Report - knowlzcomp.com/public/3OqFr9VHAOwIIpVhRKQZFTg4VtWDDVpN

Report Overview

Submitted URL
knowlzcomp.com/public/3OqFr9VHAOwIIpVhRKQZFTg4VtWDDVpN
IP
162.241.149.217
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-01-17 11:04:26
Access
Website Title
Final URL
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
5
Network Intrusion Detection
3
Threat Detection Systems
24

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	95.101.11.115
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	2.6 kB	104.16.87.20
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	421 B	6.7 kB	104.17.25.14
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.3 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.41.11.218
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	650 B	104.18.22.52
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150
knowlzcomp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	9.1 kB	2.1 MB	162.241.149.217
ka-f.fontawesome.com	3598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	49 kB	172.64.168.22
killbot.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	451 B	1.0 kB	104.21.11.160
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.lr-in.com	13237	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	1.0 kB	104.21.234.145

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-17 11:04:16	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-01-17 11:04:20	medium	Client IP	192.169.69.26	ET INFO DYNAMIC_DNS HTTP Request to a *.duckdns .org Domain
2023-01-17 11:04:23	high	162.241.149.217	Client IP	ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-17	medium	knowlzcomp.com/public	Phishing
2023-01-17	medium	knowlzcomp.com/public/	Phishing
2023-01-17	medium	knowlzcomp.com/public/js/app.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	knowlzcomp.com/public/	135 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/ IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:38:51 Last Seen2023-03-13 01:38:51 Times Seen1 Hash 5ea978635fce79260bf8022f871a2b5b bff86999839b7e2ea1dd2f47cb925530f6fc9bc3 1c464b7f806dcaa3f63ae441475d3523321ffe7f1226c824e1bbc879eefd8c98 Loading...

	kit.fontawesome.com/f7165dd215.js	11 kB	2023-03-08	2023-03-18
Pretty URL kit.fontawesome.com/f7165dd215.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:23 Last Seen2023-03-18 03:33:30 Times Seen1 Hash e5056bb4f9e1612bdf780e2ffb0f97a5 c471728fa07baccc5201a31687c0e745d933554c da3060b6585615d3c5886f83d756e8c61eb6de3520b8868bd986261b800f9314 Loading...

	knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb	551 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:38:51 Last Seen2023-03-13 01:38:51 Times Seen1 Hash a7270149d3ca9c8655f00179d24be9a1 77b6292887039c7abb3ea0cf36a284dfa5e96802 f70b8098d49c63872e00e0f2bd306cee728f377e0be188917150924d090601e7 Loading...

	knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb	499 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:38:51 Last Seen2023-03-13 01:38:51 Times Seen1 Hash f81b96387232c4fdf76dfef890316a20 35dbaf07cccdf425a86754e11e66d080df19d7a0 0cdd59805d9d0b492cd0aa8d9a69bd6d226285ad6553e078ad20e9e348ba7a26 Loading...

	knowlzcomp.com/public/	214 B	2023-03-08	2023-07-31
Pretty URL knowlzcomp.com/public/ IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:36 Last Seen2023-07-31 16:36:07 Times Seen183 Hash f78670a83fe6d73e2bb5491143b824e8 5c5334c46bc30c023ae97139bb51855155d3fb33 0e3cf2f662457b247bb427e42328bb76d8c70b45df152cf3e27dd750af2cf3fd Loading...

	cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js	2.7 kB	2023-03-07	2024-07-16
Pretty URL cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js IP 104.16.87.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:54:49 Last Seen2024-07-16 00:04:38 Times Seen457 Hash a652ab92584024571b6ea0f3255eb380 9266ee9ab680b63d7205d6bc65b9767513d162a5 a8831773f69697c641e349c519d162ad5afe58cc583703d96f98a79d29087ef1 Loading...

	knowlzcomp.com/public/js/session-recorder.js	45 kB	2023-03-07	2024-07-27
Pretty URL knowlzcomp.com/public/js/session-recorder.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:33 Last Seen2024-07-27 00:33:08 Times Seen22986 Hash 701984b4995f3c29820e83c999b7eb23 a3b50104a3bfa05bf59a317273816c7d8ae1f81d 67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee Loading...

	cdn.lr-in.com/logger-1.min.js	820 kB	2023-03-12	2023-03-13
Pretty URL cdn.lr-in.com/logger-1.min.js IP 104.21.234.145 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-12 22:26:39 Last Seen2023-03-13 01:42:55 Times Seen1 Hash f7cddafbad39561b4236967a88f8b066 2164db1a614f2047ba3c9852c77471ad5d66b754 be05ca8581024f95fce229ac65bfc1b0606e74892999c171b176fbfca4b2a194 Loading...

	knowlzcomp.com/public/js/app.js	1.6 MB	2023-03-07	2024-07-27
Pretty URL knowlzcomp.com/public/js/app.js IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:51 Last Seen2024-07-27 00:33:08 Times Seen14860 Hash fd900f643203761f2eeca2132fc15f1d 375f23ca9ad75b647373bda03b02e2d0f6e729be 399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68 Loading...

	knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb	391 B	2023-03-07	2024-05-06
Pretty URL knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:49 Last Seen2024-05-06 05:48:36 Times Seen2265 Hash 80de9b2b722e432581322cc3c51a88f1 48ea5d8c88c33cece64863a14ba87f02f8094436 de4565f7ec2b50b5adfee37223556a4c0cb911cb4fa1057942646ee83e51051e Loading...

HTTP Transactions (35)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4b8b051d555b46b1e9e64faebf91b4ab
bdab7f1f4146f0e7c16665692e4f1edd83c10a24
e069730519f658e767ec8edb57edd8e2b1ccb18d4f0ade0920654eac18f83456

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E069730519F658E767EC8EDB57EDD8E2B1CCB18D4F0ADE0920654EAC18F83456"
Last-Modified: Tue, 17 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16528
Expires: Tue, 17 Jan 2023 15:39:43 GMT
Date: Tue, 17 Jan 2023 11:04:15 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5501
Expires: Tue, 17 Jan 2023 12:35:56 GMT
Date: Tue, 17 Jan 2023 11:04:15 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 10:42:17 GMT
content-type: application/json
age: 1318
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d6e2abd68203014e8e24d4a9e20e980a
5edbbb1a36083d5077b90b82e7aa10049e90c5d6
88cf8dae194a5e92a8c36a4c54ae71a609eaaed6e99d3986b3834c40d2fceeaa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "88CF8DAE194A5E92A8C36A4C54AE71A609EAAED6E99D3986B3834C40D2FCEEAA"
Last-Modified: Sun, 15 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12733
Expires: Tue, 17 Jan 2023 14:36:28 GMT
Date: Tue, 17 Jan 2023 11:04:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 8Ha/3tFQC1o1vMYL28mzyx8D+e+gfFKBJaAdLKu+Tc67J+Hmw92eiv/WvmkfoYwze8+e1AtyddKrPSiBMJeeDw==
x-amz-request-id: Z68NDWZYJJJ1VRN3
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 10:44:58 GMT
age: 1157
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 11:04:15 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 10:17:25 GMT
age: 2811
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d03545e1fc5a8876441094039811aac5
99fcc840f3516298625c528e9b408132f7fcbb9c
166fa7c7bb716b2cd02a47884ee00df31030dfb4b2a6fdae7b59b19f87739123

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6583
Cache-Control: max-age=85940
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:04:16 GMT
Etag: "63c513ad-1d7"
Expires: Wed, 18 Jan 2023 10:56:36 GMT
Last-Modified: Mon, 16 Jan 2023 09:06:53 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.41.11.218

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.41.11.218:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9Ev0hQwfcEXVd9hRGmMJCA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kqVvBgOCZY0wk6k1YIdYEd3hJkI=

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3437
Expires: Tue, 17 Jan 2023 12:01:34 GMT
Date: Tue, 17 Jan 2023 11:04:17 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6b6a65d2536cc8f99e68793ae265b595
f65e75f8419bd83e26f49def7fa2604db5f77b4d
94b31f7663e4917e8e97079202ef9fa340766f1ebfc2601360618d947f7dabc9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94B31F7663E4917E8E97079202EF9FA340766F1EBFC2601360618D947F7DABC9"
Last-Modified: Sun, 15 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3437
Expires: Tue, 17 Jan 2023 12:01:34 GMT
Date: Tue, 17 Jan 2023 11:04:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9529 bytes)
Hash
ad210f0ba6ce6930724549cbba76e83d
e4badc3fbca9913bc11d968dac5cad1f900ff492
ad5f754d5dbe870feabfe090a46838614e96d72e78b9a2a8010ab339c67130be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9ad391a3-52d8-4a92-ab46-4ad076c43cf8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9529
x-amzn-requestid: 56f2b9a5-91c6-421a-ad84-165376e23dcf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tm6Fm-oAMFrDQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c2f8-67a0c1fe6aad6e6b71e50463;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:34:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mzmFGVDfMuZte5CJUmchEQIVAuDUKdGfUpm7PRTUqnsP44IcDmbl8A==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "e4badc3fbca9913bc11d968dac5cad1f900ff492"
content-type: image/jpeg
age: 47882
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7f5c64c-06d8-4527-a53e-4dd0bbe44138.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8878 bytes)
Hash
c5cf59ac2200ddefc7b1019ac885adb0
5c3c71108063bfa193b848023ee3e5b17c0df978
785fb702d7a2386ec92e5d33e44cb826d38e21b724df3a7ceedb3a5d05cf9c87

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa7f5c64c-06d8-4527-a53e-4dd0bbe44138.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8878
x-amzn-requestid: 02bc1bf0-b606-45b1-8f2c-3c1ed274db15
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ezbP5GZtIAMFb9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c47265-30419ed51f5603314bd9e4b6;Sampled=0
x-amzn-remapped-date: Sun, 15 Jan 2023 21:38:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Mm0qplBOGJFIpjDa24aFcmKqh4MC9VbVCVWN9jKNFV4Bs3qqLDbvXw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 22:04:38 GMT
age: 46779
etag: "5c3c71108063bfa193b848023ee3e5b17c0df978"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10660 bytes)
Hash
ec0e283376914297c3fb2464ed15a31b
acd84e057b6c618fd3b31915983998c00fe21dc4
3d02b82d8f6a00703de7594f5b34baf0010294c1a7023818344ca341e4ac203c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f84f3a0-4f01-4cfe-bde0-a7d64664f3d7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10660
x-amzn-requestid: ac5d6edc-5228-4318-a99f-c08d3265aa87
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3HXpH4PoAMF78Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5ec30-044bf7c40e44de637c0c2dba;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 00:30:40 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6wALvrvX2EOL6xe6U3Vf2Xmcx_Nmh0mHXveaX1mZL1yUzOLdKg8f_A==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 00:45:05 GMT
age: 37152
etag: "acd84e057b6c618fd3b31915983998c00fe21dc4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

15 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
15 kB (14703 bytes)
Hash
fefb1f12a78ad92ed309da2c54984a3c
caf58bf6276e226a20a0d0cf6fc3d422f922eb28
baf6596c635254885f32e423cbc5667694754243f01109cbdbeb54c337b16bc2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F04b94725-ff4a-4bda-82a9-4efa8d9c4276.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 14703
x-amzn-requestid: bdc14ffc-297a-4046-9a4f-26d454f6f9be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2trpGZkoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c317-58908dd71980be98200e8f6c;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: oqw0_4rVitBtqGh0oigqr5VmH0oVghH9SQiW1bRvMGsIX6fb8iRR0Q==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:46:15 GMT
etag: "caf58bf6276e226a20a0d0cf6fc3d422f922eb28"
content-type: image/jpeg
age: 47882
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.8 kB (7800 bytes)
Hash
57828b7affae7633b38d0fb6057b894d
db4cd956ba7e1e6b43174c250b7d4f1193277be9
26d83d511af9583a8f0a9ef1bd2ce3deab3ca42fa2c2ae141b61cd123afa9625

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2a588566-7d22-4b47-96ce-ee6bb56e4898.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: eac845c9-b10c-4fce-b2ff-01b4111b506e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2OjhHp_IAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c59149-0058376c385a7bf91e07a395;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 18:02:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: FtmoLO8c5S2uN0aj1HxWjVMg31vndNF2iKRJoJXmow1Hbb0NIHm9Cw==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 18:16:36 GMT
age: 60461
etag: "db4cd956ba7e1e6b43174c250b7d4f1193277be9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a57f270-98a9-442f-9239-76f1b01be9ae.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9186 bytes)
Hash
11978fd8515619467879303c76a11092
178546ab6c6779129e49f2a7bd80560cf08fbf7c
3f4bd577a740e0b2fcfb38ba4edd72cef3d2a8da7b5949eef33b2c04d417dca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a57f270-98a9-442f-9239-76f1b01be9ae.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9186
x-amzn-requestid: 4b5ea40c-6349-4748-9263-0770f7bc63f0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e2tAVH7iIAMFj_A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5c201-54b832f14fbf83d03590bbeb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 21:30:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: DYSmK9zy0k8OJAOLaY7FH_FTmEdJBFp7wDZEct8h7XDvyKpyariTZw==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 16 Jan 2023 21:51:54 GMT
etag: "178546ab6c6779129e49f2a7bd80560cf08fbf7c"
content-type: image/jpeg
age: 47543
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

knowlzcomp.com/public/3OqFr9VHAOwIIpVhRKQZFTg4VtWDDVpN

162.241.149.217

302 Found

358 B

URL HTTP/1.1
knowlzcomp.com/public/3OqFr9VHAOwIIpVhRKQZFTg4VtWDDVpN
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
358 B (358 bytes)
Hash
9dc80158f2ead5a9752b15aa8136587f
b68726bd330824878fd1211cfd32ee65c505ae4b
aa3d4d4b0739d18f8b5bf46d25ae1688e32180aaf392bbd6bf10e4ba8f44fdaf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /public/3OqFr9VHAOwIIpVhRKQZFTg4VtWDDVpN HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 11:04:16 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InY2RFhLaHoyNGtnakJ0VXJKajVmcWc9PSIsInZhbHVlIjoiSEVDaUNLeXBnR1dUNGhLbUFBK3JCeEQrTmNlN2tFb3hwUE1HWnpsVGpKTDhmYzl0TmxSK1d5VTgyYVE4QVVkUitVdmVTdnhlUnVwdTYvSndieWx2MWN2U01NRGw3THFUeHBrZndkS1JuNTdNTWowdHQrWFhObFlJSGFUc05sRFIiLCJtYWMiOiJlYWI2NmMxNThmODkxNzEyYWU3MDg0Yjk0OGQzNTJiMzQzODI4MjJhOTM3MTg2NGIxOWY1ZjcyM2UyY2Q1MDI3IiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:16 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlAxVXRSQTVPaDYxSmUrT09LbHBvV0E9PSIsInZhbHVlIjoiVlVnODJuektERDd3Rm14czgvS1pJUGpWbjBrWEFLY1lOTlpaekNlaU1OdTFCbDhNL2VreGpsTnVUT2lsaE85eVgxdUJFdWpNVTZIUW5Rd3NQZjM3UmFQT0tpYTVzTUNuQUdEVW5rZk8zQWxNdlg5anUvS1JMUGR2SkJvRDJoeGEiLCJtYWMiOiI2MDcwZDk5ZmI1NzRmYzY3MDM2ZTYwNmY1OGU5Zjk2ZjU2ZGEyMTdlYWZiZDZiNjU2ODQ0NmIwZjJkZGNjZGRkIiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:16 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: http://knowlzcomp.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

knowlzcomp.com/public

162.241.149.217

301 Moved Permanently

237 B

URL HTTP/1.1
knowlzcomp.com/public
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
237 B (237 bytes)
Hash
ae976f07e813b2f4322c1590c5c195a2
99aa649a5a8d79d13e9c66f1873611873f58c72d
734a7e56e68c7a61ed7bf920ec6c7095c6d340230d0fda5032414d8883b928ad

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /public HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InY2RFhLaHoyNGtnakJ0VXJKajVmcWc9PSIsInZhbHVlIjoiSEVDaUNLeXBnR1dUNGhLbUFBK3JCeEQrTmNlN2tFb3hwUE1HWnpsVGpKTDhmYzl0TmxSK1d5VTgyYVE4QVVkUitVdmVTdnhlUnVwdTYvSndieWx2MWN2U01NRGw3THFUeHBrZndkS1JuNTdNTWowdHQrWFhObFlJSGFUc05sRFIiLCJtYWMiOiJlYWI2NmMxNThmODkxNzEyYWU3MDg0Yjk0OGQzNTJiMzQzODI4MjJhOTM3MTg2NGIxOWY1ZjcyM2UyY2Q1MDI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxVXRSQTVPaDYxSmUrT09LbHBvV0E9PSIsInZhbHVlIjoiVlVnODJuektERDd3Rm14czgvS1pJUGpWbjBrWEFLY1lOTlpaekNlaU1OdTFCbDhNL2VreGpsTnVUT2lsaE85eVgxdUJFdWpNVTZIUW5Rd3NQZjM3UmFQT0tpYTVzTUNuQUdEVW5rZk8zQWxNdlg5anUvS1JMUGR2SkJvRDJoeGEiLCJtYWMiOiI2MDcwZDk5ZmI1NzRmYzY3MDM2ZTYwNmY1OGU5Zjk2ZjU2ZGEyMTdlYWZiZDZiNjU2ODQ0NmIwZjJkZGNjZGRkIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 11:04:17 GMT
Server: Apache
Location: http://knowlzcomp.com/public/
Content-Length: 237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

knowlzcomp.com/public/

162.241.149.217

200 OK

558 B

URL HTTP/1.1
knowlzcomp.com/public/
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
558 B (558 bytes)
Hash
bfaf5c77a05dd2fadb87dafe8f40b52e
80670696f013a615f2e6d7f8b9f62fa822b9de23
298953e0c2d577995d5f2f977029aa7ebf24df87003fc89dc91ac21db19fefa8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /public/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InY2RFhLaHoyNGtnakJ0VXJKajVmcWc9PSIsInZhbHVlIjoiSEVDaUNLeXBnR1dUNGhLbUFBK3JCeEQrTmNlN2tFb3hwUE1HWnpsVGpKTDhmYzl0TmxSK1d5VTgyYVE4QVVkUitVdmVTdnhlUnVwdTYvSndieWx2MWN2U01NRGw3THFUeHBrZndkS1JuNTdNTWowdHQrWFhObFlJSGFUc05sRFIiLCJtYWMiOiJlYWI2NmMxNThmODkxNzEyYWU3MDg0Yjk0OGQzNTJiMzQzODI4MjJhOTM3MTg2NGIxOWY1ZjcyM2UyY2Q1MDI3IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlAxVXRSQTVPaDYxSmUrT09LbHBvV0E9PSIsInZhbHVlIjoiVlVnODJuektERDd3Rm14czgvS1pJUGpWbjBrWEFLY1lOTlpaekNlaU1OdTFCbDhNL2VreGpsTnVUT2lsaE85eVgxdUJFdWpNVTZIUW5Rd3NQZjM3UmFQT0tpYTVzTUNuQUdEVW5rZk8zQWxNdlg5anUvS1JMUGR2SkJvRDJoeGEiLCJtYWMiOiI2MDcwZDk5ZmI1NzRmYzY3MDM2ZTYwNmY1OGU5Zjk2ZjU2ZGEyMTdlYWZiZDZiNjU2ODQ0NmIwZjJkZGNjZGRkIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:19 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InYvelNpNUZzd0QzdFZsOERDK1EyaUE9PSIsInZhbHVlIjoiRHdSaExySXBPYjhydW1vdjNGYjFxREpvS1ZkSWlnS25ydmRzdElDKzV0SEtxQ2ZacEUxamdOYmhTS0JVOW9vZFNjQjgyRjAwd2lvUkp2K25UVEhBZm5oNDJQNzRmamF3c2QxTWhJNnNYWXFpaEVLaTZ2QmE4WDB0UDNLRW1kaWwiLCJtYWMiOiJiYTE4YmI3NjI2OWIwMTU4MzdlYWViYThjYzMwYTZhMTk3MTUwYzNhMTRmN2U4ZGYzNTBhODk5MDEwODIxZWJjIiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:19 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InBIZFNvZTJpNTVSc1ZLMWFuZ2dyY2c9PSIsInZhbHVlIjoiYjM1OEgzbWV6YUNzYnN6MW81clplL0ZDUU1tVnUrVitEaHNxTDUyNGxxWnBGTEplTUNQQTdSWmZaam9HQUM1MDZXaWdnWnVuRmx4NUthM1FQWmtYdEpZVnlnaW03YzVQNTduRWtVNjFnOVdwd3d0UG5rcUdLY3h5TjdRa1lwVG4iLCJtYWMiOiI5YjBjODY5MWJlMTMxMTk5YjAzYjdkNzNiZmRhOWUwYTcxNzJkYjc4ZmJlNDA1NWZhNDg3M2U1ODEyYjlhMjM5IiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:19 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
1a399c76d9f840bb59b2f9751d969ca9
7a4473a2e1926843e5c67ff9110f4d6acf10eb08
4392eb6b452f76df2bd3b62e64f86452fb95efaed30958ff6ecd4d0df4e0235e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4995
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 11:04:20 GMT
Last-Modified: Tue, 17 Jan 2023 09:41:05 GMT
Server: ECS (ska/F718)
X-Cache: HIT
Content-Length: 279

cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js

104.16.87.20

200 OK

1.5 kB

URL HTTP/2
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP
104.16.87.20:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2400)
Size
1.5 kB (1454 bytes)
Hash
f64c30bdd6605d19564eddf3a27cee13
d7c3c547f06142a738b11b0bc5c650d2ae5b3c11
d804ddf8ed480ac36695c2096407184fb60297f2d4fde007b2f9568650ec263e

HTTP Headers

GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:20 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
x-served-by: cache-fra19138-FRA, cache-yyz4558-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 13399
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=44GewOvyFvnUFc1LFLPid5JBDnbT9Bt%2BQJ3S%2BH5Ecw5WQLcOVhl31H9hLRdy0CLHvPd3a55ZsRq7GsR1wOUyLmEEHrWDh7UmiLnT4%2FXDc1tuYmGPOm2J7kzR2x8qINrbDgY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ae9c06dc341c02-OSL
content-encoding: br
X-Firefox-Spdy: h2

knowlzcomp.com/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb/

162.241.149.217

301 Moved Permanently

269 B

URL HTTP/1.1
knowlzcomp.com/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb/
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
ee56a96e703d8373a8fda343c88890f8
56d3baaabd0d9f4fc58fbe39f14a333938917083
1f695f45cda9117483ed6ffd954f4e88aa38848125355f7f1aaf79352d0bcc7d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /QnYGSLQZADF6PQXFFWBnWbugC28LB7gb/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6InYvelNpNUZzd0QzdFZsOERDK1EyaUE9PSIsInZhbHVlIjoiRHdSaExySXBPYjhydW1vdjNGYjFxREpvS1ZkSWlnS25ydmRzdElDKzV0SEtxQ2ZacEUxamdOYmhTS0JVOW9vZFNjQjgyRjAwd2lvUkp2K25UVEhBZm5oNDJQNzRmamF3c2QxTWhJNnNYWXFpaEVLaTZ2QmE4WDB0UDNLRW1kaWwiLCJtYWMiOiJiYTE4YmI3NjI2OWIwMTU4MzdlYWViYThjYzMwYTZhMTk3MTUwYzNhMTRmN2U4ZGYzNTBhODk5MDEwODIxZWJjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZFNvZTJpNTVSc1ZLMWFuZ2dyY2c9PSIsInZhbHVlIjoiYjM1OEgzbWV6YUNzYnN6MW81clplL0ZDUU1tVnUrVitEaHNxTDUyNGxxWnBGTEplTUNQQTdSWmZaam9HQUM1MDZXaWdnWnVuRmx4NUthM1FQWmtYdEpZVnlnaW03YzVQNTduRWtVNjFnOVdwd3d0UG5rcUdLY3h5TjdRa1lwVG4iLCJtYWMiOiI5YjBjODY5MWJlMTMxMTk5YjAzYjdkNzNiZmRhOWUwYTcxNzJkYjc4ZmJlNDA1NWZhNDg3M2U1ODEyYjlhMjM5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 11:04:19 GMT
Server: Apache
Location: http://knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
Content-Length: 269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

104.17.25.14

200 OK

5.6 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (30837)
Size
5.6 kB (5631 bytes)
Hash
109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 916283
expires: Sun, 07 Jan 2024 11:04:23 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2F%2B6a9LlO6sMKzCBJQOK6XVGe70hcCt30IowmJ4%2BDLs8hNNeMYyxBXtivNlb2RBhgHUpaQ4mUSOguRJAoFkkEL9qpSIoOklXXULiWMBpu76zD9KFCAkuj%2BmgzNNLHUgszdM4dZYJ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78ae9c19086fb515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb

162.241.149.217

200 OK

60 kB

URL HTTP/1.1
knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Size
60 kB (60029 bytes)
Hash
67f1b21ed8b5de281a8fae18cdd0a544
165a4196691e3bf81b905522ae98b1ca81968432
b894f699ade4e96f9ca3f55ca2f6fd519dd094b03a8f4e462b592d62e605298b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	high	ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS

HTTP Headers

GET /public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://knowlzcomp.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6InYvelNpNUZzd0QzdFZsOERDK1EyaUE9PSIsInZhbHVlIjoiRHdSaExySXBPYjhydW1vdjNGYjFxREpvS1ZkSWlnS25ydmRzdElDKzV0SEtxQ2ZacEUxamdOYmhTS0JVOW9vZFNjQjgyRjAwd2lvUkp2K25UVEhBZm5oNDJQNzRmamF3c2QxTWhJNnNYWXFpaEVLaTZ2QmE4WDB0UDNLRW1kaWwiLCJtYWMiOiJiYTE4YmI3NjI2OWIwMTU4MzdlYWViYThjYzMwYTZhMTk3MTUwYzNhMTRmN2U4ZGYzNTBhODk5MDEwODIxZWJjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InBIZFNvZTJpNTVSc1ZLMWFuZ2dyY2c9PSIsInZhbHVlIjoiYjM1OEgzbWV6YUNzYnN6MW81clplL0ZDUU1tVnUrVitEaHNxTDUyNGxxWnBGTEplTUNQQTdSWmZaam9HQUM1MDZXaWdnWnVuRmx4NUthM1FQWmtYdEpZVnlnaW03YzVQNTduRWtVNjFnOVdwd3d0UG5rcUdLY3h5TjdRa1lwVG4iLCJtYWMiOiI5YjBjODY5MWJlMTMxMTk5YjAzYjdkNzNiZmRhOWUwYTcxNzJkYjc4ZmJlNDA1NWZhNDg3M2U1ODEyYjlhMjM5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:22 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlFrcXhVSWlteWJEelM2cnNhZ242emc9PSIsInZhbHVlIjoicU1qRWtET0RxNHRuTXMrZHNSbTJ1dVJjbEtEUnYzTFdleVZFdGdOVzBWcVowUkxJbjNFNDlhOHZpUXdXa3JSS2V0RUwzSGRaWlFsOTBEWm12eXhuckU4Ri9lUURmTktaOVpheXpYMGhpa2tJaFBIc204TkN6VU9LY3VyaUVjRzkiLCJtYWMiOiIzNjhkZWU2ZDdiMmNjMjBhMzViOWExNmFmOWY5YzRiNmJhMzExNTdmZjliYzkyNzg3NGFhZTM2MTZmMmEwODNlIiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:22 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IlY3am1nc1VqQ2NhWW5yd2xXNVQxM2c9PSIsInZhbHVlIjoieWtHZ0Qxb2Y0Qk5lRXVlSVo4Zkx5TkVaWmpSK0ZsOHYyV1lBVVhKaHJaM0g1bXZmbjE1ckxRV0x5akIwNE9COXJzWG9qa3FMQnowQjdFYWE1bENlY0h1SGRRcmdkVUNWQXNKbHhYdzIrQWRmdWNOWnl0STZpaEJhczA4V0RjRzciLCJtYWMiOiIxZDcyZjYzZGFlNWQ5OGU3OTE5Njc3OWJlZTBiODhhZWMzYjkyNWUxMzgwZWJjMTNkYTA1OGJjODQ1MDMwMWI3IiwidGFnIjoiIn0%3D; expires=Tue, 17-Jan-2023 13:04:22 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215

172.64.168.22

200 OK

46 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
IP
172.64.168.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1560)
Size
46 kB (45693 bytes)
Hash
7e8e80ded5ad4f82d744e7135ae107da
e7c3b695b5c7fcad33659fd7353a5bc4e797ea0e
00435b2b8a83a459df234dcb7fec77c62d12ee9b2b2df4b7524f74611972d69b

HTTP Headers

GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81bc7853cdca941dddd27cd956741044.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: OEQdsl69hvVlMYCZDgqbrWUegoLPqj9Ml61PpzFfmt6hrszyQ30Xug==
age: 49227
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LyaDGOic8Qv0o90XelSNRQ%2B6ZYqOeq74gwWqCeLGeJdiVCMRAcEqV%2B3H05mokKCnyZGhJ4ulZ3mbGP8Kv3tjKytscH4aSJ2Gcj6MheF9N1V4chh23MSMFtdVZ0AKtKpeFaHgAtz82w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ae9c199db82406-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

knowlzcomp.com/public/css/app.css

162.241.149.217

200 OK

440 kB

URL HTTP/1.1
knowlzcomp.com/public/css/app.css
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
440 kB (439658 bytes)
Hash
181990cc2279e4cea65c9363fb37fee9
b85a7ba40043b0c48a034d8382629ef7ec6a1e24
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /public/css/app.css HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
Cookie: XSRF-TOKEN=eyJpdiI6IlFrcXhVSWlteWJEelM2cnNhZ242emc9PSIsInZhbHVlIjoicU1qRWtET0RxNHRuTXMrZHNSbTJ1dVJjbEtEUnYzTFdleVZFdGdOVzBWcVowUkxJbjNFNDlhOHZpUXdXa3JSS2V0RUwzSGRaWlFsOTBEWm12eXhuckU4Ri9lUURmTktaOVpheXpYMGhpa2tJaFBIc204TkN6VU9LY3VyaUVjRzkiLCJtYWMiOiIzNjhkZWU2ZDdiMmNjMjBhMzViOWExNmFmOWY5YzRiNmJhMzExNTdmZjliYzkyNzg3NGFhZTM2MTZmMmEwODNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlY3am1nc1VqQ2NhWW5yd2xXNVQxM2c9PSIsInZhbHVlIjoieWtHZ0Qxb2Y0Qk5lRXVlSVo4Zkx5TkVaWmpSK0ZsOHYyV1lBVVhKaHJaM0g1bXZmbjE1ckxRV0x5akIwNE9COXJzWG9qa3FMQnowQjdFYWE1bENlY0h1SGRRcmdkVUNWQXNKbHhYdzIrQWRmdWNOWnl0STZpaEJhczA4V0RjRzciLCJtYWMiOiIxZDcyZjYzZGFlNWQ5OGU3OTE5Njc3OWJlZTBiODhhZWMzYjkyNWUxMzgwZWJjMTNkYTA1OGJjODQ1MDMwMWI3IiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:22 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 439658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

knowlzcomp.com/images/logo.png

162.241.149.217

200 OK

2.0 kB

URL HTTP/1.1
knowlzcomp.com/images/logo.png
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size
2.0 kB (1998 bytes)
Hash
5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /images/logo.png HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
Cookie: XSRF-TOKEN=eyJpdiI6IlFrcXhVSWlteWJEelM2cnNhZ242emc9PSIsInZhbHVlIjoicU1qRWtET0RxNHRuTXMrZHNSbTJ1dVJjbEtEUnYzTFdleVZFdGdOVzBWcVowUkxJbjNFNDlhOHZpUXdXa3JSS2V0RUwzSGRaWlFsOTBEWm12eXhuckU4Ri9lUURmTktaOVpheXpYMGhpa2tJaFBIc204TkN6VU9LY3VyaUVjRzkiLCJtYWMiOiIzNjhkZWU2ZDdiMmNjMjBhMzViOWExNmFmOWY5YzRiNmJhMzExNTdmZjliYzkyNzg3NGFhZTM2MTZmMmEwODNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlY3am1nc1VqQ2NhWW5yd2xXNVQxM2c9PSIsInZhbHVlIjoieWtHZ0Qxb2Y0Qk5lRXVlSVo4Zkx5TkVaWmpSK0ZsOHYyV1lBVVhKaHJaM0g1bXZmbjE1ckxRV0x5akIwNE9COXJzWG9qa3FMQnowQjdFYWE1bENlY0h1SGRRcmdkVUNWQXNKbHhYdzIrQWRmdWNOWnl0STZpaEJhczA4V0RjRzciLCJtYWMiOiIxZDcyZjYzZGFlNWQ5OGU3OTE5Njc3OWJlZTBiODhhZWMzYjkyNWUxMzgwZWJjMTNkYTA1OGJjODQ1MDMwMWI3IiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:23 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1998
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

knowlzcomp.com/images/all.png

162.241.149.217

200 OK

12 kB

URL HTTP/1.1
knowlzcomp.com/images/all.png
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data
Size
12 kB (12499 bytes)
Hash
2cb0b7f615faf2deb9ec6f53d3149a3b
694a2c881c83e2ab86365bf1d16302ac5b9d500f
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /images/all.png HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
Cookie: XSRF-TOKEN=eyJpdiI6IlFrcXhVSWlteWJEelM2cnNhZ242emc9PSIsInZhbHVlIjoicU1qRWtET0RxNHRuTXMrZHNSbTJ1dVJjbEtEUnYzTFdleVZFdGdOVzBWcVowUkxJbjNFNDlhOHZpUXdXa3JSS2V0RUwzSGRaWlFsOTBEWm12eXhuckU4Ri9lUURmTktaOVpheXpYMGhpa2tJaFBIc204TkN6VU9LY3VyaUVjRzkiLCJtYWMiOiIzNjhkZWU2ZDdiMmNjMjBhMzViOWExNmFmOWY5YzRiNmJhMzExNTdmZjliYzkyNzg3NGFhZTM2MTZmMmEwODNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlY3am1nc1VqQ2NhWW5yd2xXNVQxM2c9PSIsInZhbHVlIjoieWtHZ0Qxb2Y0Qk5lRXVlSVo4Zkx5TkVaWmpSK0ZsOHYyV1lBVVhKaHJaM0g1bXZmbjE1ckxRV0x5akIwNE9COXJzWG9qa3FMQnowQjdFYWE1bENlY0h1SGRRcmdkVUNWQXNKbHhYdzIrQWRmdWNOWnl0STZpaEJhczA4V0RjRzciLCJtYWMiOiIxZDcyZjYzZGFlNWQ5OGU3OTE5Njc3OWJlZTBiODhhZWMzYjkyNWUxMzgwZWJjMTNkYTA1OGJjODQ1MDMwMWI3IiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:23 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 12499
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png

knowlzcomp.com/public/js/app.js

162.241.149.217

200 OK

1.6 MB

URL HTTP/1.1
knowlzcomp.com/public/js/app.js
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
1.6 MB (1613806 bytes)
Hash
fd900f643203761f2eeca2132fc15f1d
375f23ca9ad75b647373bda03b02e2d0f6e729be
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /public/js/app.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/QnYGSLQZADF6PQXFFWBnWbugC28LB7gb
Cookie: XSRF-TOKEN=eyJpdiI6IlFrcXhVSWlteWJEelM2cnNhZ242emc9PSIsInZhbHVlIjoicU1qRWtET0RxNHRuTXMrZHNSbTJ1dVJjbEtEUnYzTFdleVZFdGdOVzBWcVowUkxJbjNFNDlhOHZpUXdXa3JSS2V0RUwzSGRaWlFsOTBEWm12eXhuckU4Ri9lUURmTktaOVpheXpYMGhpa2tJaFBIc204TkN6VU9LY3VyaUVjRzkiLCJtYWMiOiIzNjhkZWU2ZDdiMmNjMjBhMzViOWExNmFmOWY5YzRiNmJhMzExNTdmZjliYzkyNzg3NGFhZTM2MTZmMmEwODNlIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlY3am1nc1VqQ2NhWW5yd2xXNVQxM2c9PSIsInZhbHVlIjoieWtHZ0Qxb2Y0Qk5lRXVlSVo4Zkx5TkVaWmpSK0ZsOHYyV1lBVVhKaHJaM0g1bXZmbjE1ckxRV0x5akIwNE9COXJzWG9qa3FMQnowQjdFYWE1bENlY0h1SGRRcmdkVUNWQXNKbHhYdzIrQWRmdWNOWnl0STZpaEJhczA4V0RjRzciLCJtYWMiOiIxZDcyZjYzZGFlNWQ5OGU3OTE5Njc3OWJlZTBiODhhZWMzYjkyNWUxMzgwZWJjMTNkYTA1OGJjODQ1MDMwMWI3IiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 11:04:22 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1613806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh

104.21.11.160

401 Unauthorized

0 B

URL HTTP/2
killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
IP
104.21.11.160:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh HTTP/1.1
Host: killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 401 Unauthorized
date: Tue, 17 Jan 2023 11:04:24 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
access-control-allow-origin: *
access-control-allow-methods: POST, GET
set-cookie: _killbot=i4b3gt5gr2g1seaesrf96bdncnkg3o7b; expires=Tue, 17-Jan-2023 13:04:23 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6%2F2LL149e1J1%2Bd%2F2knrYDv8rsbxJLlCBWFK52ODaeExSwZnvZmPn6HHlc6saJEBbqiDOKVhvMt%2FfIUz032aRgE3JaRuBR%2Bx5JCnEI0D7aotGdpQ9xsth896BbLPaTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ae9c195f6eb52d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

kit.fontawesome.com/f7165dd215.js

104.18.22.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/f7165dd215.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fzrl33UjBR4Ky8yId-fh
cf-cache-status: HIT
age: 2
server: cloudflare
cf-ray: 78ae9c190a0ab506-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215

172.64.168.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
IP
172.64.168.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 674e965f3d2af64c7723a159d4fcb6b4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: rsrE7TBHG-xrmPLHTm-2ew9crm8VymDmKQzYmVZUxJwUPtK3OAq6lA==
age: 49227
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fcZfvh%2F2zW89v9tgC9ARX%2FakF%2FU4ira1vZW4jiBNuDaOO3TbUDz1WkFGEkrv0pctggcKxbgt3WcLyCnRDrByD2VQrahVNfuxos%2FP5pXDagy90au5pRIKVLYMPRsHWyr5LiQUvscKTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ae9c199db52406-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215

172.64.168.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
IP
172.64.168.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"15e2713dff942747406520edde3fd0bf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 93cfeed105500c4613cee2ee99f5f9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: m25TERZ1Y2TCsANiEqs-iB20DUrbtuoSIZAIeWMCEJ2wIEDN0376HA==
age: 49227
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4PRdaX0WPKT4p1A5TFxkNbl9bvHRbcbqGObZD91vKijFoY%2FRDdlw0qZTHDGYnUPpy71PqfYT%2FeBgyj08Qb1xLz5fsxz2vbsiQl4hEsXKdUdSohhkm59Hy2I%2BonZ95pQHHRLWJT77w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78ae9c199db72406-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.lr-in.com/logger-1.min.js

104.21.234.145

200 OK

0 B

URL HTTP/2
cdn.lr-in.com/logger-1.min.js
IP
104.21.234.145:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 11:04:23 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"54e181b7886b84da466c267980e8567313dbbe85197488a9314065c57e6fdf26"
last-modified: Fri, 13 Jan 2023 23:03:57 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-fra-eddf8230136-FRA
x-cache: MISS
x-cache-hits: 0
x-timer: S1673651316.194027,VS0,VE60
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 190
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FBK2M7J7crErtjuonGyylUOhIwzGW8qbdYHIHoBuAD6B%2BdVVT0%2F4E3ifSahXtPW%2FtUHi%2FcwNKQp6%2FeRS69TByN%2FlUmdgNXLM%2F8L4I3FjE3U25peusMVjkcGlRX5NQm7k"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78ae9c1999b5732a-LHR
content-encoding: br
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML