r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14232
Expires: Wed, 18 Jan 2023 03:16:09 GMT
Date: Tue, 17 Jan 2023 23:18:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18696
Expires: Wed, 18 Jan 2023 04:30:33 GMT
Date: Tue, 17 Jan 2023 23:18:57 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13130
Expires: Wed, 18 Jan 2023 02:57:47 GMT
Date: Tue, 17 Jan 2023 23:18:57 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:19 GMT
content-type: application/json
age: 2678
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: DIS/AUcLb6g0e1j3GXpP/Y41ZWAEfOUAo200lfYgtIe1mqYjFkXVLFTGN4/eMgY/w89E1Lnaky1kbBeWReJ7ng==
x-amz-request-id: 9HJMAYHHX4B20GPQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 22:45:10 GMT
age: 2027
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 23:18:57 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 22:48:57 GMT
age: 1801
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4460
Cache-Control: max-age=126131
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:58 GMT
Etag: "63c66529-1d7"
Expires: Thu, 19 Jan 2023 10:21:09 GMT
Last-Modified: Tue, 17 Jan 2023 09:06:49 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.40.31.202101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.40.31.202:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uuiYm0fi0lw5QmIyIltcLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7LQ2hLRCKQZMliSzLtPvA2nvB+4=
knowlzcomp.com/public/YptX9b7uDFjlzNtO0R69DMsrZVJFSgPk
162.241.149.217302 Found 358 B URL HTTP/1.1 knowlzcomp.com/public/YptX9b7uDFjlzNtO0R69DMsrZVJFSgPk
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9dc80158f2ead5a9752b15aa8136587f
b68726bd330824878fd1211cfd32ee65c505ae4b
aa3d4d4b0739d18f8b5bf46d25ae1688e32180aaf392bbd6bf10e4ba8f44fdaf
Analyzer Verdict Alert quad9 Sinkholed
GET /public/YptX9b7uDFjlzNtO0R69DMsrZVJFSgPk HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IlEwV2RhTGlMWkdVUkxqNGQrK2JvM0E9PSIsInZhbHVlIjoiMFJUT0c2ZExEYUZHVlFocXppNGRYbGJwb2g1bzRhNExueGNZdUhSbExsS3RQMTJncEIwenpFejRMRXo2TGw3TzdNMDkyRFVHMjhDcXE4citnL1luK2lzR1ZEMWVIM3plc3kxSWtIQkFleWVDcTl5YkN1a0JCZ2w1NGplTDRlS3oiLCJtYWMiOiI0OGZlYWVkMmJkNTdhMzlmNzljODJjZjcwMGZmYTMyZjZlNjFiN2M5NDZhOWQ2ODAyODI2ZjU1Y2RjZDg5NjEwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkJnMlRKN1FLV3VocEJnMC9naVJlY2c9PSIsInZhbHVlIjoiWXJhYTgzNFJ0d1NiQ2VUWFRqMmc1N21GRGVUaDdvYSthYXZERXd4c2t4VzJsMnlVVGlWdTYxR21YK05tdFNsUUhyeXQvWU9GUi93ajF5aG5sTEhmTzdPckhvREpXU29OWG51ajl6U1g4S0kzcTQ2ZzZsVWJ0dE4xQklnWml6NFUiLCJtYWMiOiJlZDMxY2IzYjExOTBjOTg3N2VmZTRlMDYxODFkMDI1NjZjMTc5MjhkYTYwMTljZmY4Y2Q4ZDJhZTZiNzEwOTI5IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 23:18:57 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkFQTytNNUQzdXMvMXFwQUlkQXp4ZWc9PSIsInZhbHVlIjoiZGljeEROMlJkTVBRTFZkdEZ1WmxtYmlWakFYM0FuSmRaOElwM3Uxd2tJOGl5T2JSVXZTOVoyUkFsRWF2OER5a29BQWg1Mmx3UkNuM0tYS0luQW4zWW9PU05haWtKUnp2SkttVDV6Um9la3pwZWdQcnhreVc0SU5CWTBtU3JQUkciLCJtYWMiOiIxZWZjODUyNjcwMTliYTQ5OThkYmUxZGZkOTAwNTlkZGU4OTYxNTk1ZmUwOGM2NTRkZjAyM2YwZmVkNDU0ZWQwIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:57 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6ImM4K0VWRisvOHAyMFIvUFZsZEJCWnc9PSIsInZhbHVlIjoieUdLUGpKNGlVaWpLaXFkYWxhV1VFYzV2djRTVy9zWjR6Rk42eHpqN1BmbWtyR25sQWxnY25IaEcwem9RbVRwTXdRUldHcWUzb1BIajNScFdhb09zRCtIcXRMS3FKQ05UTkx6VTVYM3RLTFk4c3dOTlprSERkV3FGRzBJbTU5ckYiLCJtYWMiOiI2YzBiOTBmNDdmZTQ2OWVmMzEyNTBiZjgwNjY4M2YxNWY1NWNmNzliYWJiY2Y5MGUzOGRmYzE5OGM3MmE1NGY0IiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:57 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: http://knowlzcomp.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
knowlzcomp.com/public
162.241.149.217301 Moved Permanently 237 B IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae976f07e813b2f4322c1590c5c195a2
99aa649a5a8d79d13e9c66f1873611873f58c72d
734a7e56e68c7a61ed7bf920ec6c7095c6d340230d0fda5032414d8883b928ad
Analyzer Verdict Alert quad9 Sinkholed
GET /public HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFQTytNNUQzdXMvMXFwQUlkQXp4ZWc9PSIsInZhbHVlIjoiZGljeEROMlJkTVBRTFZkdEZ1WmxtYmlWakFYM0FuSmRaOElwM3Uxd2tJOGl5T2JSVXZTOVoyUkFsRWF2OER5a29BQWg1Mmx3UkNuM0tYS0luQW4zWW9PU05haWtKUnp2SkttVDV6Um9la3pwZWdQcnhreVc0SU5CWTBtU3JQUkciLCJtYWMiOiIxZWZjODUyNjcwMTliYTQ5OThkYmUxZGZkOTAwNTlkZGU4OTYxNTk1ZmUwOGM2NTRkZjAyM2YwZmVkNDU0ZWQwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImM4K0VWRisvOHAyMFIvUFZsZEJCWnc9PSIsInZhbHVlIjoieUdLUGpKNGlVaWpLaXFkYWxhV1VFYzV2djRTVy9zWjR6Rk42eHpqN1BmbWtyR25sQWxnY25IaEcwem9RbVRwTXdRUldHcWUzb1BIajNScFdhb09zRCtIcXRMS3FKQ05UTkx6VTVYM3RLTFk4c3dOTlprSERkV3FGRzBJbTU5ckYiLCJtYWMiOiI2YzBiOTBmNDdmZTQ2OWVmMzEyNTBiZjgwNjY4M2YxNWY1NWNmNzliYWJiY2Y5MGUzOGRmYzE5OGM3MmE1NGY0IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:58 GMT
Server: Apache
Location: http://knowlzcomp.com/public/
Content-Length: 237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7041
Expires: Wed, 18 Jan 2023 01:16:20 GMT
Date: Tue, 17 Jan 2023 23:18:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7041
Expires: Wed, 18 Jan 2023 01:16:20 GMT
Date: Tue, 17 Jan 2023 23:18:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7041
Expires: Wed, 18 Jan 2023 01:16:20 GMT
Date: Tue, 17 Jan 2023 23:18:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 381020ef41e1bb778e6cee364695c2ff
f241897089655dd0535cd851f53e18be6a0c6ecb
7a9834c6ae61836742ae920ae26213d115911be7a1feee9baaadc986c1fc4e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8697
x-amzn-requestid: 70c2ea6b-5bce-4628-bb4f-8394f2dcf2fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4A_YGIXIAMFilg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c64862-7d0baeb43a306fb80926a527;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:04:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eiBk-UwKhASmAgu78_GzSyWd5q2Pht2upQOckw9qilwq6ryXQUCjQg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:22 GMT
age: 57817
etag: "f241897089655dd0535cd851f53e18be6a0c6ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:17:05 GMT
age: 3714
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sevdt3pkqowmWlcF5QHU2misel_RbAc1aAd9H-hU1mRw2xb3WF7-IQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 04:00:28 GMT
age: 69511
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 32578
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:12 GMT
age: 4787
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 4754
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
knowlzcomp.com/public/
162.241.149.217200 OK 558 B IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2f219d77ba031c607991655785c35190
c1e91d14a97ade93adbb1215cd4a5a007a1d3936
37023d4e0ce3405e2f19f59ba6ea359a22fcb447032c42a4d339395e27a2babb
Analyzer Verdict Alert quad9 Sinkholed
GET /public/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkFQTytNNUQzdXMvMXFwQUlkQXp4ZWc9PSIsInZhbHVlIjoiZGljeEROMlJkTVBRTFZkdEZ1WmxtYmlWakFYM0FuSmRaOElwM3Uxd2tJOGl5T2JSVXZTOVoyUkFsRWF2OER5a29BQWg1Mmx3UkNuM0tYS0luQW4zWW9PU05haWtKUnp2SkttVDV6Um9la3pwZWdQcnhreVc0SU5CWTBtU3JQUkciLCJtYWMiOiIxZWZjODUyNjcwMTliYTQ5OThkYmUxZGZkOTAwNTlkZGU4OTYxNTk1ZmUwOGM2NTRkZjAyM2YwZmVkNDU0ZWQwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImM4K0VWRisvOHAyMFIvUFZsZEJCWnc9PSIsInZhbHVlIjoieUdLUGpKNGlVaWpLaXFkYWxhV1VFYzV2djRTVy9zWjR6Rk42eHpqN1BmbWtyR25sQWxnY25IaEcwem9RbVRwTXdRUldHcWUzb1BIajNScFdhb09zRCtIcXRMS3FKQ05UTkx6VTVYM3RLTFk4c3dOTlprSERkV3FGRzBJbTU5ckYiLCJtYWMiOiI2YzBiOTBmNDdmZTQ2OWVmMzEyNTBiZjgwNjY4M2YxNWY1NWNmNzliYWJiY2Y5MGUzOGRmYzE5OGM3MmE1NGY0IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:59 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJEQzUwUytmUzU5WWMrUW1wSUp2L2c9PSIsInZhbHVlIjoibjVKYnpLaWJJbklJcklESXlCamovUDgrWEtpY3d3ZnBRNlBuY3FnenR2U3RkRURmZEZ3TFpHaVVTSjdHTHpldVNhQ29QYXRTZ1lSYm5hZmJGSDg1VS9SOHFIYnZvZVBGdzMzM29xY0lsTlJSSmRCdXArNlo3UTdnQVYvaVIxSVYiLCJtYWMiOiI4ZGJjNmZiNzNhYjBmMjAzNDgzY2YwYzYxYzc2NDhkZDBkMGVkMTkxMmJlZmI5MTEyMDE4NDQ3YjVkNGY2NDgyIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:59 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InJPT2F6R1JrM2RYYUZkVlFNdmdreFE9PSIsInZhbHVlIjoiV1MxcHgvamtpa0VPVnpDSmJNTmk3WkZkV0prR1JWTEFtbVR0czZtYitiYWVpa0JQbVdNYjZnZHpBSTVXTjNUYUU1NDlqNEtna2NUQXAxdmNteVA4TGFCdWkvQVI1SXc3YmdtNTVwUFBXRFBHOWxLY0M3bGhtSWlQaENtc2syYysiLCJtYWMiOiJjZTA5MjI3OGM4NTAxZjA4MjQxZTAwYjhiMDQyZGMwYTY5NjYxNDVkNTUwNGM5M2Y2YTljM2I3ZTk0YTEyODg5IiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash acceb71d5f69e5c2bfc4fdd1e2e66e5f
ae10094a4ddf886098dcbed9107629ac67445425
12fa3bca428be2a5693520f76115593ee654b8e98eaa952212a4da94d444b9ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4805
Cache-Control: max-age=156705
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:19:00 GMT
Etag: "63c6db40-117"
Expires: Thu, 19 Jan 2023 18:50:45 GMT
Last-Modified: Tue, 17 Jan 2023 17:30:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 279
knowlzcomp.com/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO/
162.241.149.217301 Moved Permanently 269 B URL HTTP/1.1 knowlzcomp.com/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO/
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash afdd77e1d3f78ef36b3e63b79e014487
7684793a53bc596c4952c48577b72378a11727e4
348045cd4d5062b591f97537a4bd850095bd7dc1ca11e38f2442afe045a3e7be
Analyzer Verdict Alert quad9 Sinkholed
GET /8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6IjJEQzUwUytmUzU5WWMrUW1wSUp2L2c9PSIsInZhbHVlIjoibjVKYnpLaWJJbklJcklESXlCamovUDgrWEtpY3d3ZnBRNlBuY3FnenR2U3RkRURmZEZ3TFpHaVVTSjdHTHpldVNhQ29QYXRTZ1lSYm5hZmJGSDg1VS9SOHFIYnZvZVBGdzMzM29xY0lsTlJSSmRCdXArNlo3UTdnQVYvaVIxSVYiLCJtYWMiOiI4ZGJjNmZiNzNhYjBmMjAzNDgzY2YwYzYxYzc2NDhkZDBkMGVkMTkxMmJlZmI5MTEyMDE4NDQ3YjVkNGY2NDgyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJPT2F6R1JrM2RYYUZkVlFNdmdreFE9PSIsInZhbHVlIjoiV1MxcHgvamtpa0VPVnpDSmJNTmk3WkZkV0prR1JWTEFtbVR0czZtYitiYWVpa0JQbVdNYjZnZHpBSTVXTjNUYUU1NDlqNEtna2NUQXAxdmNteVA4TGFCdWkvQVI1SXc3YmdtNTVwUFBXRFBHOWxLY0M3bGhtSWlQaENtc2syYysiLCJtYWMiOiJjZTA5MjI3OGM4NTAxZjA4MjQxZTAwYjhiMDQyZGMwYTY5NjYxNDVkNTUwNGM5M2Y2YTljM2I3ZTk0YTEyODg5IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:59 GMT
Server: Apache
Location: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Content-Length: 269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
162.241.149.217200 OK 60 kB URL HTTP/1.1 knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Hash e44f23d1fdf7c903f5a6c85f7590e576
b4a5115482cd33dc2d20098478015a68efe56859
319217b4bbcfab25fd7fb86d82eca7547d92c116d8f9055122493fd53f9b74b4
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata high ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS
GET /public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://knowlzcomp.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjJEQzUwUytmUzU5WWMrUW1wSUp2L2c9PSIsInZhbHVlIjoibjVKYnpLaWJJbklJcklESXlCamovUDgrWEtpY3d3ZnBRNlBuY3FnenR2U3RkRURmZEZ3TFpHaVVTSjdHTHpldVNhQ29QYXRTZ1lSYm5hZmJGSDg1VS9SOHFIYnZvZVBGdzMzM29xY0lsTlJSSmRCdXArNlo3UTdnQVYvaVIxSVYiLCJtYWMiOiI4ZGJjNmZiNzNhYjBmMjAzNDgzY2YwYzYxYzc2NDhkZDBkMGVkMTkxMmJlZmI5MTEyMDE4NDQ3YjVkNGY2NDgyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InJPT2F6R1JrM2RYYUZkVlFNdmdreFE9PSIsInZhbHVlIjoiV1MxcHgvamtpa0VPVnpDSmJNTmk3WkZkV0prR1JWTEFtbVR0czZtYitiYWVpa0JQbVdNYjZnZHpBSTVXTjNUYUU1NDlqNEtna2NUQXAxdmNteVA4TGFCdWkvQVI1SXc3YmdtNTVwUFBXRFBHOWxLY0M3bGhtSWlQaENtc2syYysiLCJtYWMiOiJjZTA5MjI3OGM4NTAxZjA4MjQxZTAwYjhiMDQyZGMwYTY5NjYxNDVkNTUwNGM5M2Y2YTljM2I3ZTk0YTEyODg5IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:00 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:19:00 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:19:00 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
knowlzcomp.com/public/js/app.js
162.241.149.217200 OK 1.6 MB URL HTTP/1.1 knowlzcomp.com/public/js/app.js
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 1.6 MB (1618138 bytes)
Hash 37d455a6a214fcf644b84a074b51d4fa
a504b144a610d8ee61e1ec6127785ec152d4d90a
6dd596a7bb7bc4dbed3cfa565ea0ff02e6bb1f9fe0da12714d12d0d6da5e4da9
Analyzer Verdict Alert quad9 Sinkholed
GET /public/js/app.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:01 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1613806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
knowlzcomp.com/public/css/app.css
162.241.149.217200 OK 440 kB URL HTTP/1.1 knowlzcomp.com/public/css/app.css
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 440 kB (439658 bytes)
Hash 181990cc2279e4cea65c9363fb37fee9
b85a7ba40043b0c48a034d8382629ef7ec6a1e24
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /public/css/app.css HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:02 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 439658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
knowlzcomp.com/images/logo.png
162.241.149.217200 OK 2.0 kB URL HTTP/1.1 knowlzcomp.com/images/logo.png
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /images/logo.png HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:03 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
knowlzcomp.com/public/js/session-recorder.js
162.241.149.217200 OK 45 kB URL HTTP/1.1 knowlzcomp.com/public/js/session-recorder.js
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44992)
Hash 701984b4995f3c29820e83c999b7eb23
a3b50104a3bfa05bf59a317273816c7d8ae1f81d
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /public/js/session-recorder.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:02 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 45066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
knowlzcomp.com/images/all.png
162.241.149.217200 OK 36 kB URL HTTP/1.1 knowlzcomp.com/images/all.png
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3226efdbaf510c754b2863cfe90c8a78
ddc808900f0b2268f7f523ab6fbc5c4d0c217bff
3ce616cac9ae5bc15283dacb606b4f56943c9f43caca4ba21e2db5240d6e3fa7
Analyzer Verdict Alert quad9 Sinkholed
GET /images/all.png HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:03 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 12499
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
34.205.238.53101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 34.205.238.53:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://knowlzcomp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7yMHotdA7hPS/ZnwuQmQrw==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 17 Jan 2023 23:19:05 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: dJwaXLwQ6TXRhyIy5qNdWBSGf68=
knowlzcomp.com/images/favicon.gif
162.241.149.217200 OK 2.2 kB URL HTTP/1.1 knowlzcomp.com/images/favicon.gif
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /images/favicon.gif HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997545036}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997545037}; _lr_uf_-mnnzup=e840de7e-7fbf-4933-9cd8-7e1646f404a2
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:19:03 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
knowlzcomp.com/images/foo.png
162.241.149.217404 Not Found 7.2 kB URL HTTP/1.1 knowlzcomp.com/images/foo.png
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 4f527720e77d91c1d0a60eeb91e3e5d3
c24882038ad7cda77f507537656d8904ab8fa189
d4f64b825374e714c0dbbf17a9dc4e025d50639399e73ea4a6492170e7f731dc
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /images/foo.png HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/8ax7QoitzNBABKQS5C7hIw8KpVKu0pbO
Cookie: XSRF-TOKEN=eyJpdiI6IjJuUGkrMktEcGFKdEdzOU0wLzc3U2c9PSIsInZhbHVlIjoiWXU2aTVLSlVHM2ZvNEhuM2xkMW1wQ1lyUmRFS3VwZjd1S0p1Q2t3a0ZGTkNqRC94VUhPb1JCU2c1RDhocmE1Z3NNeDVWMnYwK1FESnRzNFp0N1QyMFR2R3QwM21NVHVva0w0Y2x4dUVRRWd3eUVLMytidG5pd0xaRGowdzNUYjMiLCJtYWMiOiJiN2ZkYTRkYjRhMDA0MjcwYThhYzU1ZDNjNzRhNGQ5MTBhNmVlNzkzZTUwYzNlNGM1Y2MzZDQzOWM2NTQyYjkwIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InozeWsyazJDZXF6SmFlNWNBSDFIbUE9PSIsInZhbHVlIjoiNEhiQTRuSW1mTHgyeUdOZ3Q4Z3g2RFJsTFkvYkhyY0ltYlFjWVFBTmhwaUdSUEdnUDZEeVhadm1FV2pXYjhVN2d1ZU9lS0VBK0F3TFphendwSjZqREVYZEg4N2VBZTc5TC9EcmNjZi9qWWFsWEV2eS9ieEg4RlZ0TnEyQkQxa08iLCJtYWMiOiI1OThiOTZhNWU5ZjUwOTQ2Y2MxMjc0MmFkNWM1NDVjMzhhM2JiNGMzYTYzZDRjMmM1MWZlZjU5YzNkZjBhMzgxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a732a01f-1563-4bc1-956c-b89e1f272e9c%22%2C%22lastActivity%22:1673997526901}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997526902}
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:19:04 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
static.hotjar.com/c/hotjar-2895475.js?sv=6
143.204.55.37200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 143.204.55.37:0
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 17 Jan 2023 23:18:08 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ca40e314382246365dfb77a3d72171d9
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a5S1y9LZXZBstTLbD3UY--i-gY3MXSQ-S_9gBOELkdj3JoT-kLjYcA==
age: 57
X-Firefox-Spdy: h2
kit.fontawesome.com/f7165dd215.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.22.52:0
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:19:02 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fzrl33UjBR4Ky8yId-fh
cf-cache-status: HIT
age: 55
server: cloudflare
cf-ray: 78b2d041e9650b65-OSL
content-encoding: gzip
X-Firefox-Spdy: h2