Report - news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f

Report Overview

Submitted URL
news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
IP
92.204.132.9
ASN
#398108 GO-DADDY-COM-LLC
Submitted
2022-11-28 02:38:57
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
30

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	4.9 kB	142.250.74.35
fonts.googleapis.com	8877	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.2 kB	142.250.74.10
news.klickboost.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	12 kB	644 kB	92.204.132.9
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	100.20.30.105
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	78 kB	216.58.207.195
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	65 kB	34.120.237.76

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-28	medium	news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f	Phishing
2022-11-28	medium	news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f	Phishing
2022-11-28	medium	news.klickboost.com/assets/css/bootstrap.min.css?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/css/skin-purple.css?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/frontend/assets/cache/575e20a9/jquery-migrate.min.js	Phishing
2022-11-28	medium	news.klickboost.com/frontend/assets/cache/575e20a9/jquery.min.js	Phishing
2022-11-28	medium	news.klickboost.com/assets/js/bootstrap.min.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/frontend/assets/css/style.css?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/js/notify.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/js/knockout.min.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/js/cookie.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/js/app.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/css/ionicons/css/ionicons.min.css?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/frontend/assets/js/app.js?av=be757761	Phishing
2022-11-28	medium	news.klickboost.com/assets/css/adminlte.css?av=be757761	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (9)

	URL	Size	First Seen	Last Seen
	news.klickboost.com/frontend/assets/cache/575e20a9/jquery-migrate.min.js	14 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/frontend/assets/cache/575e20a9/jquery-migrate.min.js IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:00 Last Seen2024-04-24 13:09:56 Times Seen1109 Hash a36b8e9cbfb4a675225aa408c4d15c0c fcd46de9c99e71ed586a850d877fd3b01e8269fd 16eb18d9c6303cdd50ac58db5b2b116c5dcc4c43c89424f268f6d13fc599fb19 Loading...

	news.klickboost.com/frontend/assets/cache/575e20a9/jquery.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL news.klickboost.com/frontend/assets/cache/575e20a9/jquery.min.js IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-25 03:36:03 Times Seen261087 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	news.klickboost.com/assets/js/bootstrap.min.js?av=be757761	29 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/bootstrap.min.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:10 Last Seen2024-04-24 18:20:57 Times Seen9724 Hash ba847811448ef90d98d272aeccef2a95 5814e91bb6276f4de8b7951c965f2f190a03978d 898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1 Loading...

	news.klickboost.com/assets/js/adminlte.js?av=be757761	9.8 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/adminlte.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 13:09:55 Times Seen1582 Hash add5b3f0900365f3b4240664da17760e 7cbd53bfcf830e7c150d6bb55efcc2832e7543e7 42338bc162a705b04953fc72340216dbefb55cf12ec1a6e7cad04e5e680e26bc Loading...

	news.klickboost.com/assets/js/cookie.js?av=be757761	4.9 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/cookie.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 13:09:56 Times Seen1586 Hash 449dd3907404cead5d8ba6203b3550dc c9bb690411c3f46145f8ea137e6783929d8c27aa 3585a42757908ba2ace27f41b01256f6cf4ffb9679f7ac0ff8957817d5ccfde1 Loading...

	news.klickboost.com/assets/js/app.js?av=be757761	2.8 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/app.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-24 13:09:56 Times Seen893 Hash 3ade0b17b1b7c3d1c27aba12ceeda1d3 f8c1fe63c016a077e1545d123eb4db8e8a690c6d cf55d95ad63c72f2eeb219da669cc848cc3022fa4a4798d62ed19ed342460cbe Loading...

	news.klickboost.com/assets/js/notify.js?av=be757761	5.6 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/notify.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-24 13:09:56 Times Seen1043 Hash 9a19754fbd746ae6b603286c3a971e55 c45b906ec95326202c2a8e13545b5c17e92bbdc7 d1416dc4293eaae9e4aac8d5267fb0d5dcb35d9dbc44b63278f75750a1f9cc22 Loading...

	news.klickboost.com/assets/js/knockout.min.js?av=be757761	60 kB	2023-03-07	2024-04-24
Pretty URL news.klickboost.com/assets/js/knockout.min.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:08 Last Seen2024-04-24 10:01:46 Times Seen1167 Hash fa8662c7a8415d0355f444eaff534845 b60c2c301c280378b4d51769cb20a46e65989c73 972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb Loading...

	news.klickboost.com/frontend/assets/js/app.js?av=be757761	464 B	2023-03-07	2024-04-22
Pretty URL news.klickboost.com/frontend/assets/js/app.js?av=be757761 IP 92.204.132.9 ASN #398108 GO-DADDY-COM-LLC Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:51 Last Seen2024-04-22 14:23:19 Times Seen1004 Hash 63407331c21d5d542d65b0db1806572b 5571a79924a1a0d063a01ecdd1e16758c05c4e46 da13c80125e8103e470f9982aabe33d0176ae23e6ff5d74a7909fc13e36d73d8 Loading...

HTTP Transactions (48)

URL IP Response Size

news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f

92.204.132.9

301 Moved Permanently

305 B

URL HTTP/1.1
news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
305 B (305 bytes)
Hash
0dfec8f29e499835f0050ad1df3c07ce
0df3c04632a5a709c82a1cc82290c0423ffcbce0
a39349a945a16313da4bad010eb4b873f5155e774ff5b02b06ac22df4f77d771

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Mon, 28 Nov 2022 02:38:46 GMT
Server: Apache
Location: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Content-Length: 305
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
150792cfc458af013998f4ef6bdf5f74
d5179b2dcb11d06f82606bf6eb6648319998d63e
72937c756d3feeae6d04a6f445398b0436bdf559f8c7437e3a3233263943900e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "72937C756D3FEEAE6D04A6F445398B0436BDF559F8C7437E3A3233263943900E"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11642
Expires: Mon, 28 Nov 2022 05:52:48 GMT
Date: Mon, 28 Nov 2022 02:38:46 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
64b2a23eab6e5ae8c010ec7242be930c
0673e4385ba01a5a245711bab96cafc34f765793
64751d193f7af72431e9689581faffcae1a30ff50ea425697b2b80ff61c87909

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6333
Cache-Control: max-age=121079
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Etag: "63833c71-1d7"
Expires: Tue, 29 Nov 2022 12:16:46 GMT
Last-Modified: Sun, 27 Nov 2022 10:31:13 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3b56944f0e5716fd4fad2ec18994d4be
61cafa4de31ba960d1145ec37272f6f6b6944e0c
4fd46b0b6a2ea24f5ce175985a3933c04b4c01bd3e32bee2e50a61a65eef7af4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4FD46B0B6A2EA24F5CE175985A3933C04B4C01BD3E32BEE2E50A61A65EEF7AF4"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14306
Expires: Mon, 28 Nov 2022 06:37:13 GMT
Date: Mon, 28 Nov 2022 02:38:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 28 Nov 2022 02:17:45 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 1262
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: XxfEnlTCBEMnunBkmD7wE0m1kwe31c1QPmUwvZ027uthVqWvp9X9NNllSgtoh2tVfJXZLRgz/5A=
x-amz-request-id: HHXMATQPJZF7GMME
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 28 Nov 2022 01:41:52 GMT
age: 3415
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 28 Nov 2022 02:38:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f

92.204.132.9

200 OK

6.8 kB

URL HTTP/1.1
news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
6.8 kB (6793 bytes)
Hash
71acdc8f19aa98acc49df0c6e8b74948
ce5859220d0eac65b15a9ec453d75c652a82bb84
10bf073cc949b581c28d0d3fa074832e8a5bd7769f3006fdc7a1a5d32e654937

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
X-XSS-Protection: 1; mode=block
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; path=/; HttpOnly
csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B; path=/; HttpOnly; SameSite=Lax
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 28 Nov 2022 02:11:12 GMT
cache-control: public,max-age=3600
age: 1655
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a6fee11dfe1b88cd768a0ca3e2bd0c89
59cec9a44a4a92467678afe65f347f68641a2174
50870c499aae4d5dfd6df25a36cd04b6d185b66ef0590e46933984bf52e2483f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6453
Cache-Control: max-age=116138
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Etag: "638328ac-1d7"
Expires: Tue, 29 Nov 2022 10:54:25 GMT
Last-Modified: Sun, 27 Nov 2022 09:06:52 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
dfc6d93c89faf83ac654cd676c02764d
ce10d3ff46b50f22f7f79a7df65b0b7a6ddb741d
83947c7c69062338e3712fe76a493a2798aa2d1f63709eac14ba908d71080dd0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
5af61422c4eaa1b995ec63e463abda26
db75634681ed688840773ce828c169ac9da7d131
506791493bb08d458008ad072ac34a26c2170c1e775b83f55f20cd8af97aa895

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news.klickboost.com/assets/css/bootstrap.min.css?av=be757761

92.204.132.9

200 OK

100 kB

URL HTTP/1.1
news.klickboost.com/assets/css/bootstrap.min.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65366)
Size
100 kB (99961 bytes)
Hash
8a7442ca6bedd62cec4881040b9a9e83
e2d2b846e9ea72a1985458a3748aab4e01a8fb3a
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/bootstrap.min.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:02 GMT
Accept-Ranges: bytes
Content-Length: 99961
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css

news.klickboost.com/assets/css/skin-purple.css?av=be757761

92.204.132.9

200 OK

3.4 kB

URL HTTP/1.1
news.klickboost.com/assets/css/skin-purple.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
3.4 kB (3432 bytes)
Hash
ec9621d55d4820b908f9b971d3bf4ba8
a03f838c4df133aeb5d5bba5318dea4d5dc2d363
690f880c38ac7d32ebb2e369b1fd65faee9e34ea9cbb566cc9e51477bbcf10bc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/skin-purple.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:03 GMT
Accept-Ranges: bytes
Content-Length: 3432
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

push.services.mozilla.com/

100.20.30.105

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
100.20.30.105:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: bguivgNTbcIePCQDa75/Ow==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: g/m2kVdUludKVoEv9bNYr388K7s=

news.klickboost.com/assets/css/font-awesome/css/font-awesome.min.css?av=be757761

92.204.132.9

200 OK

28 kB

URL HTTP/1.1
news.klickboost.com/assets/css/font-awesome/css/font-awesome.min.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (27303)
Size
28 kB (27466 bytes)
Hash
4fbd15cb6047af93373f4f895639c8bf
12d6861075de8e293265ff6ff03b1f3adcb44c76
ddd92f10ad162c7449eff0acaf40598c05b1111739587edb75e5326b6697c5d5

HTTP Headers

GET /assets/css/font-awesome/css/font-awesome.min.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:26:04 GMT
Accept-Ranges: bytes
Content-Length: 27466
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

news.klickboost.com/frontend/assets/cache/575e20a9/jquery-migrate.min.js

92.204.132.9

200 OK

14 kB

URL HTTP/1.1
news.klickboost.com/frontend/assets/cache/575e20a9/jquery-migrate.min.js
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (13326)
Size
14 kB (13467 bytes)
Hash
a36b8e9cbfb4a675225aa408c4d15c0c
fcd46de9c99e71ed586a850d877fd3b01e8269fd
16eb18d9c6303cdd50ac58db5b2b116c5dcc4c43c89424f268f6d13fc599fb19

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/cache/575e20a9/jquery-migrate.min.js HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:48:08 GMT
Accept-Ranges: bytes
Content-Length: 13467
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/frontend/assets/cache/575e20a9/jquery.min.js

92.204.132.9

200 OK

90 kB

URL HTTP/1.1
news.klickboost.com/frontend/assets/cache/575e20a9/jquery.min.js
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (65447)
Size
90 kB (89501 bytes)
Hash
8fb8fee4fcc3cc86ff6c724154c49c42
b82d238d4e31fdf618bae8ac11a6c812c03dd0d4
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/cache/575e20a9/jquery.min.js HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:48:08 GMT
Accept-Ranges: bytes
Content-Length: 89501
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/js/bootstrap.min.js?av=be757761

92.204.132.9

200 OK

29 kB

URL HTTP/1.1
news.klickboost.com/assets/js/bootstrap.min.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (28941)
Size
29 kB (29110 bytes)
Hash
ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/bootstrap.min.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:03 GMT
Accept-Ranges: bytes
Content-Length: 29110
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/frontend/assets/css/style.css?av=be757761

92.204.132.9

200 OK

16 kB

URL HTTP/1.1
news.klickboost.com/frontend/assets/css/style.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
16 kB (16326 bytes)
Hash
0704fe77a703921a5520c4ef079b3ac4
c8d27d838b3e0f80232e76ffc0ec2c8af08727ce
6a6249eb2886276d28435052d388fe35557ea936825d1e06629849ec700bfd95

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/css/style.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:47 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:45 GMT
Accept-Ranges: bytes
Content-Length: 16326
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

news.klickboost.com/assets/js/notify.js?av=be757761

92.204.132.9

200 OK

5.6 kB

URL HTTP/1.1
news.klickboost.com/assets/js/notify.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
Unicode text, UTF-8 text
Size
5.6 kB (5593 bytes)
Hash
9a19754fbd746ae6b603286c3a971e55
c45b906ec95326202c2a8e13545b5c17e92bbdc7
d1416dc4293eaae9e4aac8d5267fb0d5dcb35d9dbc44b63278f75750a1f9cc22

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/notify.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:03 GMT
Accept-Ranges: bytes
Content-Length: 5593
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/js/knockout.min.js?av=be757761

92.204.132.9

200 OK

60 kB

URL HTTP/1.1
news.klickboost.com/assets/js/knockout.min.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (564)
Size
60 kB (59822 bytes)
Hash
fa8662c7a8415d0355f444eaff534845
b60c2c301c280378b4d51769cb20a46e65989c73
972f13893b7056c0567637a44ea4c994b1b3dd1b20e185ebf3478ae9086d74cb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/knockout.min.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:03 GMT
Accept-Ranges: bytes
Content-Length: 59822
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/js/adminlte.js?av=be757761

92.204.132.9

200 OK

9.8 kB

URL HTTP/1.1
news.klickboost.com/assets/js/adminlte.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text, with very long lines (9373)
Size
9.8 kB (9774 bytes)
Hash
add5b3f0900365f3b4240664da17760e
7cbd53bfcf830e7c150d6bb55efcc2832e7543e7
42338bc162a705b04953fc72340216dbefb55cf12ec1a6e7cad04e5e680e26bc

HTTP Headers

GET /assets/js/adminlte.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:03 GMT
Accept-Ranges: bytes
Content-Length: 9774
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/js/cookie.js?av=be757761

92.204.132.9

200 OK

4.9 kB

URL HTTP/1.1
news.klickboost.com/assets/js/cookie.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
4.9 kB (4938 bytes)
Hash
449dd3907404cead5d8ba6203b3550dc
c9bb690411c3f46145f8ea137e6783929d8c27aa
3585a42757908ba2ace27f41b01256f6cf4ffb9679f7ac0ff8957817d5ccfde1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/cookie.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:04 GMT
Accept-Ranges: bytes
Content-Length: 4938
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/js/app.js?av=be757761

92.204.132.9

200 OK

2.8 kB

URL HTTP/1.1
news.klickboost.com/assets/js/app.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
2.8 kB (2797 bytes)
Hash
3ade0b17b1b7c3d1c27aba12ceeda1d3
f8c1fe63c016a077e1545d123eb4db8e8a690c6d
cf55d95ad63c72f2eeb219da669cc848cc3022fa4a4798d62ed19ed342460cbe

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/js/app.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:04 GMT
Accept-Ranges: bytes
Content-Length: 2797
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/css/ionicons/css/ionicons.min.css?av=be757761

92.204.132.9

200 OK

51 kB

URL HTTP/1.1
news.klickboost.com/assets/css/ionicons/css/ionicons.min.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
Unicode text, UTF-8 text, with very long lines (50806)
Size
51 kB (51284 bytes)
Hash
0d6763b67616cb9183f3931313d42971
f0459300e39155df7aa5e94b3bdb8c8594f49a60
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/ionicons/css/ionicons.min.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:26:03 GMT
Accept-Ranges: bytes
Content-Length: 51284
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

news.klickboost.com/frontend/assets/js/app.js?av=be757761

92.204.132.9

200 OK

464 B

URL HTTP/1.1
news.klickboost.com/frontend/assets/js/app.js?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
464 B (464 bytes)
Hash
63407331c21d5d542d65b0db1806572b
5571a79924a1a0d063a01ecdd1e16758c05c4e46
da13c80125e8103e470f9982aabe33d0176ae23e6ff5d74a7909fc13e36d73d8

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /frontend/assets/js/app.js?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:45 GMT
Accept-Ranges: bytes
Content-Length: 464
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

news.klickboost.com/assets/css/adminlte.css?av=be757761

92.204.132.9

200 OK

218 kB

URL HTTP/1.1
news.klickboost.com/assets/css/adminlte.css?av=be757761
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
ASCII text
Size
218 kB (218121 bytes)
Hash
26b22bb6b4ce34772d4cf7f78b9b90c4
96406f7c9b5c65d51c8cc2fef538f6f198b08bb1
a17610f2bcf697c317767f9fe07d2d52c26206dc9c210d2b28c668c0e71b6388

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /assets/css/adminlte.css?av=be757761 HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2022 00:24:02 GMT
Accept-Ranges: bytes
Content-Length: 218121
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news.klickboost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 05:42:51 GMT
expires: Fri, 24 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 334557
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://news.klickboost.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 24 Nov 2022 16:40:18 GMT
expires: Fri, 24 Nov 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 295110
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
e9895464b828d538dc654c678c82b181
af5791cd48761cb3f3f979b481c23e1508692823
c93a71d276aa3f386bef66ed2b4d69e041cccc9a4df5024b14d54ce2569948f0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 28 Nov 2022 02:38:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

news.klickboost.com/favicon.ico

92.204.132.9

200 OK

198 B

URL HTTP/1.1
news.klickboost.com/favicon.ico
IP
92.204.132.9:0
ASN
#398108 GO-DADDY-COM-LLC

File type
MS Windows icon resource - 1 icon, 16x16, 2 colors\012- data
Size
198 B (198 bytes)
Hash
ff82d748b4add52e4dd7c8f0b58b89f2
ea69cebf29f461d7831368697f303ea4f0c69a2d
de88c1f678413736e858b27974cd5d2181b3df891b8999dd93835384b0ca2d8f

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: news.klickboost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/index.php/lists/en0936qzkb54f/unsubscribe/bp932m79xfd3a/rg064l0rof56f
Cookie: mwsid=d4021dad5288e38dfc166a0bb0e2ffa2; csrf_token=87faa98635a68feb41f257639d886843bffda229s%3A88%3A%22VHVwZFlzWnhicUxUYkxKTGhvdk5Lajl6Zm52Rk9PdHar4E6kKMo4ldy4SJKEYtt8F7mwaMaCCFw2gR8W1ngY1A%3D%3D%22%3B
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Mon, 28 Nov 2022 02:38:48 GMT
Server: Apache
Last-Modified: Tue, 13 Apr 2021 09:10:00 GMT
Accept-Ranges: bytes
Content-Length: 198
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/x-icon

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3187
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:38:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3187
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:38:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aebda342a81ad83f60d2523f54ccda67
e590d9326e4a283e0929a8ffccb13cc4308af0e6
bd123fe3fce93216e2635f9dbc356f081b7599784fb6b67984032f11d82bc7cb

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BD123FE3FCE93216E2635F9DBC356F081B7599784FB6B67984032F11D82BC7CB"
Last-Modified: Sat, 26 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3187
Expires: Mon, 28 Nov 2022 03:31:56 GMT
Date: Mon, 28 Nov 2022 02:38:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7556 bytes)
Hash
7e5051d8c06f69e1842a9295ce256a36
1a542a53ba0b1cd0fb23257ebed8166555f16dfb
a7c0dbbb4d0d9138f5ca318cc2aa44e12dadf7ed6263ec204ba756da64b29c41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb4908162-9f1d-4654-8d78-fe85386ce233.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7556
x-amzn-requestid: 1cda5313-2256-4830-bf84-2e6e15949d3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78KFTmoAMF4yg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e7-452e36d718a298d12a2374a9;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:03 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OWVkuAw6-nRNU_CVOgvsSSenSXnfSYSmJiKa60JvSaiJgPuXjJByZw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:46:41 GMT
age: 17528
etag: "1a542a53ba0b1cd0fb23257ebed8166555f16dfb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.8 kB (8771 bytes)
Hash
b0bd385532089b45a14e461abbecc1af
3da359b1ba09138a425094715b9f3a2f8d0257fe
803001528f2aefc1ea90e585d48de435975862861a1cbe8d898e5cd7ebd297dd

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a11c6ec-01ab-453a-a13d-c7804535dc69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 8771
x-amzn-requestid: 995d3904-9be1-4b40-9813-ff47e60639ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_MEAPoAMF0xw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d861-3fdb7958064e0c4b1aed2136;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vrBB4JkuL3nbZnDWitQ4dvTruO9M6hSt8mw9NuJliCmcNOw8xvfWhw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:20:34 GMT
age: 15495
etag: "3da359b1ba09138a425094715b9f3a2f8d0257fe"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10119 bytes)
Hash
15bd53848c7082464273007e010c54e0
9a3ca698ca1aeae695923277ed2244465e01a1ea
36cfa29965173ea683992d4b436f393e92c978350347f869355d933613e2c005

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd56d2fad-ed89-4d96-831f-7f8467b7079b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 10119
x-amzn-requestid: 20bfd6a6-2981-42ca-8997-9363676773c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR782HEZIAMFTKQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9eb-552581a92a69d6cd322bf334;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:07 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: U_gitOWWMPO7M5Dd0WktaigfRERa93d86MhziLjZ2qnuON_K5NauyQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:54:37 GMT
age: 17052
etag: "9a3ca698ca1aeae695923277ed2244465e01a1ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4329da24-0de7-409f-87fa-68fd5668aa29.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, max compression\012- data
Size
12 kB (11633 bytes)
Hash
ad4c232eaafc070f9d6a95885e2ae859
b69a3c6e8dc539a08a72e3efad1068ecf82ae23c
708c0f7d58c53ab2619a6f2892acad616b86d186a7f064fb1bde85fd303abf0c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4329da24-0de7-409f-87fa-68fd5668aa29.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11082
x-amzn-requestid: f7a38cfd-874a-47fd-97cd-234459ce7868
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR8IxEKzIAMFiYg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383da37-10cbaa3f0be7f1112fd4192e;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:44:23 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: zdj6ZJvknXri3cVLXNuuoKfrHKLiLhlMKwvrGa0NkhQxahsj6L8pkQ==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:40 GMT
etag: "796020fb42c93fde996945b41173e5191d98fc90"
content-type: image/jpeg
age: 16929
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4708 bytes)
Hash
4060284252d32701c42e2df4a83970a0
a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da
53eca0f8435d6e2e62962ef80d4597afad2773a582746d523f7f5d30c3e07b8e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F17eed5ca-e7b1-43be-b937-69356fce9d8a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4708
x-amzn-requestid: 6efd15cd-c944-42e7-8142-01360fbe4a25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_JFbXIAMFc_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-3c7d91eb7a2f3a9669f89d88;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GDQn-_Np3qSCYR2kQJnoh6j3-aS25bPTNl13D6MkZpF1fkOhokkFbA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 22:02:24 GMT
age: 16585
etag: "a73feecd0e221f7c7a3b74b75aeaa81bd9baa1da"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (15639 bytes)
Hash
0a4e0bb1e2748bdce6bbf685a910f0fc
5b97bfd787afcb912cdbef0f137f78a059082992
a7bc9adeb22cb57675e907bd961a6f554e6b7a46414ed782bcc9b53d68b1c328

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa915ba56-f7bc-48fc-b725-b932389634d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 15639
x-amzn-requestid: 98e846b4-287f-4698-9529-25bcc2727a4a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR78dGReoAMFiDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d9e9-62c41b2717bd8e6f3b3797da;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: fxNulyOR88nEcjtrXm1dECsulI-MsAxm2Zl0Y83uMz23lGh18d-ZBA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Sun, 27 Nov 2022 21:56:55 GMT
age: 16914
etag: "5b97bfd787afcb912cdbef0f137f78a059082992"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=be757761

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,400,700&av=be757761
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,400,700&av=be757761 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 02:38:47 GMT
date: Mon, 28 Nov 2022 02:38:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=be757761

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Roboto:300,400,700,900&av=be757761
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Roboto:300,400,700,900&av=be757761 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 02:38:47 GMT
date: Mon, 28 Nov 2022 02:38:47 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=be757761

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=be757761
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Lato:100,100i,300,300i,400,400i,700,700i,900,900i&av=be757761 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://news.klickboost.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 28 Nov 2022 02:38:47 GMT
date: Mon, 28 Nov 2022 02:38:47 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (9)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations