Overview

URL package.blurrybooks.com/public/yLVvtsPnYmljFoLb2xlCiKGb5uG4ldTy
IP194.233.86.76
ASNContabo Asia Private Limited
Location Singapore
Report completed2022-11-25 09:30:49 UTC
StatusLoading report..
urlquery Alerts Phishing - DHL


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 package.blurrybooks.com/public/yLVvtsPnYmljFoLb2xlCiKGb5uG4ldTy Phishing
2022-11-25 2 package.blurrybooks.com/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr/ Phishing
2022-11-25 2 package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (19)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS r3.o.lencr.org (7) 344 No data No data 23.36.76.226
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.21.226
mnemonic passive DNS killbot.org (2) 0 2014-03-26 13:15:40 UTC 2022-11-25 05:33:34 UTC 104.21.11.160 Unknown ranking
mnemonic passive DNS cdn.lr-in.com (1) 13237 2021-07-19 14:36:56 UTC 2022-11-25 05:32:24 UTC 172.67.206.254
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.10
mnemonic passive DNS dispatching-centre.lasamericascargo.com (1) 0 2022-04-06 19:56:33 UTC 2022-11-24 12:34:27 UTC 135.181.58.223 Unknown ranking
mnemonic passive DNS package.blurrybooks.com (19) 0 2022-11-23 02:19:53 UTC 2022-11-23 17:20:54 UTC 194.233.86.76 Unknown ranking
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS cdn.jsdelivr.net (1) 439 2012-09-30 00:15:09 UTC 2020-08-10 12:12:39 UTC 151.101.85.229
mnemonic passive DNS ws-mt1.pusher.com (1) 8253 2018-09-20 11:30:02 UTC 2020-04-27 09:33:24 UTC 3.209.208.53
mnemonic passive DNS ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS cdn.s-pass.org (1) 0 2022-06-08 11:11:38 UTC 2022-11-24 15:35:12 UTC 172.67.75.167 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-11-25 05:53:13 UTC 142.250.74.10
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 34.214.64.191
mnemonic passive DNS cdnjs.cloudflare.com (3) 235 2015-04-17 20:46:33 UTC 2022-11-25 06:02:44 UTC 104.17.24.14


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 194.233.86.76

Date UQ / IDS / BL URL IP
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-05 17:36:55 +0000
0 - 0 - 3 package.blurrybooks.com/public/q1zkgj1pts25rf (...) 194.233.86.76
2022-12-05 17:36:29 +0000
0 - 0 - 3 package.blurrybooks.com/public/skt7k7bmfgcm9p (...) 194.233.86.76
2022-12-04 12:51:19 +0000
0 - 0 - 3 package.blurrybooks.com/public/jp7bIMPGmdEeuL (...) 194.233.86.76
2022-12-04 12:35:37 +0000
0 - 0 - 3 package.blurrybooks.com/public/suJzppmLTZ0qOK (...) 194.233.86.76

Last 5 reports on ASN: Contabo Asia Private Limited

Date UQ / IDS / BL URL IP
2022-12-09 06:09:45 +0000
0 - 0 - 2 lalangmanis.com/ 194.233.68.84
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-08 13:33:37 +0000
0 - 0 - 1 www.pto7c4n.frozenfood.id/#.==QbvNmL3FGbul2dk (...) 194.233.79.115
2022-12-07 17:52:44 +0000
0 - 0 - 6 daffodil-edu.com/emn/index.php?QBOT.zip 194.233.77.183
2022-12-06 12:56:46 +0000
0 - 0 - 3 eoliacom.com/ 194.233.87.10

Last 5 reports on domain: blurrybooks.com

Date UQ / IDS / BL URL IP
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-05 17:36:55 +0000
0 - 0 - 3 package.blurrybooks.com/public/q1zkgj1pts25rf (...) 194.233.86.76
2022-12-05 17:36:29 +0000
0 - 0 - 3 package.blurrybooks.com/public/skt7k7bmfgcm9p (...) 194.233.86.76
2022-12-04 12:51:19 +0000
0 - 0 - 3 package.blurrybooks.com/public/jp7bIMPGmdEeuL (...) 194.233.86.76
2022-12-04 12:35:37 +0000
0 - 0 - 3 package.blurrybooks.com/public/suJzppmLTZ0qOK (...) 194.233.86.76

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 02:54:25 +0000
0 - 0 - 12 delhome.rvjradio.com/public/bCiZQlkqVqoLcY8Rq (...) 207.244.252.18
2022-12-02 23:45:49 +0000
0 - 0 - 11 delhome.rvjradio.com/public/f4YZJ3AinBvOmq4Hk (...) 207.244.252.18
2022-12-02 20:25:13 +0000
0 - 0 - 11 delhome.rvjradio.com/public/4duuMVhpiLFhsrBdK (...) 207.244.252.18
2022-12-02 20:25:12 +0000
0 - 0 - 11 delhome.rvjradio.com/public/g7l8vkEomHLF3Sc5s (...) 207.244.252.18
2022-12-02 17:35:16 +0000
0 - 0 - 10 delhome.rvjradio.com/public/vOqQWykAkj7L3dSTU (...) 207.244.252.18


JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (58)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11175
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:30:38 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5178
Cache-Control: max-age=95211
Date: Fri, 25 Nov 2022 09:30:38 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 11:57:29 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 09:17:26 GMT
cache-control: public,max-age=3600
age: 792
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4019
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:30:38 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: uzd1DIRQyIfg+sYp7DjfhXLGMxGt4vBw0xQT1i5z5FMIpoDXeQkS32S9oxvSeSSGy5CrGLHD3TA=
x-amz-request-id: 2VDHT2HA11KNNQ09
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:40:44 GMT
age: 2994
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:30:38 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 1168
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5085
Cache-Control: max-age=90055
Date: Fri, 25 Nov 2022 09:30:39 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:31:34 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Mu3Xv1GsO7BZnKn2+SQqJA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         34.214.64.191
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l//9/zqAQurOtFvv/EXa5QT0B9M=

                                        
                                            GET /public/yLVvtsPnYmljFoLb2xlCiKGb5uG4ldTy HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://package.blurrybooks.com/public
set-cookie: XSRF-TOKEN=eyJpdiI6Im9KK2xSTW9rSFlqQ29vSkxRbjdhY0E9PSIsInZhbHVlIjoiUlVSb3V2c0tXQjJCY3ZxZ3d5ZE5ZU0I5UUZqU1VheFphZlh4aXlvMFhCK2xiQzFzL0JBMDFZaUFoVW0ybHAzWkR4ZmE5ZjdKcnhwQ3JFZ0dSZVpWcnUrUHVhM2JnMUVuUCtnYTExczFYK2R3VDJGc3JlQklsS1ZkNGEvVWNTTTIiLCJtYWMiOiIwZGNkM2M4NDI0MDEzNWUxZDlmMmRkZGU3MDc5OWRiMTFkM2Y0YzczNTViYjk5OGY1Njk5NWJkM2Y1YTFiZjRhIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:39 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IkZsQVA5ZDUyVEhvTGZXKzZzbGN3N2c9PSIsInZhbHVlIjoiWkFGcFJnQUw4cVhLcG1sZjFxOGJhaDJoeUUrU1Z5em5pZHdtOVU1d3lHM1VJT2VxdDdLd0hZYVVMa1pIa2dGL3VDV3RqZm53K2pGQ0poYmZ3OElNRGtKZ1dKQng3cSs5NytrbUlvMEpzSklERUdVTjQyMUpVeWVVb0dOR1h6bGsiLCJtYWMiOiJjNjdiNDFiNjU1OTRhNzI3N2MwOTk0MGFkMzAwZDcyNjEwNjYwYTg2MjRjMDNjZTNhNDNiZjQ2YjUzMGU5ZjM0IiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:39 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 212
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:39 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   212
Md5:    08423cc8c7da8275b2d15f0663d27b09
Sha1:   1dd29773d11c03a3df2b535b066d76e8222a7fe5
Sha256: b9fd7f1e35370ac5ff1a137c6d263bfa6634ecdf731b48f4dfcb1caa384bab5b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /public HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im9KK2xSTW9rSFlqQ29vSkxRbjdhY0E9PSIsInZhbHVlIjoiUlVSb3V2c0tXQjJCY3ZxZ3d5ZE5ZU0I5UUZqU1VheFphZlh4aXlvMFhCK2xiQzFzL0JBMDFZaUFoVW0ybHAzWkR4ZmE5ZjdKcnhwQ3JFZ0dSZVpWcnUrUHVhM2JnMUVuUCtnYTExczFYK2R3VDJGc3JlQklsS1ZkNGEvVWNTTTIiLCJtYWMiOiIwZGNkM2M4NDI0MDEzNWUxZDlmMmRkZGU3MDc5OWRiMTFkM2Y0YzczNTViYjk5OGY1Njk5NWJkM2Y1YTFiZjRhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZsQVA5ZDUyVEhvTGZXKzZzbGN3N2c9PSIsInZhbHVlIjoiWkFGcFJnQUw4cVhLcG1sZjFxOGJhaDJoeUUrU1Z5em5pZHdtOVU1d3lHM1VJT2VxdDdLd0hZYVVMa1pIa2dGL3VDV3RqZm53K2pGQ0poYmZ3OElNRGtKZ1dKQng3cSs5NytrbUlvMEpzSklERUdVTjQyMUpVeWVVb0dOR1h6bGsiLCJtYWMiOiJjNjdiNDFiNjU1OTRhNzI3N2MwOTk0MGFkMzAwZDcyNjEwNjYwYTg2MjRjMDNjZTNhNDNiZjQ2YjUzMGU5ZjM0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 09:30:39 GMT
location: http://package.blurrybooks.com/public/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19264
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19264
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19264
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19264
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19264
Expires: Fri, 25 Nov 2022 14:51:44 GMT
Date: Fri, 25 Nov 2022 09:30:40 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 41710
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 40988
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4dfd2143-7cf2-4a28-b8bf-bc3121d6a4d8.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10950
x-amzn-requestid: 9bb73841-83d9-48b2-8c79-f00a57612b4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFNstFeZoAMFopQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637ec31d-4e6aafd367c7740c77df133b;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 01:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tCG6Llkb9UHrJDHyxk5RgLkQ3Cds3dXRc0uMhy_9GbnzgMWk5UBS6w==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:04:29 GMT
age: 74316
etag: "18800e21d05596f7b64213072dee7dda5c1faf61"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10950
Md5:    4abf25d4a15ce58edadd54994b3434a2
Sha1:   18800e21d05596f7b64213072dee7dda5c1faf61
Sha256: 633138e70f43e2be9cc447967044c4070bfc4d9285e5228361bebe255dc286e2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 18460
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 52750
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 41712
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /public/ HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im9KK2xSTW9rSFlqQ29vSkxRbjdhY0E9PSIsInZhbHVlIjoiUlVSb3V2c0tXQjJCY3ZxZ3d5ZE5ZU0I5UUZqU1VheFphZlh4aXlvMFhCK2xiQzFzL0JBMDFZaUFoVW0ybHAzWkR4ZmE5ZjdKcnhwQ3JFZ0dSZVpWcnUrUHVhM2JnMUVuUCtnYTExczFYK2R3VDJGc3JlQklsS1ZkNGEvVWNTTTIiLCJtYWMiOiIwZGNkM2M4NDI0MDEzNWUxZDlmMmRkZGU3MDc5OWRiMTFkM2Y0YzczNTViYjk5OGY1Njk5NWJkM2Y1YTFiZjRhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkZsQVA5ZDUyVEhvTGZXKzZzbGN3N2c9PSIsInZhbHVlIjoiWkFGcFJnQUw4cVhLcG1sZjFxOGJhaDJoeUUrU1Z5em5pZHdtOVU1d3lHM1VJT2VxdDdLd0hZYVVMa1pIa2dGL3VDV3RqZm53K2pGQ0poYmZ3OElNRGtKZ1dKQng3cSs5NytrbUlvMEpzSklERUdVTjQyMUpVeWVVb0dOR1h6bGsiLCJtYWMiOiJjNjdiNDFiNjU1OTRhNzI3N2MwOTk0MGFkMzAwZDcyNjEwNjYwYTg2MjRjMDNjZTNhNDNiZjQ2YjUzMGU5ZjM0IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6ImRObXoyQmttcjkyd2k1dVBaYTlsYXc9PSIsInZhbHVlIjoiZGx3cklKZzBBSlIybE5zYjZCL3ZPRERrZnMvT0l4cFFKVzRGZ2N1Qk1yT3FLN2YxT3Jpbi9yQTBxdzB4aDVCNVBjLzVXRzNIQ1dCNWNCR1k0OWpyYXp6a2pScUQxejJFZUFGUzA2M2hqMm1hMXpDU1dqcGFzSVBsY0NaK3R6aEQiLCJtYWMiOiJjZjViNTFkNjg0YWYxMTc4NjY4ZDJkNzEwMWZhNjhiMTNjZDk2NjFmNTAzNjQyM2UwMzgzMmJkYjRhOWQ2Y2Y0IiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:41 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6ImdiYmNrMk5DaTFBWThqWFFxVXlxaEE9PSIsInZhbHVlIjoibDVDVmZxYWxWclN5SDI1dFRTQWYwTzFSMVZkRnJQNFJsZUFNNms2am5peDF4elg5WG45cDRxZ1dRWmxuZlpmZStMOFMwdmR6bVI4eFBVZlEwSTBPdC9heFFLRWxrQWUyczEyblVjZ0xONnhkU0tjYWR0SW8vT3dLMWlnbG5iTmoiLCJtYWMiOiJlZTYzOGY4OWY0OTk5MjAzYzk2MjU4MmQ1Y2JmOTIwZDk5NDZiN2NkM2FiZjU0MDgxYmExZmQ3M2UyZDBkNjllIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:41 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 376
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:41 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   376
Md5:    9bfd6d4cbe75ae3dfa9639e401c44dca
Sha1:   3045d8960a153a499c2d6b850d8034d5ae6c9d1e
Sha256: 299a970a9ecf5a74ba370023b10f72aaba5376fbdac75a9f7693f38d7f97dc47
                                        
                                            GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1 
Host: cdn.jsdelivr.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         151.101.85.229
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 25 Nov 2022 09:30:41 GMT
age: 21262
x-served-by: cache-fra-eddf8230107-FRA, cache-bma1654-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 1167
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2400)
Size:   1167
Md5:    00d8e4bf35e3ecfb78d1e8a64284059b
Sha1:   560445b7f347a8945bcb2073767fa8593dbef22d
Sha256: 8f2a3c4a3919454b2578b5bbadc9b8f135d5e12ce37e717a6010d808d40a1a05
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:30:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1737
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f95df9d8a71c16-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    e5b4f0edacb0e1ec14b068b30274304e
Sha1:   88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
Sha256: 33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
                                        
                                            GET /aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr/ HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImRObXoyQmttcjkyd2k1dVBaYTlsYXc9PSIsInZhbHVlIjoiZGx3cklKZzBBSlIybE5zYjZCL3ZPRERrZnMvT0l4cFFKVzRGZ2N1Qk1yT3FLN2YxT3Jpbi9yQTBxdzB4aDVCNVBjLzVXRzNIQ1dCNWNCR1k0OWpyYXp6a2pScUQxejJFZUFGUzA2M2hqMm1hMXpDU1dqcGFzSVBsY0NaK3R6aEQiLCJtYWMiOiJjZjViNTFkNjg0YWYxMTc4NjY4ZDJkNzEwMWZhNjhiMTNjZDk2NjFmNTAzNjQyM2UwMzgzMmJkYjRhOWQ2Y2Y0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYmNrMk5DaTFBWThqWFFxVXlxaEE9PSIsInZhbHVlIjoibDVDVmZxYWxWclN5SDI1dFRTQWYwTzFSMVZkRnJQNFJsZUFNNms2am5peDF4elg5WG45cDRxZ1dRWmxuZlpmZStMOFMwdmR6bVI4eFBVZlEwSTBPdC9heFFLRWxrQWUyczEyblVjZ0xONnhkU0tjYWR0SW8vT3dLMWlnbG5iTmoiLCJtYWMiOiJlZTYzOGY4OWY0OTk5MjAzYzk2MjU4MmQ1Y2JmOTIwZDk5NDZiN2NkM2FiZjU0MDgxYmExZmQ3M2UyZDBkNjllIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 09:30:41 GMT
location: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  urlquery:
    - Phishing - DHL
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://package.blurrybooks.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImRObXoyQmttcjkyd2k1dVBaYTlsYXc9PSIsInZhbHVlIjoiZGx3cklKZzBBSlIybE5zYjZCL3ZPRERrZnMvT0l4cFFKVzRGZ2N1Qk1yT3FLN2YxT3Jpbi9yQTBxdzB4aDVCNVBjLzVXRzNIQ1dCNWNCR1k0OWpyYXp6a2pScUQxejJFZUFGUzA2M2hqMm1hMXpDU1dqcGFzSVBsY0NaK3R6aEQiLCJtYWMiOiJjZjViNTFkNjg0YWYxMTc4NjY4ZDJkNzEwMWZhNjhiMTNjZDk2NjFmNTAzNjQyM2UwMzgzMmJkYjRhOWQ2Y2Y0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImdiYmNrMk5DaTFBWThqWFFxVXlxaEE9PSIsInZhbHVlIjoibDVDVmZxYWxWclN5SDI1dFRTQWYwTzFSMVZkRnJQNFJsZUFNNms2am5peDF4elg5WG45cDRxZ1dRWmxuZlpmZStMOFMwdmR6bVI4eFBVZlEwSTBPdC9heFFLRWxrQWUyczEyblVjZ0xONnhkU0tjYWR0SW8vT3dLMWlnbG5iTmoiLCJtYWMiOiJlZTYzOGY4OWY0OTk5MjAzYzk2MjU4MmQ1Y2JmOTIwZDk5NDZiN2NkM2FiZjU0MDgxYmExZmQ3M2UyZDBkNjllIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:43 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:30:43 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 5767
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:30:43 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   5767
Md5:    b4cb0ca5ba4eee5077643fc76db4c02d
Sha1:   fd2a34768ac4183a983bd2674df209b9ac76a113
Sha256: c445f182a662ee4d1bb4cc938216495b874b57038e60ea39a7cbbe05eb1775bb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /ajax/libs/font-awesome/6.1.1/css/all.min.css HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://package.blurrybooks.com
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:30:43 GMT
content-length: 17041
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "623a082a-4291"
last-modified: Tue, 22 Mar 2022 17:32:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5035804
expires: Wed, 15 Nov 2023 09:30:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3k9LJXwPRzK5l%2B70z6C2ILTTPKcxCu9IEtV70PM6a8QUpn1OpiX7dWquPwvW%2F5So6OVWBNGmGRhbDfER%2BwAYS%2BWon1WZK6TMbjuor%2FryrVwjKtWly4nssAJXU2lbxiayC%2BOSMlV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f95e07dd991c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65317)
Size:   17041
Md5:    be9aeb2a05f665e3606faf11c09b542f
Sha1:   5644d0bd4e12fdfb7235166d2883fc7acd0a2c5b
Sha256: 13ace8ab3d9e2cbaf3fe1768b9ba1fc5313a5541607b4c07121c0abbb7fadfae
                                        
                                            GET /ajax/libs/imask/3.4.0/imask.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:30:43 GMT
content-length: 10899
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e9f-b217"
last-modified: Mon, 04 May 2020 16:11:11 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4368371
expires: Wed, 15 Nov 2023 09:30:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xSFsTAEty9J8rUuYQVXpJYcJFHMRwgRTLSrPqmrGHKCI3%2BVNKPDAWwHXp9UqiETFNTVJgmcNCq904pvsq0QiC0hpG3qToVZgUKGBtjptjcGVgH%2F4f0HZn7uVCwcybQVh103lSfMj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f95e07e8cfb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (45552)
Size:   10899
Md5:    6dd93e13c5bb3b67dadd0de250ffea2f
Sha1:   961bf5bb7cc4aa32bcd66b9ac34461f7e02d96d3
Sha256: 1238c95de9a6c90c1992853fd140b31d2ec8854a09deaa0d4a2d3136281af5e9
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-1.12.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.10
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:30:43 GMT
content-encoding: gzip
content-length: 33738
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-17b8b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669368643.dop212.sk1.t,1669368643.cds214.sk1.hn,1669368643.cds251.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   33738
Md5:    fc7624613c4e25843694cdb7fa956f05
Sha1:   7765bb4016ae929e22be579ccde505b94c2a63c1
Sha256: 49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3912
Cache-Control: max-age=106164
Date: Fri, 25 Nov 2022 09:30:43 GMT
Etag: "637f77af-117"
Expires: Sat, 26 Nov 2022 15:00:07 GMT
Last-Modified: Thu, 24 Nov 2022 13:54:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3912
Cache-Control: max-age=106164
Date: Fri, 25 Nov 2022 09:30:43 GMT
Etag: "637f77af-117"
Expires: Sat, 26 Nov 2022 15:00:07 GMT
Last-Modified: Thu, 24 Nov 2022 13:54:55 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:30:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /public/dinzab/intlTelInput.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3030
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   3030
Md5:    f705cb958e570f0b99eadb5edeb83d95
Sha1:   0d838e705fb92752d19b8989b1a4017cbb312d4a
Sha256: 00fca5bbba92e9e7df00d3f40430a14a97824c230307b7d76e1c60345beea585
                                        
                                            GET /public/dinzab/font-awesome.min.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6989
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6989
Md5:    73fafde2ed0b8af35533aef217310350
Sha1:   07ffb382423d12967d70ae85b36a6bbf16327678
Sha256: 8448460374395f6645aa937ab83a5b7eebd7b35cdc8f8e875fa4cb7a92a63eab
                                        
                                            GET /public/dinzab/newcc.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Thu, 02 Jun 2022 11:41:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1463
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   1463
Md5:    6e0232fe4f5ef20203f7999783986f7e
Sha1:   d9d4e554d3be7250a771ce3f3e6b85e4e06a758b
Sha256: b85960c24d35c9f584297d7288d60e25d2ceca88a5aa0cc36ce674a27a67a9dd
                                        
                                            GET /public/dinzab/data.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5443
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9881)
Size:   5443
Md5:    902e27c2fcc4ffe1cbe8e7c37fd7a284
Sha1:   3a9802b51bb2af56111c3d319000c4de0545a93a
Sha256: cebda19a40bdae30d1afcf2a6fe66dbb01059e0713b870ef9b5f440ea5cf023e
                                        
                                            GET /public/dinzab/mine.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Mon, 17 Oct 2022 07:48:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 745
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   745
Md5:    7379cc6ede3a2f2008d5f0504959fe48
Sha1:   0bad315c94cde8a8782181e2b70ba71796a228c9
Sha256: dc27fa68a3b54e5cc07995d6685ffd45e0d9ad9bfcec73ad3ba1fa439cd4b35c
                                        
                                            GET /public/dinzab/app.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:43 GMT
last-modified: Thu, 02 Jun 2022 16:04:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 63778
date: Fri, 25 Nov 2022 09:30:43 GMT


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   63778
Md5:    0f314c30652212c9abecb777a28a87cc
Sha1:   f0cd8c2e939f6762e87c83f631c2fe7db50690f7
Sha256: 659bb75c3d40716b8ed8334c6e2ec48176ba89844953ccfef498434abfae4640
                                        
                                            GET /images/foo.png HTTP/1.1 
Host: dispatching-centre.lasamericascargo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         135.181.58.223
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 25 Nov 2022 09:30:40 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:32 GMT
Accept-Ranges: bytes
Content-Length: 3878
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size:   3878
Md5:    11ff7152775863d8bf58eb585a3cfa46
Sha1:   25127f0e304d9145ef8a824a8be504664a799b7f
Sha256: 5c4b801e60c49235941cfc562ed465a951c937c668db31e3c1ba152513c672d3

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /public/dinzab/countrySelect.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11424
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (347)
Size:   11424
Md5:    b99d84430cfc714ead440c8f2fc45179
Sha1:   82cb0004f68d3ba0e9fb61e5e0d74329f95ff029
Sha256: cc81e985d9da85f9e99276c935c0df1edd7089356c3bc0e37e4bf47de102a570
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1814
Cache-Control: max-age=88932
Date: Fri, 25 Nov 2022 09:30:44 GMT
Etag: "637f3c92-117"
Expires: Sat, 26 Nov 2022 10:12:56 GMT
Last-Modified: Thu, 24 Nov 2022 09:42:42 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=128184
Date: Fri, 25 Nov 2022 09:30:44 GMT
Etag: "637fdcfc-116"
Expires: Sat, 26 Nov 2022 21:07:08 GMT
Last-Modified: Thu, 24 Nov 2022 21:07:08 GMT
Server: nginx
Content-Length: 278

                                        
                                            GET /SPASSDATA/media/cache/portail_vignette_xl/SPASSDATA/attachments/2022_02/17/114223-serencontrer-messages-solid.png HTTP/1.1 
Host: cdn.s-pass.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.75.167
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 09:30:44 GMT
content-length: 4984
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1313415
etag: "620e522e-140a87"
last-modified: Thu, 17 Feb 2022 13:48:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 2649
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hjP6%2BuiRP4mLkFdDaShn4%2B8CgiJFUFDWoOQ4yoM8zz97iJDPnyuhsu%2BRB0OSg6r25Nxa34MQze4wQmI7HWBlL%2F2NY0Mm4jVO7Dzq1HnEzavLHytPWAuxezP2f9v58uzk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f95e0bbeb8fac4-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 512, 8-bit colormap, non-interlaced\012- data
Size:   4984
Md5:    faa2a37bbdf6a4d7eb92f4df1396e1bc
Sha1:   b63e5a7323f771d2294a58b3251bb6036ae33fce
Sha256: cff8856b01d09b6e68b3d6b75172ea259363b4268be55229a963e86edc77e627
                                        
                                            GET /public/dinzab/card.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14227
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (51786)
Size:   14227
Md5:    b8ffbe921405363d9b732989d8af5b3e
Sha1:   17de2c62f1aacbb7b4e4ee631c0ef102a38bfb05
Sha256: 7b4ba5d1bd3122907549eb4b22fc410abf7320d46ee2074c05187117c43ecc2d
                                        
                                            GET /public/dinzab/intlTelInput.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 20972
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9885)
Size:   20972
Md5:    887257c2c08e189a4c561f8aad87b7b8
Sha1:   6acdad0b3de46c2f9e9c4919bfe7514024d2b86d
Sha256: 80dd903b280c1dbd3fb31b34891bc8d447bd72be31e3ad249842ab4ecd059ed2
                                        
                                            GET /public/dinzab/logo.png HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/png
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 1998
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1998
Md5:    5d14ab93691604e826e1319d53599eb9
Sha1:   78724360e9d25da584445b851e37bca05abe6b85
Sha256: 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /public/dinzab/app.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:44 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 175899
date: Fri, 25 Nov 2022 09:30:44 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7706), with CRLF line terminators
Size:   175899
Md5:    e43588d3971ec83841aa04ae4c18040c
Sha1:   6b6327ec062d3380f83bb30b87eadad6636de851
Sha256: 055b4f331c5283a0f5900945fbb6105548a78de762e0aac49d77fdd84f5db69f
                                        
                                            GET /api/v2/whois?apikey=eT2gpCzP_IGjAyHrT0mZAij9_XZCvCu0_j1ZEGT2SqL8T HTTP/1.1 
Host: killbot.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://package.blurrybooks.com/
Origin: http://package.blurrybooks.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.21.11.160
HTTP/2 200 OK
content-type: application/json
                                        
date: Fri, 25 Nov 2022 09:30:45 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
set-cookie: _killbot=6dk1ihgbc82u0fu0ltaghskb8qlnsb3s; expires=Fri, 25-Nov-2022 11:30:45 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: POST, GET
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BAjVnXeGl0%2BROnXyhg9Vt5r4V9BNUwj7Ks8xKKgoPBd3fFOmGrfmXH%2BTtiaNmzKbM9qYkiUgq9kCjc0bbsPfV2oc%2FBng%2FGt9Ydk%2FqdJ8554pXma9tYx7WUkYzu6%2FLQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f95e0baac10afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text
Size:   442
Md5:    129ac34d04834c15b66eceae4efa6502
Sha1:   3532571f267eb0aab67092a2335d993dcc1c06e2
Sha256: bfa3d00e7a00a2d80d554319ed711519ac535cb47055883aefe77bf65fdc62f7
                                        
                                            GET /public/dinzab/flagscountry.png HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/png
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:45 GMT
last-modified: Wed, 22 Sep 2021 15:06:48 GMT
accept-ranges: bytes
content-length: 65960
date: Fri, 25 Nov 2022 09:30:45 GMT


--- Additional Info ---
Magic:  PNG image data, 5630 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   65960
Md5:    ae33acae404631e997ef8d91dae08ccd
Sha1:   19fae9a6aa4bb419eba378b0d0573906dc1be38a
Sha256: 38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b
                                        
                                            GET /css?family=Raleway|Rock+Salt|Source+Code+Pro:300,400,600 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 25 Nov 2022 09:30:43 GMT
date: Fri, 25 Nov 2022 09:30:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   766
Md5:    687d7d8893884c9954f2cfe39fa6c0a7
Sha1:   3a4cafffca7bf700263c4e7151d6b9efa15e2a17
Sha256: 52e12dbdf9c51dd44397a24c4296e23a711a813143b0475e858faed9df11559d
                                        
                                            GET /public/dinzab/favicon.gif HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/gif
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:45 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 2238
date: Fri, 25 Nov 2022 09:30:45 GMT


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size:   2238
Md5:    a6f1af8e79a11829ba9a66474b06bb97
Sha1:   d99e3ec7747c865033a8dfad43c9f49634404bc1
Sha256: b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1 
Host: ws-mt1.pusher.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://package.blurrybooks.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mir7RB7ZyU8OIRU72qXYPQ==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         3.209.208.53
HTTP/1.1 101 Switching Protocols
                                        
Date: Fri, 25 Nov 2022 09:30:45 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: bjK/JoJjK7TzItClH6v39vwwe1w=

                                        
                                            GET /public/dinzab/loading.gif HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/aJBaC5pLuVakgCGMxW0cKNBtfIEfWiAr
Cookie: XSRF-TOKEN=eyJpdiI6IkhMcThXYTNzNkJEckpkY3NKYXVxOWc9PSIsInZhbHVlIjoiOEp2TmI0bVJVMU91U2NiT282NU1SQ2JldUVGT2ZFZHh4WkZsbnJtQ2Q2MU50RDlPUFpETUpxM2MwaHJ2ZWZxVXR1aGNRVzlJd0E2STlrM3I0MURwdzA5dHBhbnNydnBMZzRyU2RoUGpGZm9oQWJ3Sm1WaS95cGNlSXJlS3AyakIiLCJtYWMiOiIwY2MyOGIzY2NmMmE4ZTM2NDNjYTA0OWQ4MmI4OTM2MjJmZWRiNDM0ZmRiZDUyYzZmMGFjNDExMDE1NzViNjBiIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik0zOFhnU3Q2V2d4RWF2L096c1RRUHc9PSIsInZhbHVlIjoieWMyakJpdFFqeGFqYWFuM3RabjhvTVZQV0h3dFVneENlM0F5NnBSNElTSkxKM0txam5EOTFwTVVNeE4rZFc2di9aNlFNVnZnU09JVU9LbGpTN0t6OUlScGQzK1c3NnNUNW9xOW5nQytlbDJCVitVb2JjMFVIVCtWeGlWZ2s5WHMiLCJtYWMiOiI2MWM3ZjRkYzgzMjU4Y2JhZDIzNmNkNWJhOWZmNjkwZmVlYTk0MjlhYzY2MTNlZTA5YjRmNTliN2VlMTA3YmRkIiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/gif
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:30:45 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 17585
date: Fri, 25 Nov 2022 09:30:45 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 103\012- data
Size:   17585
Md5:    f3ffb13cf88b13ec557e6149371b361d
Sha1:   3c72f0855b4bd6e3b45675a5e8b08c8fb7a98f49
Sha256: ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /ajax/libs/font-awesome/5.8.1/js/all.min.js HTTP/1.1 
Host: cdnjs.cloudflare.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://package.blurrybooks.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.17.24.14
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:30:43 GMT
content-length: 338270
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e60-1125c9"
last-modified: Mon, 04 May 2020 16:10:08 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1255184
expires: Wed, 15 Nov 2023 09:30:43 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W83e6mVqU0JObT%2BsFayVaocfTTMIzjgHNCdflhdq4mvy3Q5N96wKtEs4B0P1rTLLuv4MFUxDQzidh2BycT6gQWEN3OhyOA2kL%2Fw01HTSNX1pKs8V7kN2tZE7t3h%2Fkua8dxCkmXFx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 76f95e080dd91c02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /logger-1.min.js HTTP/1.1 
Host: cdn.lr-in.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.67.206.254
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:30:43 GMT
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"c1f33afeb865835d5273b255337a5225b108e357af72d4ef1a904ec4c7689b17"
last-modified: Wed, 23 Nov 2022 21:34:39 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-bma1633-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1669239510.795878,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HkfKwbeGIkfybdj%2FMAEn3P0cwIMuqB928zSnPUnk04zP9wTNKgnUJVB6LKKSV6Qij2fhCgsuR8ST8%2FKiGctCWgtzmZ%2FH0W%2FxdJqKlFhMqU5hpV25oPGn%2FozoUpXMruaU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f95e086f00b50c-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /api/v2/blocker?apikey=eT2gpCzP_IGjAyHrT0mZAij9_XZCvCu0_j1ZEGT2SqL8T&ip=91.90.42.154&ua=Mozilla/5.0%20(Windows%20NT%2010.0;%20Win64;%20x64;%20rv:105.0)%20Gecko/20100101%20Firefox/105.0&url= HTTP/1.1 
Host: killbot.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://package.blurrybooks.com/
Origin: http://package.blurrybooks.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.21.11.160
HTTP/2 403 Forbidden
content-type: application/json
                                        
date: Fri, 25 Nov 2022 09:30:45 GMT
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
access-control-allow-origin: *
access-control-allow-methods: POST, GET
set-cookie: _killbot=u24c3r84fenojjdlmq1njb6aj59pdbb5; expires=Fri, 25-Nov-2022 11:30:45 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YwJ2bSoq%2BKHqQCPY8%2BhDXPjzN53gQQWrxGgMlQ7dTJwEPwiuF%2FGgqkpKPMGpVMeZs9UZHvTUYnqJB28EnF2dec6adhw3arhfZAUMxtfgrN23KeklAr4rAavQB%2FcK%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 76f95e11084e0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---