r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash be88d3e043e3b95b52e41812e50fb634
0318ba1ce487817ea7cba61dd9413bed29213800
b5f178d23e633283f226cca7a9ae79b01e6cab2299ff7065c980d3a9953212fd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B5F178D23E633283F226CCA7A9AE79B01E6CAB2299FF7065C980D3A9953212FD"
Last-Modified: Tue, 13 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10224
Expires: Wed, 14 Sep 2022 08:09:54 GMT
Date: Wed, 14 Sep 2022 05:19:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 14 Sep 2022 05:09:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ATmomrWjsF9a1gXMKBhExWdwWmvv0DHxsDy9Xu-G9dRnjscPElE-IQ==
Age: 603
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 14 Sep 2022 04:35:16 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: j_AptsOTdold7qSVvnd6JxylPOoOPaEqqeCtAmqd7lEka1CRIX2Ihg==
age: 2655
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 14 Sep 2022 05:19:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
mar69.com/
40.83.119.44301 Moved Permanently 169 B IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 0f952b73d3f5586637ea9a5a789d48f4
b29aff4ffa1d4decd77db5160f920e1c6417e5e9
69d11528ee32902d0c47ed215877f0610399536f755db03ed02a77ecedd74751
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:30 GMT
Content-Type: text/html
Content-Length: 169
Connection: keep-alive
Location: https://mar69.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 14 Sep 2022 05:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 14 Sep 2022 05:24:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 83a23d85c009b0c0e3626072e9f997fe.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: WZHDl34QxL67xk2qox286qvI2XC9HR_q8Y_rbf--qaRVI2n9bdvPFA==
Age: 968
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e96dbe1b54932c8f447bbbfc9d31cfb0
b15d4a54fbdf95b0af8bd34b6f8ef03055eef0cd
427326963ac1ef6ddeeaf52ab07807c694b82effa6111671ada8270b1faecdae
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6099
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:31 GMT
Last-Modified: Wed, 14 Sep 2022 03:37:52 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 7116ed91e09ba52b97a440d376530f34
b2452552f0b24f960f7cc3d5e51f5273c47edc10
ea339d2f64e0c2ded487e21a4390b38c0ff75969c1b8b649b87baf3a73db8790
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 05:19:31 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 13 Sep 2022 02:26:26 GMT
Expires: Tue, 20 Sep 2022 02:26:25 GMT
Etag: "b2452552f0b24f960f7cc3d5e51f5273c47edc10"
Cache-Control: max-age=507413,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74a6ab0bed14b515-OSL
push.services.mozilla.com/
35.155.157.101101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.155.157.101:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Oe9CXjzeYcrHfXFo4mDEqQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: MDkse8kMB6DtBbwm8FMDBzwoXjc=
mar69.com/
40.83.119.44200 OK 1.7 kB IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1768)
Hash e259364ab1a3c8b90a9c4442b0616def
82a2db8c511f54c62847b8e233c4cc1cf164d8ce
d5335aec7e733599a355662bc23d42ef6f15716f6511fca488225e23369af738
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:31 GMT
Content-Type: text/html
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6304bf56-15ca"
Content-Encoding: gzip
mar69.com/assets/js/manifest.e8a841db9b5340dbc070.js
40.83.119.44200 OK 2.6 kB URL HTTP/1.1 mar69.com/assets/js/manifest.e8a841db9b5340dbc070.js
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (2642), with no line terminators
Hash fe4d0ca54b74f0e05c3070298503e959
e897b34a7c00710f730c358f2b12ff9ecb2bb5e6
797e22609a520de9f11606ea6f6faf58e00261a2b3aef4a7c6b17f8a5123fcd6
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/manifest.e8a841db9b5340dbc070.js HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:32 GMT
Content-Type: application/javascript
Content-Length: 2642
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-a52"
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 05:19:32 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash fe792a43fbfd72d158215bb5fa087c19
5b28cebdebfdd33871fa4982f39a89f5ce3cbf99
ec9ddd9d47e4cd14bd7471042ce3060c1d119038dac5d1f02a4040c617228b0d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EC9DDD9D47E4CD14BD7471042CE3060C1D119038DAC5D1F02A4040C617228B0D"
Last-Modified: Mon, 12 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18996
Expires: Wed, 14 Sep 2022 10:36:08 GMT
Date: Wed, 14 Sep 2022 05:19:32 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 69d287fa3fde0ea0ad5ac42fc708fb7d
e93a0bcbb4d394a087a6fd2a95e31cd371186433
5bb5a92d6498fee73ada8b2b8cf79ca4f6a7cd7ce35bab9b877870a847f212cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F363e6209-41ce-41be-bd4b-698c502410aa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8523
x-amzn-requestid: facc0fcf-fc31-4c49-bf47-4992b0496f5b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yav8AG1cIAMFmiQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f9e6-3a07501574e592610dcd9d83;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:45:10 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: prZvx-ZAE5HYdtojrYvPoMswGvuaXjVPqY3oEmcwD5dUUXaaJHGpZA==
via: 1.1 7514e5e25722778fd4b1744d4ecc67e0.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:59:12 GMT
age: 26420
etag: "e93a0bcbb4d394a087a6fd2a95e31cd371186433"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2157f7cfbdeb607f28ae51eb090f2c3
33d0dcadaa42179b2eae914c8ad16c9c088afbc9
135cd89c2c82f0f5e53d2612d5eac868c175b28a567a07e63a2073942e36a066
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4d822c-5153-4c55-bcb3-aa6ee72e3b62.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6078
x-amzn-requestid: e09c099f-5a2d-49d7-b6ab-e16f09c28bd0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YavJEEM5IAMFreQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f8a0-0fbb7b3d0cd6fbfa04f5a5d2;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:39:44 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ur-HTN2DS8b3ojSQldJOZi6YW2wtCwRfbGqxg49ZUJ_00hC_rFxYEw==
via: 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:05:07 GMT
age: 26065
etag: "33d0dcadaa42179b2eae914c8ad16c9c088afbc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff3459e-f095-4850-a4fe-aaa75dd72d57.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff3459e-f095-4850-a4fe-aaa75dd72d57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 67104c4246b4621f998420b0e5ebbd53
2b7467d2a9e125599655986947027fe15f64dd9b
74870b17f8b2b4dd0fea0bb426edf6668de4b430c8e0cc2793d9251cd523ff61
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ff3459e-f095-4850-a4fe-aaa75dd72d57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10252
x-amzn-requestid: 0e87d69b-2097-473d-87ee-d0e38021633e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8DFKRoAMFnww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-189a00f437ca36611c4741f6;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:20 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: KvGATVp13MnXGeGsGHSRbnBuUEKlWWQyed9qtkT7jyQm7tBgKVOWOw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:02:39 GMT
age: 26213
etag: "2b7467d2a9e125599655986947027fe15f64dd9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0c9f83-0c77-48d8-9406-aadc344ec5eb.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0c9f83-0c77-48d8-9406-aadc344ec5eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fbc34e055f3f72baa6ed55ad86f43a35
dd077082f3da6b1ba6e2067984333e6191bc9116
32fd04fca7541ecd3ffc395286aaf66250f1b4bf45e2cd337515585dab8bed63
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faf0c9f83-0c77-48d8-9406-aadc344ec5eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7925
x-amzn-requestid: 2242598f-531e-4fa0-9ea2-1588c4ed68ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yau8DE5koAMFZ2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f84c-35c429676b6204b717a04806;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:38:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: QmtOAjxOWSMUzbAUMTbGZ-yA272AY89rFmF2Uiykhu1DCeXyfsKBDA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 22:02:40 GMT
etag: "dd077082f3da6b1ba6e2067984333e6191bc9116"
content-type: image/jpeg
age: 26212
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7be52d818b206e064541ef4f4b0786b
7674123112859fd79ee9214c5308ad6a5e4ed015
bb011cf1e3c97c42f22c0553b64c23f120fa52d4bc7b56b5bde5678226aff0ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7859b5f-1c86-429e-be16-f7b41657b096.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16980
x-amzn-requestid: 7c555cd5-4a33-452e-82d4-cac3282c0b0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYZfRHYOoAMFtIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320092e-0bbd43cc499db9ed24226439;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 04:38:06 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m4lRTnfzeQluGV3fqyeSS6yLeU8tcfijOqcqyVdZ2L2pENHfWdrUHg==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 09:39:44 GMT
age: 70788
etag: "7674123112859fd79ee9214c5308ad6a5e4ed015"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf2cc3c0-41be-4a1d-a9be-d6b88dd40b26.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf2cc3c0-41be-4a1d-a9be-d6b88dd40b26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd51b821b3aae8ff78457009b4f6ea05
9859aa273278b82069aa5526ee60a9f4e19a0a0c
504f91fe951f68e36254034ec2a4b01385f09cec0fd8b9e03f485c612393cb23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf2cc3c0-41be-4a1d-a9be-d6b88dd40b26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4995
x-amzn-requestid: 52f723b1-06bc-422a-9125-e0dca64efa65
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yauv4EcyoAMF8Jw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6320f7ff-781a76432cfc5a4a7aa6fd39;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 21:37:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: iA7z13Wn5CXuU6xhhxzi4E8deBj82xS3a88sDa3JDyv06LCMXlU6KQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 13 Sep 2022 21:41:46 GMT
age: 27466
etag: "9859aa273278b82069aa5526ee60a9f4e19a0a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
40.83.119.44200 OK 814 kB URL HTTP/1.1 mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 814 kB (813722 bytes)
Hash d9acf8cd47715ded90f0576a791e4266
15d6063f7f120aca8723b9d6876e068fb126a68e
2ab1f3455907071fe489357c79767dce135e0b981f0b053753bc6c6ccb46da74
GET /assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:31 GMT
Content-Type: text/css
Content-Length: 813722
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-c6a9a"
Accept-Ranges: bytes
mar69.com/components/font/font.css
40.83.119.44200 OK 1.7 kB URL HTTP/1.1 mar69.com/components/font/font.css
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1768)
Hash e259364ab1a3c8b90a9c4442b0616def
82a2db8c511f54c62847b8e233c4cc1cf164d8ce
d5335aec7e733599a355662bc23d42ef6f15716f6511fca488225e23369af738
GET /components/font/font.css HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:32 GMT
Content-Type: text/html
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6304bf56-15ca"
Content-Encoding: gzip
mar69.com/assets/js/app.a62a532580986d919118.js
40.83.119.44200 OK 1.2 MB URL HTTP/1.1 mar69.com/assets/js/app.a62a532580986d919118.js
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (61401), with no line terminators
Size 1.2 MB (1216673 bytes)
Hash 1c0567b7ed5bf168336063983eeec4c2
6658d92b0f6a8d3e21bce6f30076109350c82f93
440e5cace1abb157de4c1aee0a2d8146e338d0eaf0a7341fc9e7f9952ff564d9
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/app.a62a532580986d919118.js HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:32 GMT
Content-Type: application/javascript
Content-Length: 1216673
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-1290a1"
Accept-Ranges: bytes
mar69.com/assets/js/1.26a3d465e410c1a89ebe.js
40.83.119.44200 OK 200 kB URL HTTP/1.1 mar69.com/assets/js/1.26a3d465e410c1a89ebe.js
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type ASCII text, with very long lines (65536), with no line terminators
Size 200 kB (199978 bytes)
Hash cf7a42dda93bba7919ea289e205411ca
51ff80dbe48f1da0a4d8615e5a010ece88ad3479
70aa854ece7227dfefd05c8dae00b05d1c3880f2e30c978c1b24ee3d177f40b6
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/1.26a3d465e410c1a89ebe.js HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/javascript
Content-Length: 199978
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-30d2a"
Accept-Ranges: bytes
mar69.com/api/uc/system/website-information/find-one
40.83.119.44200 OK 8.8 kB URL HTTP/1.1 mar69.com/api/uc/system/website-information/find-one
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (2077)
Hash 1e9847ca8523e0d652b30c8a30ce2ccd
aad52fee7adfa542419f35270123c05f78b37043
cde239f2df825eb3507edae325c03fd72dafe2378377acb905d26ed4e7b6ec0d
Analyzer Verdict Alert fortinet Phishing
GET /api/uc/system/website-information/find-one HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-auth-token:
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Encoding: gzip
mar69.com/api/uc/coinaccuracy/get-accuracy
40.83.119.44200 OK 288 B URL HTTP/1.1 mar69.com/api/uc/coinaccuracy/get-accuracy
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text
Hash 50fac3c2c675b5a24f6e630cce89a3cf
ca0796e38409808223d56cd0a1c0324b3ef11291
6b8fe94a9d699f7f95e91e4fdc44097346c55b5b140489420ab9a2d3259fc900
Analyzer Verdict Alert fortinet Phishing
POST /api/uc/coinaccuracy/get-accuracy HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-auth-token:
X-Requested-With: XMLHttpRequest
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Encoding: gzip
cdn.livechatinc.com/tracking.js
104.69.222.203200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 104.69.222.203:0
ASN #20940 Akamai International B.V.
Hash 913ef981f71ce6640db864db05064bc5
021978e648dabea1c16d4b3fc913fe12a5271dd9
32c748436e4eec3aa1a3aedab10cf31d0132bed60bd8d4b6858fb70aa051ab5f
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:48 GMT
x-amz-version-id: _xG88gXidICys4xDpATfRKLYWxJ0cOXw
server: AmazonS3
content-encoding: br
etag: W/"007b32487b3fb040f15d1ea195bd2acb"
vary: Accept-Encoding
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: N0ubAHh-KtEyvx3--_NalezwqSGOWtTeizMB0b4uuIwT8YInzojUFA==
content-length: 25540
cache-control: max-age=28800
expires: Wed, 14 Sep 2022 13:19:34 GMT
date: Wed, 14 Sep 2022 05:19:34 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
mar69.com/assets/js/0.6b3b070ffe294320dcf9.js
40.83.119.44200 OK 601 kB URL HTTP/1.1 mar69.com/assets/js/0.6b3b070ffe294320dcf9.js
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (63734), with no line terminators
Size 601 kB (601427 bytes)
Hash aad7b1468713575fcf0a840ec4a2cfc9
53626faa2d20b560e6c11b15b29dc7f254968ab6
52fc4dbc89a05bf115579c77b653fb86d9c34e654529c210ee5e104131cb105c
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/0.6b3b070ffe294320dcf9.js HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/javascript
Content-Length: 601427
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-92d53"
Accept-Ranges: bytes
mar69.com/api/uc/check/login
40.83.119.44200 OK 93 B URL HTTP/1.1 mar69.com/api/uc/check/login
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text
Hash d63b5ada076dd40380514b689e89926e
5ef643b31c092440f28e5a49349429f93dd9227b
5996da5f0f213e984e98b4f81a9f9a1a3691bc4fbb4b3adad7d14cd5f9e0de62
Analyzer Verdict Alert fortinet Phishing
POST /api/uc/check/login HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-auth-token:
X-Requested-With: XMLHttpRequest
Content-Length: 0
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
Content-Encoding: gzip
mar69.com/assets/js/vendor.32318751a524992ab95b.js
40.83.119.44200 OK 24 kB URL HTTP/1.1 mar69.com/assets/js/vendor.32318751a524992ab95b.js
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format, TrueType, length 24380, version 0.0\012- data
Hash 0f5768b16a09b3749a6c17cec6c01d50
b4174e270b8861645b9e026923034ef16063c4a3
dff4a26cec5435644347949d6e5c3efc9bbd8910a2bccb8d5f907df53b7c2068
Analyzer Verdict Alert fortinet Phishing
GET /assets/js/vendor.32318751a524992ab95b.js HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:32 GMT
Content-Type: application/javascript
Content-Length: 1252889
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-131e19"
Accept-Ranges: bytes
mar69.com/oss/382d99e6-3961-4dc3-aa49-6bb9f0f6de74.png
40.83.119.44200 OK 15 kB URL HTTP/1.1 mar69.com/oss/382d99e6-3961-4dc3-aa49-6bb9f0f6de74.png
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 320 x 70, 8-bit/color RGBA, non-interlaced\012- data
Hash f649aaefcf6fea57a33b6e4ed96a179b
f3a55c7da2eca1dce56085920b4f0f27ce41ddca
d494561b5299a63ab3b7552faf2cb692757aee38fad89cc0f1e9647c6186122c
GET /oss/382d99e6-3961-4dc3-aa49-6bb9f0f6de74.png HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: image/png
Content-Length: 14990
Connection: keep-alive
Accept-Ranges: bytes
Content-Security-Policy: block-all-mixed-content
ETag: "00000000000000000000000000000000-1"
Last-Modified: Tue, 12 Oct 2021 08:48:30 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1714A25E6B156AA7
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
mar69.com/api/uc/initData
40.83.119.44200 OK 383 B URL HTTP/1.1 mar69.com/api/uc/initData
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text
Hash 109ebfe74c80dc6f546aead6ee5ab272
67b14fa3b826c67359a29a4ccf1b2db6ba814b8e
acd26c463a9d899ad0102582d0dd6c5eca264d0f7df627f12a6be0d918fdfe2f
Analyzer Verdict Alert fortinet Phishing
POST /api/uc/initData HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-auth-token:
X-Requested-With: XMLHttpRequest
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
x-auth-token: 73a7ab48-b33f-46f8-83e5-1c4817b88fbf
Content-Encoding: gzip
mar69.com/api/exchange/exchange-rate/usd/usdt
40.83.119.44200 OK 82 B URL HTTP/1.1 mar69.com/api/exchange/exchange-rate/usd/usdt
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 145ab00b0d1d7f41c7a042c941ea2a14
41547555889169a7409461cd237082e29acf6853
037ff25f184bed3acbd79518c0cdbab0cee753f3c8aad8130d74471f068154eb
Analyzer Verdict Alert fortinet Phishing
POST /api/exchange/exchange-rate/usd/usdt HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
X-Requested-With: XMLHttpRequest
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Content-Length: 0
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
Content-Encoding: gzip
mar69.com/api/uc/ancillary/system/advertise
40.83.119.44200 OK 90 B URL HTTP/1.1 mar69.com/api/uc/ancillary/system/advertise
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash 4b34e26bbcef90445138826b506c0474
0bc88f03de2feebbf2efe752d2f5baa6e6d503b7
7ac3e186ef3ff432c638092e9d66540d3c8645fe1643f4cb4b004ab030d504fd
Analyzer Verdict Alert fortinet Phishing
POST /api/uc/ancillary/system/advertise HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
X-Requested-With: XMLHttpRequest
Content-Length: 33
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Encoding: gzip
mar69.com/api/uc/announcement/page
40.83.119.44200 OK 394 B URL HTTP/1.1 mar69.com/api/uc/announcement/page
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , Unicode text, UTF-8 text
Hash 0066eee88c21da59825f58f4df7be1bd
3e243347e594cb8496db49a5ac5a8557b99f423b
29dad4236859f9bb70a3692b5f5e610b098011336f63ecee06d3b6ad7f7d6e09
Analyzer Verdict Alert fortinet Phishing
POST /api/uc/announcement/page HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
X-Requested-With: XMLHttpRequest
Content-Length: 27
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Pragma: no-cache
Expires: 0
X-Frame-Options: DENY
Content-Encoding: gzip
mar69.com/assets/fonts/ionicons.143146f.woff2
40.83.119.44200 OK 82 kB URL HTTP/1.1 mar69.com/assets/fonts/ionicons.143146f.woff2
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type Web Open Font Format (Version 2), TrueType, length 82216, version 1.0\012- data
Hash 143146fa24554ae2c5ac0a3982abb952
3c8023fb37786aa29345fc13c6f654734ac9cc0f
503dc6b7a4b1ef89aac99bf92eab623f06d00ca212630514b660fa6ee52c437c
Analyzer Verdict Alert fortinet Phishing
GET /assets/fonts/ionicons.143146f.woff2 HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: font/woff2
Content-Length: 82216
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Connection: keep-alive
ETag: "6304bf56-14128"
Accept-Ranges: bytes
mar69.com/api/exchange/symbol-thumb-trend
40.83.119.44200 OK 2.2 kB URL HTTP/1.1 mar69.com/api/exchange/symbol-thumb-trend
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (6537), with no line terminators
Hash beedf7ec4d87cdb633cc8fbc30220246
be2c3de2ab1d9ae0220f7a8e08a112bc47073272
6f98f109d884d71328fa081451c46f2306992ed154077d1d2ed6687eac79efa6
Analyzer Verdict Alert fortinet Phishing
POST /api/exchange/symbol-thumb-trend HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
X-Requested-With: XMLHttpRequest
Content-Length: 0
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
Content-Encoding: gzip
mar69.com/api/exchange/btc/trend
40.83.119.44200 OK 1.2 kB URL HTTP/1.1 mar69.com/api/exchange/btc/trend
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (2677), with no line terminators
Hash 4a95b1668ffb58da381452b4d3f2299e
75fd28845736d7ba8f953ede5b817a40573188e4
9e90395ccc8dd2d3dcf883292d0a198189184d88752022ccdc79cf1214b1ed29
Analyzer Verdict Alert fortinet Phishing
POST /api/exchange/btc/trend HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
x-auth-token: 6106b88b-9eeb-4028-b10a-6a6c582f710c
X-Requested-With: XMLHttpRequest
Content-Length: 0
Origin: https://mar69.com
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: application/json
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: https://mar69.com
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
Content-Encoding: gzip
mar69.com/assets/img/bannerbg.219c98f.png
40.83.119.44200 OK 34 kB URL HTTP/1.1 mar69.com/assets/img/bannerbg.219c98f.png
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 1920 x 491, 4-bit colormap, non-interlaced\012- data
Hash b7b4ac409b678c75f8ef2a37b1ec136c
b1c302818f9ec3ad1a8e615ff74cd91acba82ef6
11de8ea6318b4ca7e610809347afcaaf4348b54d1ca5fbbdb2675e7d98cf1ec9
GET /assets/img/bannerbg.219c98f.png HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6304bf56-8689"
Content-Encoding: gzip
mar69.com/assets/img/app-download.f9f2675.jpg
40.83.119.44200 OK 30 kB URL HTTP/1.1 mar69.com/assets/img/app-download.f9f2675.jpg
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=1, copyright=\377\341\005Qhttp://ns.adobe.com/xap/1.0/], baseline, precision 8, 1920x516, components 3\012- data
Hash 142add8d2dd7b481144a1ce460f43c60
dae3032dd288846e62485cd8e7539e066014b564
9b603d0a58b9c845f7c1c734dec0e5d7a2ed8eabfd1e6b5d3f9af1ea4bb7f566
GET /assets/img/app-download.f9f2675.jpg HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: image/jpeg
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6304bf56-9786"
Content-Encoding: gzip
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13278714&url=https%3A%2F%2Fmar69.com%2F%23%2F&channel_type=code&jsonp=__3wvttb8p7wq
95.101.10.171200 OK 263 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=13278714&url=https%3A%2F%2Fmar69.com%2F%23%2F&channel_type=code&jsonp=__3wvttb8p7wq
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 48cd4c33945c36822dbbf9559b5222aa
8ece494e89876334a5b7c30647796d638ad1937d
3d73d84f6e275bc1c8c7c1416b3fd4dfa497b7d017068ce1f085f844045fe9ae
GET /v3.3/customer/action/get_dynamic_configuration?license_id=13278714&url=https%3A%2F%2Fmar69.com%2F%23%2F&channel_type=code&jsonp=__3wvttb8p7wq HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: frame-ancestors https://mar69.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://mar69.com/
content-length: 263
date: Wed, 14 Sep 2022 05:19:34 GMT
X-Firefox-Spdy: h2
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash 8afc64cb06b84270cad335a0f74746e4
ee77dbfa02c2c658bb0ddb172f53724876744b08
cb27f08c1a355238411f6e68b114d4c2da3a005406b97f18f0e2fad3c69996e1
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 14 Sep 2022 05:19:35 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 18 Sep 2022 01:48:31 GMT
ETag: "ee77dbfa02c2c658bb0ddb172f53724876744b08"
Last-Modified: Wed, 14 Sep 2022 01:48:32 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2738
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74a6ab240d57fabc-OSL
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13278714&version=356.3.3.194.63.74.2.4.4.1.3.4&group_id=0&jsonp=__lc_static_config
95.101.10.171200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=13278714&version=356.3.3.194.63.74.2.4.4.1.3.4&group_id=0&jsonp=__lc_static_config
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4564), with no line terminators
Hash 43367bd7f979aa815167f431613d56cf
ec422a8e93a8aa7c732418e587ca4cf7485d4e5d
8009bc087d65995f409892f62306d30ce911033e7f8bf3f6e55e07c83259d6fb
GET /v3.3/customer/action/get_configuration?license_id=13278714&version=356.3.3.194.63.74.2.4.4.1.3.4&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1638
cache-control: public, max-age=600
expires: Wed, 14 Sep 2022 05:29:35 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
X-Firefox-Spdy: h2
mar69.com//api/exchange/market-ws/info?t=1663132761528
40.83.119.44200 OK 79 B URL HTTP/1.1 mar69.com//api/exchange/market-ws/info?t=1663132761528
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with no line terminators
Hash 1882272d4c69659588b6eabeff3106e3
e39b2de1ae13cc57974459528c0686c3b268ef0e
fc439e20e59114766887036ffbe32a0a1c6302ced82519268104b9eaf0fb9505
GET //api/exchange/market-ws/info?t=1663132761528 HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:35 GMT
Content-Type: application/json;charset=UTF-8
Content-Length: 79
Connection: keep-alive
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
Cache-Control: no-store, no-cache, must-revalidate, max-age=0
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13278714&version=ff93808ef52c6dd040640c4853b854bd_41552a0d10fd9ba9aebeeaaca4ff69d3&language=en&group_id=0&jsonp=__lc_localization
95.101.10.171200 OK 3.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=13278714&version=ff93808ef52c6dd040640c4853b854bd_41552a0d10fd9ba9aebeeaaca4ff69d3&language=en&group_id=0&jsonp=__lc_localization
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (10855), with no line terminators
Hash 99a6988ccd58441f4d29fed02a607c9f
6e950ca76ac38170e2e39ecc96283aa77ef8caae
ef314c29d989405921736dbed40f27c7fc67e51d416bcfd41440ba7a707a86cc
GET /v3.3/customer/action/get_localization?license_id=13278714&version=ff93808ef52c6dd040640c4853b854bd_41552a0d10fd9ba9aebeeaaca4ff69d3&language=en&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 3773
cache-control: public, max-age=557
expires: Wed, 14 Sep 2022 05:28:52 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=13278714&group=0&embedded=1&widget_version=3&unique_groups=0
95.101.10.171200 OK 2.0 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=13278714&group=0&embedded=1&widget_version=3&unique_groups=0
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Hash 6975fc9733be12516047d02256294684
d7d3d381d40b2fc3004bb3d1efbd9b54824466b4
4b673d4636d0081533e90b9bf9a9217d1405207d271aaeced82f90e59a3845d8
GET /customer/action/open_chat?license_id=13278714&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1968
date: Wed, 14 Sep 2022 05:19:35 GMT
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
104.69.222.203200 OK 66 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
IP 104.69.222.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 2737ce8ae09ed9db76b65ccb78d0aad7
f99b3445ed0bc7343ea1fdce02ab552ee587a280
f68f3299d0c084a0eeb74ecaa22cdfe4bd53b47884ac372c1048c1043a21b0de
GET /widget/static/js/0.96a16c18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 12:23:44 GMT
etag: W/"6a835528d087d08b1f0fe0642cb6d223"
x-amz-version-id: D3auGCHl.1EBD8fIsGg0TVEJ4vGgzVLu
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: qoOUokdRdvMQMsSm7bxvwUzj-xD0hpe4vQmaK72oVr9w4YrcpxrMWQ==
content-length: 66272
cache-control: max-age=31536000
expires: Thu, 14 Sep 2023 05:19:35 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.222338d2.chunk.js
104.69.222.203200 OK 134 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.222338d2.chunk.js
IP 104.69.222.203:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 134 kB (134381 bytes)
Hash 15833ab236abbee9fc54fb7f73166b9f
27e1adc3a3c0f25d0cb79b561ec9fb658f922013
29286ec76a48a9c2164e7070bcc58a21a6a3c0f6477df1d0d7169d43c1311a25
GET /widget/static/js/iframe.222338d2.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:50 GMT
etag: W/"8aed37a370cde495e3ad2a56bc68002c"
x-amz-version-id: Zm7dFJHNhyR_7Soj8ZD0e520uRRz8f2v
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: -FUywuWfFex7fyWEhiDJqoacQOISn6YJ0cZNVdEQx3of7oPZmjdbAA==
content-length: 134381
cache-control: max-age=31536000
expires: Thu, 14 Sep 2023 05:19:35 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mar69.com/assets/img/phone_img.9c0182f.png
40.83.119.44200 OK 116 kB URL HTTP/1.1 mar69.com/assets/img/phone_img.9c0182f.png
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type PNG image data, 476 x 506, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115749 bytes)
Hash ddec2a5823ff01dc7bc556b79adf4c62
e7dc2877543354e1ac85ac51a5cf6506a09bb546
c78c926eb7d93b2dbfa42bf01be8edcce1ab6fe98ed95b4a30078182b37d4b30
GET /assets/img/phone_img.9c0182f.png HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/assets/css/app.39077bfd0a7c64531c2eb3d75537a62d.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:34 GMT
Content-Type: image/png
Last-Modified: Tue, 23 Aug 2022 11:51:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"6304bf56-1c416"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abea4dc307fd4da34aac369f4316657c
ef7be7963fa8154c83b78d6ca8518b8448f079ff
1c50a6b2765a5108f31d7a31c98c62d293440c84e8bf63f9dac685be9e3d77d5
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:03:13 GMT
expires: Tue, 12 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 116182
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 12 Sep 2022 21:03:15 GMT
expires: Tue, 12 Sep 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 116180
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash b7e665b6b70fa840ee6a1417da402132
658fa05afcf7752e8cb02979c28874efb0f4ddd8
9905cee109c441b937300b368ceccd186877a0923164bf3e1eb0971a2a224400
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 14 Sep 2022 05:19:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mar69.com/oss/f27a5810-b5e1-439c-a1ec-c14a6726876e.x-icon
40.83.119.44200 OK 4.3 kB URL HTTP/1.1 mar69.com/oss/f27a5810-b5e1-439c-a1ec-c14a6726876e.x-icon
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 65a929417342791f95c0041907845cc8
f7a6c1f44eede1f023914c4d8aa56f73cf51d0aa
89633cb12f839a43213d15d7993b8207e03e447bc4eb61bc7d2e28c8d4fdc361
Analyzer Verdict Alert fortinet Phishing
GET /oss/f27a5810-b5e1-439c-a1ec-c14a6726876e.x-icon HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:35 GMT
Content-Type: application/octet-stream
Content-Length: 4286
Connection: keep-alive
Accept-Ranges: bytes
Content-Security-Policy: block-all-mixed-content
ETag: "00000000000000000000000000000000-1"
Last-Modified: Tue, 12 Oct 2021 10:26:26 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1714A25EB6142603
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13278714
95.101.10.202101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=13278714
IP 95.101.10.202:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=13278714 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JAbsKk6E7vB4faz9efQzRg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: 1AVVB6iFeM9uNSr6l2c3esdpgSY=
legacy: 2023-06-30
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
Date: Wed, 14 Sep 2022 05:19:35 GMT
Upgrade: websocket
Connection: Upgrade
accounts.livechatinc.com/customer/token
95.101.10.171200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 95.101.10.171:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash b2bfbe5b9616823898d07d498b04d5f5
0a93be2c695a965418bbd10aa414573d8aeb4d21
4b1b8a5cfe4f15af00d12cd78ce526fe45d4bf8db83a3967ec3b38c384b405b9
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Wed, 14 Sep 2022 05:19:35 GMT
set-cookie: __lc_cid=7e1e6a5e-a615-4235-78c9-352ed46b1d8a; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 14 Sep 2024 05:19:35 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=d683896ee655f31f7177a554889e4000b5c25d8f85b9b5082391a9c9526c04bb0f1312d5885843f9c52963b17f4c66c8a8d7d7dd19bab372c0ccc26b37d1; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 14 Sep 2024 05:19:35 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=7e1e6a5e-a615-4235-78c9-352ed46b1d8a; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 14 Sep 2024 05:19:35 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=d683896ee655f31f7177a554889e4000b5c25d8f85b9b5082391a9c9526c04bb0f1312d5885843f9c52963b17f4c66c8a8d7d7dd19bab372c0ccc26b37d1; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Sat, 14 Sep 2024 05:19:35 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1663132805&tag=56e528ee1360f42c45239c2cfeb0ef2d0af0f5a6; Path=/; Expires=Wed, 14 Sep 2022 05:20:05 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
mar69.com//api/exchange/market-ws/469/gwasuutz/websocket
40.83.119.44101 Switching Protocols 0 B URL HTTP/1.1 mar69.com//api/exchange/market-ws/469/gwasuutz/websocket
IP 40.83.119.44:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET //api/exchange/market-ws/469/gwasuutz/websocket HTTP/1.1
Host: mar69.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://mar69.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eZXbcUtzadLiyHv+orGJ0Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Server: nginx/1.20.1
Date: Wed, 14 Sep 2022 05:19:35 GMT
Connection: upgrade
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS, DELETE, PATCH
Access-Control-Allow-Headers: *
Access-Control-Expose-Headers: *
Access-Control-Max-Age: 18000L
upgrade: websocket
sec-websocket-accept: V240sQe2/Rvc9un+/VHR9/OzDyo=
coinexchange.oss-cn-hangzhou.aliyuncs.com/bannerimg.png
47.110.23.127200 OK 116 kB URL HTTP/1.1 coinexchange.oss-cn-hangzhou.aliyuncs.com/bannerimg.png
IP 47.110.23.127:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 2000 x 107, 8-bit/color RGBA, non-interlaced\012- data
Size 116 kB (115692 bytes)
Hash 33da78de4829252c7d7055e1cf90cd76
4908a0c8471707aed26c61683b3470c0840d07d0
40131dff508c32d466b2ee6467d5df745449e2ae7117042e3e320d0a1cffc3dd
GET /bannerimg.png HTTP/1.1
Host: coinexchange.oss-cn-hangzhou.aliyuncs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://mar69.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: AliyunOSS
Date: Wed, 14 Sep 2022 05:19:35 GMT
Content-Type: image/png
Content-Length: 115692
Connection: keep-alive
x-oss-request-id: 63216467DF7271333541C2B6
Accept-Ranges: bytes
ETag: "33DA78DE4829252C7D7055E1CF90CD76"
Last-Modified: Mon, 24 Aug 2020 08:36:33 GMT
x-oss-object-type: Normal
x-oss-hash-crc64ecma: 3635289276384272319
x-oss-storage-class: Standard
Content-Disposition: attachment
x-oss-force-download: true
Content-MD5: M9p43kgpJSx9cFXhz5DNdg==
x-oss-server-time: 11
fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
IP 142.250.74.10:0
GET /css?family=Noto+Sans:400,700&subset=latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 14 Sep 2022 05:19:35 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/2.ae17a60b.chunk.js
104.69.222.203200 OK 0 B URL HTTP/2 cdn.livechatinc.com/widget/static/js/2.ae17a60b.chunk.js
IP 104.69.222.203:0
ASN #20940 Akamai International B.V.
GET /widget/static/js/2.ae17a60b.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 08 Sep 2022 10:40:49 GMT
x-amz-version-id: bpU.37FnIOPFeqPnyYN2_ycnjcD2Lb3N
server: AmazonS3
content-encoding: br
etag: W/"e6fe58bbd66bcb579db091bb3857594b"
vary: Accept-Encoding
x-amz-cf-pop: ARN54-C1
x-amz-cf-id: x18PbEeHGwD92ztuOVoobT6ZknWb3Ly5x2THTqjM-qvB6CFnf5suxw==
content-length: 94143
cache-control: max-age=31536000
expires: Thu, 14 Sep 2023 05:19:35 GMT
date: Wed, 14 Sep 2022 05:19:35 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2