firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 15 Sep 2022 23:10:40 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: aC0q7yLtXxkY9gDltpQ6LnkdXA7yrlZODP8CR-fncRvHLTiizOzf0Q==
Age: 33
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 96daaf84cd2c07756756caf7a2724a29
d24d47c68eec98d44bf341dab9d893df97103e1a
fef9ce9f75ec19e7ae2ccbffb6654db2473a2b4acc94c1b4303e5ec24149465f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FEF9CE9F75EC19E7AE2CCBFFB6654DB2473A2B4ACC94C1B4303E5EC24149465F"
Last-Modified: Thu, 15 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14504
Expires: Fri, 16 Sep 2022 03:12:57 GMT
Date: Thu, 15 Sep 2022 23:11:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 15 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 41dc61beb3fe8e8c2c299a2522d8330c.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: gzQ7B4NWDgv1FRXTwyDrJCcOZq7DqdWDo669tmNvV_GMDUoaXPgavg==
age: 66958
X-Firefox-Spdy: h2
la514.com/
154.55.137.10301 Moved Permanently 162 B IP 154.55.137.10:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 23:11:13 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://la514.com/
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: MISS
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 23:11:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 15 Sep 2022 23:03:22 GMT
Cache-Control: max-age=3600
Expires: Thu, 15 Sep 2022 23:35:04 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Jc7XYrzak_tWSXX1qorrmcPmgxPu-UjhfjPPSe0RJKd0jRlleGqCsA==
Age: 472
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 175593560cb035494d5be47ba022fcee
221257613e4dc186e37bfb97c28df28d503c0f4f
3eb69560fcab41924d8f4e38dab85d67d169bda410d4f61cf386fbba421be78d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3EB69560FCAB41924D8F4E38DAB85D67D169BDA410D4F61CF386FBBA421BE78D"
Last-Modified: Tue, 13 Sep 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21541
Expires: Fri, 16 Sep 2022 05:10:15 GMT
Date: Thu, 15 Sep 2022 23:11:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d597af1ab2f21a983bf0f0d105b94209
9d5dd938777abde094c89066b539141a02106b88
a614eb7f969544c8040642be7c852625341e2441e757d063d2af1ff465c8c3f4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4916
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 15 Sep 2022 23:11:14 GMT
Last-Modified: Thu, 15 Sep 2022 21:49:18 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
la514.com/
45.125.194.118301 Moved Permanently 0 B IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 301 Moved Permanently
Date: Thu, 15 Sep 2022 23:11:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq; path=/; HttpOnly
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-control: no-cache,must-revalidate
Location: /index/user/login.html
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: MISS
push.services.mozilla.com/
54.189.35.180101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.35.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1DXLle2Z9cKqXmSiw5V5Ug==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GQGPCSSAzahCMW2/s2VaInkYSwM=
la514.com/index/user/login.html
45.125.194.118200 OK 4.1 kB URL HTTP/1.1 la514.com/index/user/login.html
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (4280)
Hash 20c6dd203f92062b3032671679a44a91
e32511161f3a79457b3d148613af4084eb68e8f4
16d86bfe54f40f0a16cc6d4e9e309c23a42eca6905458dbbda81fd7018c6f81b
Analyzer Verdict Alert fortinet Phishing
GET /index/user/login.html HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:14 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: MISS
Content-Encoding: gzip
la514.com/static_new6/css/app.4e7da7f7.css
45.125.194.118200 OK 4.4 kB URL HTTP/1.1 la514.com/static_new6/css/app.4e7da7f7.css
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type ASCII text, with very long lines (13807)
Hash 577718b8381dca6eaee4fea1276e376a
eff97c960a0e4223570c5dab4db337b200caff4b
ddd5df4e3ba391670d5d6621ffa03dbabc8296cfaf7bae205d60c91b1302881c
GET /static_new6/css/app.4e7da7f7.css HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 24 Jan 2022 06:42:29 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"61ee4a55-3776"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new6/css/app.cae3284d.css
45.125.194.118200 OK 4.4 kB URL HTTP/1.1 la514.com/static_new6/css/app.cae3284d.css
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type ASCII text, with very long lines (14414), with no line terminators
Hash ffa81bee8555c509744b3eaff7b9906d
4681280bf7c8f9dffe52825e23a9afb694a90e39
fda8c54b51c2465383ae2eeff3f2050e4a047589ecdd11c7e229e7a0d2c36864
GET /static_new6/css/app.cae3284d.css HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 08:25:27 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"62553777-384e"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new6/css/public.css
45.125.194.118200 OK 5.2 kB URL HTTP/1.1 la514.com/static_new6/css/public.css
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type Unicode text, UTF-8 text, with very long lines (3958)
Hash 1beb9d9ddd4c69a1cbbc1725808848d3
6dc8bdbeebbda430d200fde908fa22093586eba7
a2c7bd81039ce6d1b51b68e581eb55245eb24e88d6646a4580f5b9d988666b5e
GET /static_new6/css/public.css HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 11 Jun 2021 10:56:46 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"60c3416e-2fa2"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fa7affc9640769ecfbbae35a5dfc9812
dd2e465395c3e677796d283a06e38dd42d155144
c70acd2b2e6bad75256cc58548137a4f48d12708777c19f2ec3b91d715690342
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C70ACD2B2E6BAD75256CC58548137A4F48D12708777C19F2EC3B91D715690342"
Last-Modified: Wed, 14 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Fri, 16 Sep 2022 05:11:15 GMT
Date: Thu, 15 Sep 2022 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17904
Expires: Fri, 16 Sep 2022 04:09:39 GMT
Date: Thu, 15 Sep 2022 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17904
Expires: Fri, 16 Sep 2022 04:09:39 GMT
Date: Thu, 15 Sep 2022 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17904
Expires: Fri, 16 Sep 2022 04:09:39 GMT
Date: Thu, 15 Sep 2022 23:11:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 35f3deb94b2a985eb02f5a14f033c44f
2076e4cb6faf9a7bf1cbfc8947db9a8550f556bd
1d5c76a54a4ab121ccf5f456516ec99fb7f5129a491e078d97c749b94060970a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1D5C76A54A4AB121CCF5F456516EC99FB7F5129A491E078D97C749B94060970A"
Last-Modified: Thu, 15 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17904
Expires: Fri, 16 Sep 2022 04:09:39 GMT
Date: Thu, 15 Sep 2022 23:11:15 GMT
Connection: keep-alive
la514.com/static_new/js/common.js
45.125.194.118200 OK 831 B URL HTTP/1.1 la514.com/static_new/js/common.js
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 6a7dea41f67c80763b0ed250f35774f9
66591437684ab3cd676573cd1f4f43a6f9f91eb9
f28e9d09cf095ebe5d0588618717174b5d32d739c27fffe4dc5bf0286766c517
Analyzer Verdict Alert fortinet Phishing
GET /static_new/js/common.js HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 29 Mar 2020 15:03:22 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"5e80b8ba-84e"
Expires: Fri, 16 Sep 2022 02:49:09 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new/js/dialog.min.js
45.125.194.118200 OK 5.7 kB URL HTTP/1.1 la514.com/static_new/js/dialog.min.js
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type HTML document, Unicode text, UTF-8 text
Hash 5b7f4a1fccbe737cd83cc6ca4793cd6a
84119308ba38440b1509ece33b15b821fd1c51e4
632f287b0c39b870aa81a41e67839dfe90e29ab439af360d508167a8cfab37f6
Analyzer Verdict Alert fortinet Phishing
GET /static_new/js/dialog.min.js HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Wed, 29 Dec 2021 08:38:36 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"61cc1e8c-6d04"
Expires: Fri, 16 Sep 2022 02:49:09 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8bedb04287b8f09d30fed0ae386b9bcc
2b8a6de0faac5c1a99b48c28da9c05f520ef6add
cec3955f3330184ace4388b7c00262b52c9ca43e9ece6fb8f2fdec2ee9e53a9e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8e3eca0d-da18-4b3c-8625-afa9f187d0e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4955
x-amzn-requestid: e7c21397-14e0-42fd-86f3-3f1e6940da8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhU0zG1uIAMF_mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b51-386abef75b6435a0656e86cd;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: w0izptVhe4GTDP0l4M18uTvK6vQeKiiaGSZ5UfZATWGIyjL5C8sURQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:55:30 GMT
etag: "2b8a6de0faac5c1a99b48c28da9c05f520ef6add"
content-type: image/jpeg
age: 4545
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.fafa.asia/static/index/js/nosafari.js
154.64.15.48200 OK 504 B URL HTTP/2 www.fafa.asia/static/index/js/nosafari.js
IP 154.64.15.48:0
ASN #139646 HONG KONG Megalayer Technology Co.,Limited
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 65a6342a836171a0831e43dc4b769b60
d4c8ae485d36df79e701ca87809347ab2d2e4581
299388cf45a905e0aac10596619326b32a83837b1f9bc06a8a7e64f94127df6b
Analyzer Verdict Alert fortinet Phishing
GET /static/index/js/nosafari.js HTTP/1.1
Host: www.fafa.asia
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 15 Sep 2022 23:11:15 GMT
content-type: application/javascript
content-length: 504
last-modified: Thu, 30 Apr 2020 07:11:18 GMT
etag: "5eaa7a16-1f8"
expires: Fri, 16 Sep 2022 11:11:15 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6572617127bde36c63aa1163e3352688
d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c
91fdabb99b1317407413b424f50ad025c0578a57d89a0f4c8228d91a36b8e6c0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F09103090-a36c-4678-bb8f-b717f544ca1f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6820
x-amzn-requestid: 3aab395b-9355-4a3a-b033-73420df43ee5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUksFUxoAMFr4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239aea-5be8dbdf57158b0e37ee719f;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: I8QSOY13buUN6y89zoSzcjZmV8EygMJUdiPiVouUi4a5LHBJ3AM3wQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:48:32 GMT
age: 4963
etag: "d97c94761ed3c1fc84ab46dcc77405e7b8c7c71c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 300d3b6181f9bcb7318b0706646787fa
9cf371e2ecdd46de7ea1290bb158b144a9de57bb
7059364a6076210e603301e0e3ad0009a5c1cd0b8821e321f704532e17b95e5e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbf0d71b3-30ed-483e-8bef-18d7a833ff57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6560
x-amzn-requestid: 0532b908-dbda-4d51-8574-dba85e33bfcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YUrG7GTnoAMF9-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631e8bc5-35c25a2a76c8e0db6d7b06df;Sampled=0
x-amzn-remapped-date: Mon, 12 Sep 2022 01:30:45 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Xvgf5sF1GJNaJ2uERewkTcfwr3cUHVwU8-CXI7fK2K4t6JCsyPnzJg==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 22:27:11 GMT
age: 2644
etag: "9cf371e2ecdd46de7ea1290bb158b144a9de57bb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3a4ed510756efe784c4ca84c61c4b5ba
10262867cfb19d3ba8f618e235d1a98531048f34
b5ba0de5ce381579e49e3e3c23244048fc8aac693ce0c977560f28b9a51f6a0b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc7e55a42-9f36-46db-9415-ab10753c0fb8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10163
x-amzn-requestid: 7c849e5d-468e-4f6a-ad44-c7995bfa81bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYvuGFU5oAMF_Og=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202cc0-5376d2432c79a3146b6c29f4;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:09:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: XGVoNQZeoG0AQ6LabPW2Zg7pAQqdl-bGTFAhbNpLlgTWNWx55-wEUQ==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:14 GMT
age: 5161
etag: "10262867cfb19d3ba8f618e235d1a98531048f34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f61608eae6c6b04627343f86832ba892
89c6a9d2cbe149235409a42424a0c7c91593d7fb
382e3f8d016a88e952f6a8da65b8933c345497bcb7b76cd27ad58ec021e023a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2e1c925-7f52-4acd-b350-ece9de960341.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9349
x-amzn-requestid: a4654952-01b4-43cf-a4a5-638a012cc3e0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhVAAH5foAMFqFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239b99-4d4883b824ac4fcf14a53983;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: E1ybwRysIph_3C8YOM81bvRNYk9q8AdOij_mIzLgDkRF7d88DA4PNg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:50:35 GMT
age: 4840
etag: "89c6a9d2cbe149235409a42424a0c7c91593d7fb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c6df210d4ad73c1cb4bf14a8b68aaaf6
50cb093cd31e53a67e0a27d9ce9439fbb8a03df8
832d746a04665e8fd808e02a3d4c4d2525fb55e8685f2c654836ebea37c4ca92
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2cc7f760-37bd-48b3-a202-6f1423e82c4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8551
x-amzn-requestid: fcb8406f-a0a4-463a-8d6c-86a465867db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YhUkiG2FIAMFQsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63239ae9-4e2927b52b5ac3f907f52027;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 21:36:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: f7ER8lbphHucpnBSlWF1oGktAVq-lmLrZQUtLCSXrkEYdhYYaX6W3g==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Thu, 15 Sep 2022 21:45:53 GMT
age: 5122
etag: "50cb093cd31e53a67e0a27d9ce9439fbb8a03df8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
la514.com/static_new/js/jquery.min.js
45.125.194.118200 OK 31 kB URL HTTP/1.1 la514.com/static_new/js/jquery.min.js
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type ASCII text, with very long lines (65450), with CRLF line terminators
Hash 1483abeb4048ead216490810c081431a
c3782cd90ddfec7e83d45080d0e48bcf64e590f1
a8d9f56a93e71493a9b7e1a21823e60c11257b56f84f691a6289ba0578c05350
Analyzer Verdict Alert fortinet Phishing
GET /static_new/js/jquery.min.js HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 15 Feb 2020 12:13:14 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"5e47e05a-15851"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new6/css/chunk-vendors.6442bc31.css
45.125.194.118200 OK 36 kB URL HTTP/1.1 la514.com/static_new6/css/chunk-vendors.6442bc31.css
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type ASCII text, with very long lines (65536), with no line terminators
Hash bdc7925399e189ed5f7f42b58673d1b3
2f6bf074df4e2c87272c96a9f71d6ba8864a39d1
c53fb4fe0a28913824c01f051d322e3793b5e438000436376df0a732ef871c75
GET /static_new6/css/chunk-vendors.6442bc31.css HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 10 Jun 2021 18:14:52 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"60c2569c-15675"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css
45.125.194.118200 OK 278 kB URL HTTP/1.1 la514.com/static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type ASCII text, with very long lines (11728)
Size 278 kB (278177 bytes)
Hash 731e4ead9a214102e423828880adcf20
7892ded7dc794f623014f3ac5f4f1814e90f662a
f55e2a3fd1fa8e90b4a216a121bff7e678baf9369a1bebf1e843acb7b8721afc
GET /static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:15 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sat, 14 Aug 2021 13:08:46 GMT
Vary: Accept-Encoding, Accept-Encoding
ETag: W/"6117c05e-b24e7"
Expires: Fri, 16 Sep 2022 02:49:08 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Content-Encoding: gzip
la514.com/static_new6/img/passwd.png
45.125.194.118200 OK 1.1 kB URL HTTP/1.1 la514.com/static_new6/img/passwd.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 34 x 38, 8-bit/color RGBA, non-interlaced\012- data
Hash 27097e763ec3c849bcbd7cd89877781e
82e223cb15ef9b8437bc62fed6bc817882e22b32
f29ef964ca5553534990ec46a766c7ae9506506eb941a697b37156dffa2d3d8a
GET /static_new6/img/passwd.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 1121
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 04:55:01 GMT
ETag: "62550625-461"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
la514.com/static_new6/img/name.png
45.125.194.118200 OK 1.0 kB URL HTTP/1.1 la514.com/static_new6/img/name.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 34 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash 2bf8aba3652f2b4ead995a69618ba5eb
ea0a861044155bcfe3dedcc97a76421c8945ec12
039902baa58ff8b562aecd67290fc4751a8a7023d7c8e020f409666f95f802eb
GET /static_new6/img/name.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 1024
Connection: keep-alive
Last-Modified: Tue, 12 Apr 2022 04:55:00 GMT
ETag: "62550624-400"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
la514.com/static_new6/img/successIcon.4375564d.png
45.125.194.118200 OK 7.1 kB URL HTTP/1.1 la514.com/static_new6/img/successIcon.4375564d.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data
Hash 4375564d11a4dc1b4756e57d55140056
16715802c4b6ca8031b5075b48811e315e846618
a9743e4d870d471fac99e117ee8e2691952e9634656aea871b138766f4ce9317
GET /static_new6/img/successIcon.4375564d.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 7074
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 10:54:32 GMT
ETag: "606ee0e8-1ba2"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
la514.com/static_new6/img/loadingIcon.a880485e.png
45.125.194.118200 OK 5.4 kB URL HTTP/1.1 la514.com/static_new6/img/loadingIcon.a880485e.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced\012- data
Hash a880485e723ead6db8703d10914f9545
9f0cfc4bef07164e47963509d12f9159cd466bd1
7434b16e08a2dbe7fab69a7ebbc2344705e67ee982ebfea3920c2ac488b06b95
GET /static_new6/img/loadingIcon.a880485e.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 5447
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 11:11:32 GMT
ETag: "606ee4e4-1547"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
la514.com/static_new6/img/headbg2x.3f968caf.png
45.125.194.118200 OK 13 kB URL HTTP/1.1 la514.com/static_new6/img/headbg2x.3f968caf.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 750 x 169, 8-bit/color RGBA, non-interlaced\012- data
Hash 264f9ea7a310c0778fdfc9f560b46a2b
4cc17d8c52282bb90b98ae0e70b97e83f115817f
e56c6cab894f119fd49b030f31146fcad27b057be4d9b38a30fb9c4426de3d2a
GET /static_new6/img/headbg2x.3f968caf.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/static_new6/css/public.css
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 12767
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 15:51:44 GMT
ETag: "63122690-31df"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes
la514.com/favicon.ico
45.125.194.118200 OK 12 kB IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 89 x 101, 8-bit/color RGBA, non-interlaced\012- data
Hash d22689c044f347076d89a6ca4feec5fe
12c64d90cc1efcad4420de27dccae4535eefa8bc
f1eff40ca74ef3471e7a148f564bb74d95454885320df9ad51bc441c991ab1bb
GET /favicon.ico HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/x-icon
Content-Length: 11849
Connection: keep-alive
Last-Modified: Sun, 05 Jan 2020 15:07:54 GMT
ETag: "5e11fbca-2e49"
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: EXPIRED
Accept-Ranges: bytes
la514.com/static_new6/img/xxlogo.png
45.125.194.118200 OK 132 kB URL HTTP/1.1 la514.com/static_new6/img/xxlogo.png
IP 45.125.194.118:0
ASN #63930 READY SERVER PTE LTD
File type PNG image data, 821 x 821, 8-bit/color RGBA, non-interlaced\012- data
Size 132 kB (131913 bytes)
Hash 1a08f1c889c97cebcce276af2ceab016
24043c6534d078d1fa18e8c89dc5dc4a3a726c15
369e7ffec2260427ea7f3ce92b4e2c1a1feee454c9502ebe6b69d39bac9deadd
GET /static_new6/img/xxlogo.png HTTP/1.1
Host: la514.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://la514.com/index/user/login.html
Cookie: s500c7fc2=csl3skfgn3pc0occs2iole7jmq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 15 Sep 2022 23:11:16 GMT
Content-Type: image/png
Content-Length: 131913
Connection: keep-alive
Last-Modified: Fri, 02 Sep 2022 15:52:02 GMT
ETag: "631226a2-20349"
Expires: Fri, 14 Oct 2022 02:35:05 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
Server: cdn
X-Cache-Status: HIT
Accept-Ranges: bytes