xWZXBQbWRYMW9wQm9qbjdIUjZtTDQiLCJtYWMiOiI5NjIxMTg5ZjQ0Yzc2ZmU3OGM1OTIwYzRmYjYzY2YwMWQ1NTk4NGY1N2VlM2NkZDgzYjQ1MjIyYTdhM2ZhNGQzIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
location: https://delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
content-length: 290
content-type: text/html; charset=iso-8859-1
date: Tue, 13 Sep 2022 09:22:29 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:22:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:22:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:22:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:22:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6266
Expires: Tue, 13 Sep 2022 11:06:55 GMT
Date: Tue, 13 Sep 2022 09:22:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 15c4bbfd3d31955ae2beb1e47f1fda18
9e08828ce3d8d3170875c017ce70230fb60be657
c7cedd44499cf59595fd01e8ddd3bce3e93a86daeec18a7a0868c445f9ac5d51
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d542ad5-49b2-49ec-b91f-9f4913e58d1d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4810
x-amzn-requestid: 9fd1552d-1306-4164-a187-e8dee3cb7a27
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YBrqjEBdoAMFY8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6316f310-6c15aad5779bf7d625b2ffd7;Sampled=0
x-amzn-remapped-date: Tue, 06 Sep 2022 07:13:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _pxD-Qr-7ZLFBSFNS1g0043Gybs3UDrPcR6fiEckEqc1uODjdwukEw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:18 GMT
age: 41051
etag: "9e08828ce3d8d3170875c017ce70230fb60be657"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 838f709437b2dfbede4ee15307afe217
2ab2ee20e720b78be6deb55f967ac0d8b7dad048
a3b47ce595b475f2aab6f7378888d15ba3e98453d6c8a3d88946efc5d65eedba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc9a2dff5-4864-4430-8c54-6b68d2bbd35a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10849
x-amzn-requestid: 722d8d75-0911-4b59-af65-2b408bc09d80
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXbx6E9-oAMFT8w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa672-74ea9343619d4a1865e34818;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TeasWs7Qh6T3oV8vJsu5JM_EApUJEGGWIvUC6Pfd41u18v8RlcPQpg==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:57:19 GMT
age: 41110
etag: "2ab2ee20e720b78be6deb55f967ac0d8b7dad048"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8c1314c7778ea0d32e8c69dae0c38b6d
c4772b9b182f9f905fead84f3761fe296073ca65
5fc8dc23f9b4d150b834aa69b358edd9f9f5f449607df07d579df66098d8aac6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F77296a12-991a-4ab6-9ce0-05b3a82d6664.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10366
x-amzn-requestid: e4d41ba8-41c5-4350-bacb-850136434eaa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YEw28GD7IAMFjCQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63182e92-4098031d1475d45f4899654b;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 05:39:30 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: TPtgXtWkeCrsnGE_G-_MZj1U046kUiGsRaoGg-xCCavcQqt7p6jdwg==
via: 1.1 7d01bcfcfe27ce0b8979cf621dd081de.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:56:25 GMT
age: 41164
etag: "c4772b9b182f9f905fead84f3761fe296073ca65"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1b3f38b1294f2f10537cba5a856ed04a
2a6c1f297d97f4248d77eba6736b4d937bda582b
9c8de94c3cb87a1a2c967b010c715387bbc09fa92dd67bab988d367603a0cece
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0afb7a6-50b1-4622-b497-1cd872b91e83.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12838
x-amzn-requestid: ad4ebca9-e16d-4fce-ab16-b3b3477c8c06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X3rT7H86IAMF1kA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6312f27f-5bf5c45d6c2be4973f0f946a;Sampled=0
x-amzn-remapped-date: Sat, 03 Sep 2022 06:21:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 1ZUZYqEL7KdWTjmN6XIGvMNeSYtsdUXdJ_ayHA484X8GJNljI4lRDQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 10:10:55 GMT
age: 83494
etag: "2a6c1f297d97f4248d77eba6736b4d937bda582b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
34.120.237.76200 OK 2.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 96d4d68111565e0e9d942cb22e3e4e93
5955dc0e311eca9988970d55d222bb77a7552fec
294fe6fa82e831192a0b16e1b2b1e57ac4ff082709a31ef52cc9c8586b9a4906
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c57865-c702-4995-8386-d5a054dd23e8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 2711
x-amzn-requestid: d1f9060c-585c-4ac8-bc60-2b3a2c80ee65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YXb4DGKToAMFfog=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631fa699-3522d608453b1c6374e4a94e;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 21:37:29 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: V8mpzgCJSACJcuNdIy6YE8iH1n_OjyEs0cV7qjQbfg42w3nQHw5SOA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 21:58:18 GMT
age: 41051
etag: "5955dc0e311eca9988970d55d222bb77a7552fec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8b9c6d44f93a72d6c03ebcfadda1a48a
f6100190de6244ae74b6c1250b997749a381ed89
4bf351795fb3a9e8a1a917d6ab202b1c75007bd5dc450a869b4db5dbfdd81dc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabb8ed52-93ad-47ae-a006-da7de9e3d841.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5209
x-amzn-requestid: 37514c84-b67c-4401-a1bf-580437355fcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRYy7G_joAMFl5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d3b45-72b73b6172fe5aa34e368e66;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 01:35:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5B-ItCBBt8qViPlzDbWtyYNZc1Xxor5nXrn3KgxPiyIhM0dDH-htUw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 16:14:57 GMT
age: 61652
etag: "f6100190de6244ae74b6c1250b997749a381ed89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 887507
expires: Sun, 03 Sep 2023 09:22:30 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s52dctkH922AYBiD3rlUyl7VyiCKM6NNFU3%2BVe6zXaj4sAy0Bt5ioPJy2e0p2PWe4lPIlplD3ckKi%2FcLBW26RwdEgRMPAh%2FgzY1t7zha89pAuN4%2BIrbiBLVwZmTrfhxZfxkL1pS%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 749fd19b6c5cfabc-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=f7165dd215
172.67.150.137200 OK 25 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=f7165dd215
IP 172.67.150.137:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash e17e66631d9af8bac721d2e299d67e32
49dbeb741c4916be889a20485a94704d675fbbfc
5447c9304b2d7c60b3906736d79b2a5568b6c5b2f1900e210bf7211dbced4a52
GET /releases/v6.2.0/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/
Origin: https://delivery.attempt.ndelectric-dz.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"0fb4e5b70c498af98f246511192b899d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b7956d91cf1fe016b86fc209319f03ca.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: VJZxdw9j0seBazXjnLoosiCywZUBNsFM7xGfokQ3cf_BbR5VOE3dhQ==
age: 142917
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zI%2BMC48XgjREKfoQPDd7V6B7O8BmXa6OPt9jE7a6V6wedPJKR%2BLiKExo5hv9k3mkrRE%2F2u7lTi5hQHAtYTLnM6zYd8IzHDacBcvhkclSbyoa7HoI1TLtzAYgKelwQTyw2EernwHHKg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fd19c0b44b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/js/session-recorder.js
193.34.145.204200 OK 45 kB URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/js/session-recorder.js
IP 193.34.145.204:0
File type ASCII text, with very long lines (44992)
Hash 701984b4995f3c29820e83c999b7eb23
a3b50104a3bfa05bf59a317273816c7d8ae1f81d
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer Verdict Alert fortinet Phishing
GET /public/js/session-recorder.js HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 03:35:56 GMT
accept-ranges: bytes
content-length: 45066
content-type: application/javascript
date: Tue, 13 Sep 2022 09:22:30 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/css/app.css
193.34.145.204200 OK 440 kB URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/css/app.css
IP 193.34.145.204:0
Size 440 kB (439658 bytes)
Hash 181990cc2279e4cea65c9363fb37fee9
b85a7ba40043b0c48a034d8382629ef7ec6a1e24
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
GET /public/css/app.css HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 04:11:08 GMT
accept-ranges: bytes
content-length: 439658
content-type: text/css
date: Tue, 13 Sep 2022 09:22:30 GMT
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=f7165dd215
172.67.150.137200 OK 13 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-font-face.min.css?token=f7165dd215
IP 172.67.150.137:0
File type ASCII text, with very long lines (1560)
Hash 4ce3a7da756e3991c5fb61831160d714
c0db8bd36104d4168faa4c7fae27c430084fd2fc
eae5eb3342cfee0879bad65bc0215e919467db65bf94d748fd9109cb89ca455b
GET /releases/v6.2.0/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/
Origin: https://delivery.attempt.ndelectric-dz.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"a0adfe3c7bd1fa905b7f3b5ecea27889"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f33514300fff2b9161f119d57e09b528.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: 4q421mmMd1v5yc_iSXZUSfF1B2ad-PCh8NCyKy6PgGOseJXU3ggsQA==
age: 142917
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EwoK4hBFTreGGtGC8Dy2H1dsM1iien%2BmZ%2F901t6rzGRaemiXx9pJ34YH2oxkIq5IO8iDuf7K%2FHjXoprXyQUUMIMsuotj%2FnZzGcy2yJ4CasNN5Yr527wm9i3P9IGqkmTovPrBbPzH0Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fd19c1b50b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
193.34.145.204200 OK 137 kB URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
IP 193.34.145.204:0
Size 137 kB (137232 bytes)
Hash bafd9c19a06adc9883856c28b17834cd
18a54d3ef7735c0cd7c4fe3a30ed07cf31b8bb19
a415cadf8b40b2272433c598db24fdfca632a532735bd72e239877628aa44e24
Analyzer Verdict Alert fortinet Phishing
GET /public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Ii9vMXVHVStEOGlTeWNjWTdtbWtTUkE9PSIsInZhbHVlIjoicGY3NW1sbGJudU5GZkVUV0hZSmxwNHNLRC9Bc2I3Y1c2QWhRRzh6UkJPZDlTWTcwVVVuQ29ibkx5U0ZJWHAwMGhJSkpEYU5paVdSRlhoazN3QjVHU080M1JtRGJrT2VCbnowRWhLQTFhZHl6bE1hSWlWTlk4M2k1cHJTRC96MUQiLCJtYWMiOiI5YzZiNWViYmNkMTI2YzYzNWJiNzhiYmEzNjU2YjczZmQ2ZDE0N2I2NzExNWNkYTMzMjNmYjA3NjEyOWJmMWJkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBkWmZtMnl3Q2JKRG9lUnd0QXdFV2c9PSIsInZhbHVlIjoiNDlkM0EzZURBSzFYY24rZjBBM29mRXMwM2oxdWZ0TXg4TUJ3c3FtTDdKUnRtRzJwU1ZUN0hFM3ExKzhIZUFjb3psSDArUGNNR0lCM3NEd1V5V050NVp0SVk3TzFvVlRJVkwxUHZZQUpVb0xWZXBQbWRYMW9wQm9qbjdIUjZtTDQiLCJtYWMiOiI5NjIxMTg5ZjQ0Yzc2ZmU3OGM1OTIwYzRmYjYzY2YwMWQ1NTk4NGY1N2VlM2NkZDgzYjQ1MjIyYTdhM2ZhNGQzIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:29 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:30 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:30 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
193.34.145.204404 Not Found 157 kB URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP 193.34.145.204:0
Size 157 kB (157065 bytes)
Hash 7da192312732f8f8652c04e8c65372b9
1b47881a63227fb659b93a13d7e1f3dc974037f9
4cdc85c356af44dee1ecce71fd7e917ca62fd71271b42c96edd0dfc99142cf70
Analyzer Verdict Alert fortinet Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:33 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/js/app.js
193.34.145.204200 OK 1.6 MB URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/js/app.js
IP 193.34.145.204:0
Size 1.6 MB (1613806 bytes)
Hash fd900f643203761f2eeca2132fc15f1d
375f23ca9ad75b647373bda03b02e2d0f6e729be
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
Analyzer Verdict Alert fortinet Phishing
GET /public/js/app.js HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 30 Mar 2022 03:35:56 GMT
accept-ranges: bytes
content-length: 1613806
content-type: application/javascript
date: Tue, 13 Sep 2022 09:22:30 GMT
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/images/favicon.gif
193.34.145.204200 OK 2.2 kB URL HTTP/2 delivery.attempt.ndelectric-dz.com/images/favicon.gif
IP 193.34.145.204:0
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
GET /images/favicon.gif HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/SHoCGAMIm8rE1vOschTE4zvIhXtKZ4tN
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 17 Apr 2022 21:25:28 GMT
accept-ranges: bytes
content-length: 2238
content-type: image/gif
date: Tue, 13 Sep 2022 09:22:36 GMT
server: Apache
X-Firefox-Spdy: h2
script.hotjar.com/modules.448392d04fd1e15c100a.js
143.204.55.46200 OK 66 kB URL HTTP/2 script.hotjar.com/modules.448392d04fd1e15c100a.js
IP 143.204.55.46:0
File type Unicode text, UTF-8 text, with very long lines (48714)
Hash dda0289b22368ab84a40f8dab68ddb9e
bef03b9e4930e3fddeee2dbd16f79fb04a78e11d
114cd1432d8d08eb7625146120b27b7046f5c3f841c25ff7889bd56ab1cd19ff
GET /modules.448392d04fd1e15c100a.js HTTP/1.1
Host: script.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 65486
date: Wed, 07 Sep 2022 10:58:07 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "dda0289b22368ab84a40f8dab68ddb9e"
last-modified: Wed, 07 Sep 2022 10:57:54 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cxac8plBO5Yq1BRZYmfm1TtSVVHIAp1wduYe1bvuHo2cbBHkX0H4CA==
age: 512669
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg
IP 34.120.237.76:0
Hash 6603742fc9d79990d1c42f20c4a5654a
9442b56550f5183344687ae452f7472b9344c9d3
e55fc95501b4f70453f1e25d78d421e70e143ef2b5ad55af139d342fd58d5718
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc781d2a6-7a39-471c-a1a0-2e29918b63e9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6530
x-amzn-requestid: dd634daa-0aee-4859-a956-c54d5eecf1be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YSKEyHGlIAMFVcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d8a1e-51f715224318bfcf76d1c3ab;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 07:11:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: HMJgr4Kw1vyxFSbLpWcgarqHbVD3E8hPdFNFRzpwW4MqzV30mQyKog==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 12 Sep 2022 17:39:46 GMT
age: 56570
etag: "af756dc52f6b5b042d99c3ceba7a64dcbfaa73b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
143.204.55.118200 OK 1.0 kB URL HTTP/2 vars.hotjar.com/box-69edcc3187336f9b0a3fbb4c73be9fe6.html
IP 143.204.55.118:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2431), with no line terminators
Hash f6a9ca04b0687ea3c0d98e8430c8c77b
35503b2deb23091a9a9c6c68d4020dbdf879588e
8e4328ecb6b395499567369e3c227231dbdaf361f43ce315934d7a2a3abbed41
GET /box-69edcc3187336f9b0a3fbb4c73be9fe6.html HTTP/1.1
Host: vars.hotjar.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 1044
date: Wed, 07 Sep 2022 09:17:07 GMT
accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: br
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
etag: "f6a9ca04b0687ea3c0d98e8430c8c77b"
last-modified: Wed, 07 Sep 2022 09:16:57 GMT
strict-transport-security: max-age=604800; includeSubDomains
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EEbK5F89i9SMkMwHD3OZyR1Sn-GT9cjeG6Am62zkN2tKcAXp7a0y8g==
age: 518729
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7cb747a3a8a03819fdf65a4967db3978
c790400192f18ae1fd65d3b244ea4f3a537b2493
7eec20fdfd3db647d48f1762f3c3a1befdeed8ec190add19b755c1deba57a0f2
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 13 Sep 2022 09:22:36 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sat, 10 Sep 2022 12:05:06 GMT
Expires: Sat, 17 Sep 2022 12:05:05 GMT
Etag: "c790400192f18ae1fd65d3b244ea4f3a537b2493"
Cache-Control: max-age=602683,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: HIT
Age: 535
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 749fd1c39f770b55-OSL
delivery.attempt.ndelectric-dz.com/public/
193.34.145.204200 OK 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/
IP 193.34.145.204:0
Analyzer Verdict Alert fortinet Phishing
GET /public/ HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjFOR0lhL01EZm9vVHBWQ05CTStjdnc9PSIsInZhbHVlIjoiQlU5UzhJUUtpQ3JhU3hLWENCdEdTWCtad0dGdG5LaHJsalVGaCtIbHh5Mk9keVJyWVMzTHZGeHNBRzR6Qk96L2lYZFNibjhOa2dZK01wOFhsSlphSE9wOU5JeGNMSC9UbGlRUHZZTnhZaUEyZDRVbUo0b0pKNjNOL0ZwSU9rTXciLCJtYWMiOiI5ZmZiZmI4ZmZlZTcyZDQyNGJiMDM2MGE0M2JkNmQ5Zjg3MTE3YmY3MWM0Mjg5NmMyOThjZDQ4OWE5OTYzOGQyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjlPYVd6WUJYWmFxd011QzFYM0JLdWc9PSIsInZhbHVlIjoidkZLbktUZlBQcDUxVW9OeWVoVGZuZWVkZmZGZVhrcHhid2FLaWJ4U3NnTC9qWno1RjlweURjNEJzejhBMnpYYUFXZGM3MGNDOWE0TDlwa0dzUUZpbTZId2JVS2toeGtBR2JKSWcrSmpJUm90WkNobGZRdmdiM3RubEozb1FlUjAiLCJtYWMiOiI5MmZhOWQ1ZTliZDg1ODgyODdhNjJlNmU1YTgzZjE0YTgyM2E1ZThiYTJhZjVmYjc0MjdhNjFkODdjMTJmZDI1IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:28 GMT
set-cookie: XSRF-TOKEN=eyJpdiI6Ii9vMXVHVStEOGlTeWNjWTdtbWtTUkE9PSIsInZhbHVlIjoicGY3NW1sbGJudU5GZkVUV0hZSmxwNHNLRC9Bc2I3Y1c2QWhRRzh6UkJPZDlTWTcwVVVuQ29ibkx5U0ZJWHAwMGhJSkpEYU5paVdSRlhoazN3QjVHU080M1JtRGJrT2VCbnowRWhLQTFhZHl6bE1hSWlWTlk4M2k1cHJTRC96MUQiLCJtYWMiOiI5YzZiNWViYmNkMTI2YzYzNWJiNzhiYmEzNjU2YjczZmQ2ZDE0N2I2NzExNWNkYTMzMjNmYjA3NjEyOWJmMWJkIiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:28 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InBkWmZtMnl3Q2JKRG9lUnd0QXdFV2c9PSIsInZhbHVlIjoiNDlkM0EzZURBSzFYY24rZjBBM29mRXMwM2oxdWZ0TXg4TUJ3c3FtTDdKUnRtRzJwU1ZUN0hFM3ExKzhIZUFjb3psSDArUGNNR0lCM3NEd1V5V050NVp0SVk3TzFvVlRJVkwxUHZZQUpVb0xWZXBQbWRYMW9wQm9qbjdIUjZtTDQiLCJtYWMiOiI5NjIxMTg5ZjQ0Yzc2ZmU3OGM1OTIwYzRmYjYzY2YwMWQ1NTk4NGY1N2VlM2NkZDgzYjQ1MjIyYTdhM2ZhNGQzIiwidGFnIjoiIn0%3D; expires=Tue, 13-Sep-2022 11:22:28 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 193.34.145.204:0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:32 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
kit.fontawesome.com/f7165dd215.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.23.52:0
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://delivery.attempt.ndelectric-dz.com
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FxMX3AhTwGm1-Jc-rj6j
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 749fd19b6d3eb506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=f7165dd215
172.67.150.137200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v4-shims.min.css?token=f7165dd215
IP 172.67.150.137:0
GET /releases/v6.2.0/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/
Origin: https://delivery.attempt.ndelectric-dz.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"58dea8f45bf2685132179a837507637a"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fedd444eadd43dacc7e53f24b46bddf8.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: ADdTcetuJNVjGMMlTw0OFdnDUujBDf55eN4xnafCMSGGQyMWkDI1AA==
age: 142917
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g9lNiotYR0vXqua5Fb6mSWBNS%2FMVlidVI1%2B6zqfaQXWaeDEp3UGtTqzT%2FtpLpzQiVL9CQCZK4x%2BSnehTCjaphYmjV6bECFQuZxMEhTL4yAoTYFzov44Ul5FLuEL%2BD8FQVVlqleuSFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fd19c1b4cb527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP 193.34.145.204:0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:34 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
104.21.11.160404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 104.21.11.160:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Tue, 13 Sep 2022 09:22:29 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: EXPIRED
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wHCct9eSHLofG3Bj6py%2Bt5NEF5tzK%2BaVODlBY8JRAZh%2FQ5c4CAscT4aUEWA3bQPaBxqtYvALtuxdfyH9riUQ4fSZNB%2Frd%2BkCZWODcsMlNOHU9pLPnRpW0a5X0gA0Bd4ZpUDS2Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fd1909d6f0b02-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 193.34.145.204:0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:32 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215
172.67.150.137200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215
IP 172.67.150.137:0
GET /releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://delivery.attempt.ndelectric-dz.com/
Origin: https://delivery.attempt.ndelectric-dz.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"e2e288c32f411dc30c0c399302a30654"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 c76d87fd83a704b78afc1028fc7bcea2.cloudfront.net (CloudFront)
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: -httpG5tYADvuzVRmAar881XWh8mzbcCIK9VZNqz8PgoRM_rkSvofg==
age: 142917
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C1YxSQCaHuEBbMlXWGOkcGBcYGCB7xbZnb5zLAP9XfYWiPlnEZCXzls7T2MUVGuQ%2BvK5a83YE7HHmGbJ60hNqY8rgXR0uHT%2BlGfmyZ4u5Bj16rxlktte7ZuSimdN6uVn34Er6auqLw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 749fd19c1b45b527-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
IP 193.34.145.204:0
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:32 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP 193.34.145.204:0
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:33 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
193.34.145.204404 Not Found 0 B URL HTTP/2 delivery.attempt.ndelectric-dz.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
IP 193.34.145.204:0
Analyzer Verdict Alert fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: delivery.attempt.ndelectric-dz.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkhhN1VoWGZmZVl0R3BJVFcwdE5zTnc9PSIsInZhbHVlIjoiUit3a3J2OVEvQyt6L204M1dPd0FRQzY2MUhMbWt5cytDcDFwdDNiVUZUN2pDZVcvRUk5dGFEQTg0YkxaQ2htU0F6eUhtUVVmelJ5RXJJSTg5ZllZcjR0UzllQndiWmQxQi9hRGV0aEZ3N3h6V2Q2YmVXN0Q5Ymt6a1pYYWpsRjkiLCJtYWMiOiIzZDBkMDU5ZThmMjZkNmMxZjU5NjAyZjIxOTU5M2E0NGQ4NzhmZmU5MzA5NzA0OWE5YTUzNjgwYzJhOWM0MTMxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjNIN1NXQm1sMm4xYmhqTktQWERxRGc9PSIsInZhbHVlIjoiRnRuR1pNMFhVZW9BeWZhblY1NWJmeXBmSnR6NThEa0piY21ZWng3L2p0V2E4cUh6ejlsRy9hc21GYTVvRjI4VTRjT1cveEV1VERHdEpIcUlYYzNyU0dKZWRLeU5aa2VoTFZrd25OSXcxNENuU1FNR2xmclJjZm5vM2VZRmhQeWgiLCJtYWMiOiJlYjZjNjhlYjQwZTgzYTNmODUyNDMwZGNkNzVhM2QwOTZmMjI4OWNjYmZlZWVlNjZmYTU5NGM0ZjMwODZiZWE5IiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: no-cache, private
date: Tue, 13 Sep 2022 09:22:33 GMT
content-type: text/html; charset=UTF-8
server: Apache
X-Firefox-Spdy: h2
cdn.lr-in.com/logger-1.min.js
172.67.206.254200 OK 0 B URL HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 172.67.206.254:0
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://delivery.attempt.ndelectric-dz.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 13 Sep 2022 09:22:30 GMT
content-type: text/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"bf8c8d5b3a43d03a59e5aedde43396ed0c31b63d797ba16570517e4637f79fb5"
last-modified: Mon, 12 Sep 2022 21:25:11 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-bma1663-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1663017943.551208,VS0,VE141
vary: x-fh-requested-host, accept-encoding
cf-cache-status: HIT
age: 142
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WZ5cTygrg03SSTp%2BnddSL1Yz4ey60qLajG%2Bd00g69RvPl4CybyKgITvXuHArV9gNjgpc%2FnCAUXqkbM9drgPLgsi%2BlDwIUGzSFsh8LJc%2FxtAOmyW%2FryOfZaqfryxNZw5F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 749fd19b7a94b527-OSL
content-encoding: br
X-Firefox-Spdy: h2