urlquery - report: dbspaylsh.art/

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	Sent bytes	Received bytes	IP
ocsp.digicert.com (2)	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682	1594	93.184.220.29
content-signature-2.cdn.mozilla.net (1)	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413	5843	34.160.144.191
firefox.settings.services.mozilla.com (2)	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782	2374	34.102.187.140
contile.services.mozilla.com (1)	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333	229	34.117.237.239
push.services.mozilla.com (1)	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606	127	35.162.110.205
dbspaylsh.art (16)	0	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7337	160503	103.147.225.70
img-getpocket.cdn.mozilla.net (6)	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3246	55751	34.120.237.76
r3.o.lencr.org (6)	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2028	5317	23.36.77.32

Scan Date	Severity	Indicator	Comment
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd
2022-11-28	medium	dbspaylsh.art/	DBS Bank Ltd

Scan Date	Severity	Indicator	Comment
2022-11-28	medium	dbspaylsh.art/	Phishing
2022-11-28	medium	dbspaylsh.art/js/jquery-1.11.1.min.js	Phishing
2022-11-28	medium	dbspaylsh.art/js/swiper.min.js	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/api.php	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/k.js	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/api.php	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/api.php	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/api.php	Phishing
2022-11-28	medium	dbspaylsh.art/zy/api/i.js?ver=1669658254358	Phishing

Scan Date	Severity	Indicator	Comment
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed
2022-11-28	medium	dbspaylsh.art	Sinkholed

Date	UQ / IDS / BL	URL	IP
2022-11-28 18:17:24 UTC	0 - 0 - 23	dbspaylsha.one/	103.147.225.70
2022-11-28 18:10:03 UTC	0 - 0 - 40	dbspaylsh.today/	103.147.225.70
2022-11-28 17:57:43 UTC	0 - 0 - 41	dbspaylsh.art/	103.147.225.70
2022-11-28 02:59:35 UTC	0 - 0 - 1	dbspaylan.top/	103.147.225.70
2022-11-28 02:10:01 UTC	0 - 0 - 1	wwwtodbs.top/	103.147.225.70

Date	UQ / IDS / BL	URL	IP
2023-05-28 16:31:54 UTC	0 - 2 - 0	uwoefip.top/	103.231.174.37
2023-05-27 23:03:34 UTC	0 - 9 - 0	bitvavo.live/pc/home.html	175.41.19.2
2023-05-22 22:35:19 UTC	0 - 1 - 3	175.41.29.181/	175.41.29.181
2023-05-21 14:18:38 UTC	0 - 1 - 0	yy002.top	103.147.225.42
2023-05-21 05:48:44 UTC	0 - 2 - 0	vhbnj.top/	103.231.174.37

Date	UQ / IDS / BL	URL	IP
2022-11-28 17:57:43 UTC	0 - 0 - 41	dbspaylsh.art/	103.147.225.70

Date	UQ / IDS / BL	URL	IP
2023-04-04 14:34:41 UTC	0 - 1 - 29	paylahcgs.top/	23.225.36.178
2023-04-04 13:55:42 UTC	0 - 5 - 22	paylahdcs.life/	23.225.36.178
2023-04-03 14:22:19 UTC	0 - 1 - 34	paymentdbs.top/	23.225.36.178
2023-04-03 13:35:05 UTC	0 - 1 - 34	paymentsg.top/	23.225.36.178
2023-03-23 13:45:32 UTC	0 - 6 - 35	dcspaylah.life/	23.225.36.178

HTTP Transactions (35)

Request	Response
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E" Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3994 Expires: Mon, 28 Nov 2022 19:04:06 GMT Date: Mon, 28 Nov 2022 17:57:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 150792cfc458af013998f4ef6bdf5f74 Sha1: d5179b2dcb11d06f82606bf6eb6648319998d63e Sha256: 72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5EA71CE6DD9E927F9BB3F97F59CC1AC7DC25A949024815965B29BC5835614786" Last-Modified: Sat, 26 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6194 Expires: Mon, 28 Nov 2022 19:40:46 GMT Date: Mon, 28 Nov 2022 17:57:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 71f9c681a82440fd55e76c780a20e55d Sha1: 3147768cfbcdd06e0c6e69684292e68e99917a80 Sha256: 5ea71ce6dd9e927f9bb3f97f59cc1ac7dc25a949024815965b29bc5835614786
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5949 Cache-Control: max-age=151978 Date: Mon, 28 Nov 2022 17:57:32 GMT Etag: "63848df9-1d7" Expires: Wed, 30 Nov 2022 12:10:30 GMT Last-Modified: Mon, 28 Nov 2022 10:31:21 GMT Server: ECS (ska/F715) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 9408cc0694fcbea57966c3a3ba906092 Sha1: fddcee1fdcf3209298e41a4b1b5560357fa165f0 Sha256: 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: DmSnMWqx3GzDkvJvodzjlgxMr+2D/WC2x46QaVquSasoUc/BxP5+N5YnF22T87Vdqi/20Ys1shk= x-amz-request-id: RNRRYAT40ZZXT2YF content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Mon, 28 Nov 2022 17:42:09 GMT age: 923 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Mon, 28 Nov 2022 17:19:32 GMT cache-control: public,max-age=3600 age: 2280 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Mon, 28 Nov 2022 17:57:32 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Mon, 28 Nov 2022 17:11:12 GMT cache-control: public,max-age=3600 age: 2781 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "FF902A9B4CF7A7E4C56F6B52FAC5223D203FEC0111C284CDE624D4E9467FC978" Last-Modified: Mon, 28 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=21565 Expires: Mon, 28 Nov 2022 23:56:58 GMT Date: Mon, 28 Nov 2022 17:57:33 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 34a57ab84fb751332ca12e99c5df668b Sha1: 69a507d33da23400e2192107727fb7fc238943ae Sha256: ff902a9b4cf7a7e4c56f6b52fac5223d203fec0111c284cde624d4e9467fc978
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3541 Cache-Control: max-age=144503 Date: Mon, 28 Nov 2022 17:57:33 GMT Etag: "63847a2f-1d7" Expires: Wed, 30 Nov 2022 10:05:56 GMT Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT Server: ECS (ska/F715) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 7ab2ef968cb6a3078f4b9cb2dda813d4 Sha1: e669116047ca058a2c1b2999ff0ea8682719162c Sha256: 6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: pHToPgACXNSlfHiNpGuaRg== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	35.162.110.205 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: mahWKlFwhxQuTNflQ8WI9tYhxn0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /css/global.css HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT content-length: 32 last-modified: Sat, 19 Nov 2022 18:45:24 GMT etag: "63792444-20" expires: Tue, 29 Nov 2022 05:57:33 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text Size: 32 Md5: 3be97ef1ca24eceb7420292999284fc0 Sha1: ad836458e436fe6a76e1cd22e270b54707f80ff7 Sha256: 7e16396ef8c0c1249aed9ed2a4120629a50e28070d8469030061cb3a71662ade Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
GET / HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	103.147.225.70 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT vary: Accept-Encoding set-cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb; path=/ expires: Thu, 19 Nov 1981 08:52:00 GMT cache-control: no-store, no-cache, must-revalidate pragma: no-cache strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 6478 Md5: 47c1303d9cf415ceb4e140ac29002ee2 Sha1: b32a78578e7d607828892d1b5642349f4a37e74c Sha256: ba8d4aaaafff3aafaaacd383ca635f7ebef444d56d9ad0a5ef1856a95ec43681 Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
GET /img/news/slide_2.png HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 404 Not Found content-type: text/html server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT content-length: 146 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 146 Md5: 8eec510e57f5f732fd2cce73df7b73ef Sha1: 3c0af39ecb3753c5fee3b53d063c7286019eac3b Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
GET /img/news/slide_3.png HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 404 Not Found content-type: text/html server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT content-length: 146 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 146 Md5: 8eec510e57f5f732fd2cce73df7b73ef Sha1: 3c0af39ecb3753c5fee3b53d063c7286019eac3b Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
GET /img/news/slide_4.png HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 404 Not Found content-type: text/html server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT content-length: 146 X-Firefox-Spdy: h2 --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Size: 146 Md5: 8eec510e57f5f732fd2cce73df7b73ef Sha1: 3c0af39ecb3753c5fee3b53d063c7286019eac3b Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0 Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
GET /favicon.ico HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: image/x-icon server: nginx date: Mon, 28 Nov 2022 17:57:34 GMT content-length: 27942 last-modified: Sun, 20 Nov 2022 18:25:44 GMT etag: "637a7128-6d26" strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 82x82, 32 bits/pixel\012- data Size: 27942 Md5: 2f1f476dde82603e6707cac6888ba940 Sha1: 1bc55159e0213251a2640ef6aa3617d7102cd9a5 Sha256: fe745f8e0bf523d857b573bf196a69770c0b1f7c95a3a132feadc23553bc9dac Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2225 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2225 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /js/jquery-1.11.1.min.js HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT last-modified: Tue, 15 Nov 2022 10:10:44 GMT vary: Accept-Encoding etag: W/"637365a4-1762a" expires: Tue, 29 Nov 2022 05:57:33 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 37889 Md5: b2dd5c254b29f73509aa6343dbd9c62b Sha1: 81403d006526e0e5f4ab2dc36031dcb2d68c5906 Sha256: fd2725806f1b3920fc2db32fa3f3e429e84dc7ff5047fbf2af92bfb95e829f02 Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2225 Expires: Mon, 28 Nov 2022 18:34:39 GMT Date: Mon, 28 Nov 2022 17:57:34 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /js/swiper.min.js HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT last-modified: Tue, 15 Nov 2022 10:08:20 GMT vary: Accept-Encoding etag: W/"63736514-1b38e" expires: Tue, 29 Nov 2022 05:57:33 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 34523 Md5: 5f3a78cee1c7c371d240ee940368df0b Sha1: 9dfd625bbb5df288d669cffe1771170edc69d3cb Sha256: 3f90694e458de7f03010b80c20010e6778c908080e3cd79ac346fbab118d1de8 Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F165667de-df17-4cc6-832c-94f49703bdf2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9430 x-amzn-requestid: 454ca8bd-a256-45f2-8b41-feee86c5af82 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR7wyGCIIAMFhgw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d99e-1488f8ce71a91ebc3ad6b7e0;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:41:50 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: NMMuQ1NNks65LJK_HDAK69MfCJ3pS0Y6VzBs8_5Oku64v4FSWADCdw== via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:46 GMT age: 71748 etag: "075531f525e625b117b2497f31139c9824d0e9c5" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9430 Md5: 1f434933b5bd6377d299ada22d1ae7ef Sha1: 075531f525e625b117b2497f31139c9824d0e9c5 Sha256: b587a3249e4f20112088608e3651c2ccbc44225a5c9d88d3bf5884d7f0e9029c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F36d8942f-c540-4112-a5a9-c7ac53a00a23.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6376 x-amzn-requestid: 25b82353-9c15-44c0-ada5-55f4697de935 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR6_KGeaoAMFb_Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d860-71711cca7c063030292c5e47;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: odmAWkNyUMevvXStu7zRJyckokhyBjUwu7-JSvj8by-JWJ9eAm9P5Q== via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:01:46 GMT age: 71748 etag: "53b12a8702f7c5b7cc697e2a24da824d9434be65" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6376 Md5: 78b1389f425425d0450c94d900404dc4 Sha1: 53b12a8702f7c5b7cc697e2a24da824d9434be65 Sha256: 0c1659ab3afc6e45f9e3acb12f8865bb99e4668f7df4501b1cc740e53f5b62ed
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7556 x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cR78KFTmoAMF4yg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0 x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 70UuQl2XCoplrZYENrKleE2mcvB-xP9zZGs8Tuh21NidSiHvA97sXw== via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:51:09 GMT age: 72385 etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7556 Md5: 7e5051d8c06f69e1842a9295ce256a36 Sha1: 1a542a53ba0b1cd0fb23257ebed8166555f16dfb Sha256: a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f2e6328-f3c1-4a69-b0b6-73920b885144.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8885 x-amzn-requestid: 71b8367f-f79f-42a7-bcb8-c441a154babf x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cGDTEFSeIAMF3rg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637f18e0-631b775d3430a8c30c3b4420;Sampled=0 x-amzn-remapped-date: Thu, 24 Nov 2022 07:10:24 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: jsmd6yxjJxLMEgv1jDa87iEoZXL2OuALsmUZ9Nxx1rUN-xOTdtN1-A== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google date: Mon, 28 Nov 2022 10:13:33 GMT age: 27841 etag: "70c2a238f06ca7e56ef80c83738e081bf0de3330" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8885 Md5: 3a1a4e00f1f15827cf651f373863c379 Sha1: 70c2a238f06ca7e56ef80c83738e081bf0de3330 Sha256: 3d936e1f0c96297f121faece12d6f8173e12eed5087165cd4eefc0fab368419f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa57bc6cf-beaa-443b-9756-cf26e4fe3767.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6954 x-amzn-requestid: af6ab88e-884f-4c3f-a2ba-241d8bd04670 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b8I_xG2SIAMF3xQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637b21fe-573bfad8002144b7637e80f0;Sampled=0 x-amzn-remapped-date: Mon, 21 Nov 2022 07:00:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: icdx5uaiqsWXMMoKgOwAV4sOfVhAw7oLi79yfweIw5_1pTTzI_qm_w== via: 1.1 b23fb37cd7fff033ab21e3284f558a28.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 22:24:15 GMT age: 70399 etag: "4b4a8c8e8aeccfff25d2748720dcef8fed287126" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6954 Md5: 2212cf75f99dc67fd45db47f7101d754 Sha1: 4b4a8c8e8aeccfff25d2748720dcef8fed287126 Sha256: 7b2d2e302faba8f273b51031fa48b444cb7839733b90e8c9d077ca63637320d8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdee4f5d4-5a5e-4a39-9681-50795cecc0f4.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10199 x-amzn-requestid: baee3bbe-7ded-425a-ae39-fccfc8169217 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cOo4iF1VIAMF09g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63828836-5522727b2f09b27e63b23270;Sampled=0 x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: CXOqm7bjsSV0aJBTkTI7LsMovjgPeISPt3sZotEc7CjZnUL_y4_OoQ== via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sun, 27 Nov 2022 21:42:14 GMT age: 72920 etag: "ae8aa4ce6ddaccba771fe65446926b60fc5628da" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10199 Md5: 2cd887044e91d7ed0f1a8d7119ff7dd0 Sha1: ae8aa4ce6ddaccba771fe65446926b60fc5628da Sha256: bad283c15531000b7a8c126d442154b64a880cc26196a46cbd2e6266a526db67
GET /img/blur_splash.png HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: image/png server: nginx date: Mon, 28 Nov 2022 17:57:34 GMT content-length: 48789 last-modified: Sat, 19 Nov 2022 17:56:56 GMT etag: "637918e8-be95" expires: Wed, 28 Dec 2022 17:57:34 GMT cache-control: max-age=2592000 strict-transport-security: max-age=31536000 accept-ranges: bytes X-Firefox-Spdy: h2 --- Additional Info --- Magic: PNG image data, 360 x 720, 8-bit colormap, non-interlaced\012- data Size: 48789 Md5: cc132d7dce11be576d7c17a358e7faaf Sha1: ec8d9d8b8476cf0b69dfac6b2c24e8de03bf0cce Sha256: a671794422a6fbede385687dfe032bfbea00dcc50066d90c2a7863b9b1aefbc6 Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed
POST /zy/api/api.php HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 6 Origin: https://dbspaylsh.art Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Mon, 28 Nov 2022 17:57:36 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
GET /zy/api/k.js HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT last-modified: Fri, 29 Jul 2022 12:55:30 GMT vary: Accept-Encoding etag: W/"62e3d8c2-7e3" expires: Tue, 29 Nov 2022 05:57:33 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
POST /zy/api/api.php HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 6 Origin: https://dbspaylsh.art Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Mon, 28 Nov 2022 17:57:37 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
POST /zy/api/api.php HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 6 Origin: https://dbspaylsh.art Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Mon, 28 Nov 2022 17:57:38 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
POST /zy/api/api.php HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 6 Origin: https://dbspaylsh.art Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/html; charset=UTF-8 server: nginx date: Mon, 28 Nov 2022 17:57:39 GMT vary: Accept-Encoding strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
GET /zy/api/i.js?ver=1669658254358 HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: application/javascript server: nginx date: Mon, 28 Nov 2022 17:57:35 GMT last-modified: Sun, 20 Nov 2022 16:13:22 GMT vary: Accept-Encoding etag: W/"637a5222-335f" expires: Tue, 29 Nov 2022 05:57:35 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - fortinet: Phishing - quad9: Sinkholed
GET /css/swiper.min.css HTTP/1.1 Host: dbspaylsh.art User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://dbspaylsh.art/ Cookie: PHPSESSID=5k87o39kaja5cpfmkj3ki879vb Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers	103.147.225.70 HTTP/2 200 OK content-type: text/css server: nginx date: Mon, 28 Nov 2022 17:57:33 GMT last-modified: Sat, 19 Nov 2022 18:45:24 GMT vary: Accept-Encoding etag: W/"63792444-4b85" expires: Tue, 29 Nov 2022 05:57:33 GMT cache-control: max-age=43200 strict-transport-security: max-age=31536000 content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: Size: 0 Md5: Sha1: Sha256: Blocklists: - openphish: DBS Bank Ltd - quad9: Sinkholed

URL	dbspaylsh.art/
IP	103.147.225.70 (Hong Kong)
ASN	#9744 XLC GLOBAL
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Access
Report completed	2022-11-28 17:57:43 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	41
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (8)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 103.147.225.70

Last 5 reports on ASN: XLC GLOBAL

Last 1 reports on domain: dbspaylsh.art

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (35)

Overview

Domain Summary (8)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 103.147.225.70

Last 5 reports on ASN: XLC GLOBAL

Last 1 reports on domain: dbspaylsh.art

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (5)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (35)

Network Intrusion Detection Systems