Overview

URLwww.knswsd.com/
IP 101.37.175.102 (China)
ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 15:32:59 UTC
StatusLoading report..
IDS alerts0
Blocklist alert6
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 www.knswsd.com/ Phishing
2022-12-04 2 www.knswsd.com/ Phishing
2022-12-04 2 www.knswsd.com/theme/knsw/js/script.js Phishing
2022-12-04 2 www.knswsd.com/theme/knsw/js/core.min.js Phishing
2022-12-04 2 www.knswsd.com/include/fonts/fontawesome-webfont.woff2?v=4.7.0 Phishing
2022-12-04 2 www.knswsd.com/theme/knsw/fonts/fl-bigmug-line.woff Phishing

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 101.37.175.102
Date UQ / IDS / BL URL IP
2022-12-04 15:32:59 +0000 0 - 0 - 6 www.knswsd.com/ 101.37.175.102


Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.
Date UQ / IDS / BL URL IP
2023-01-26 21:44:13 +0000 0 - 2 - 0 www.packmage.cn/uc/goto/?url=frizzytwta.world (...) 39.101.140.226
2023-01-26 21:17:45 +0000 0 - 6 - 2 112.74.185.5/AMS.exe 112.74.185.5
2023-01-26 21:01:08 +0000 0 - 2 - 0 tj.l1l1l1l1l1.com/ 121.41.56.35
2023-01-26 19:53:29 +0000 0 - 0 - 1 files.cnblogs.com/files/MACLEO/D-CF5ZE2.ZIP 47.110.20.149
2023-01-26 19:53:06 +0000 0 - 0 - 1 files.cnblogs.com/files/testware/automatedqa. (...) 47.110.20.149


Last 1 reports on domain: knswsd.com
Date UQ / IDS / BL URL IP
2022-12-04 15:32:59 +0000 0 - 0 - 6 www.knswsd.com/ 101.37.175.102


No other reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (47)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3097
Cache-Control: max-age=157806
Date: Sun, 04 Dec 2022 15:32:48 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:22:54 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14612
Expires: Sun, 04 Dec 2022 19:36:20 GMT
Date: Sun, 04 Dec 2022 15:32:48 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 15:18:24 GMT
cache-control: public,max-age=3600
age: 864
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4913
Expires: Sun, 04 Dec 2022 16:54:41 GMT
Date: Sun, 04 Dec 2022 15:32:48 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ==
x-amz-request-id: XR53846W1CWHM1CC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 14:47:01 GMT
age: 2747
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 15:32:48 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         101.37.175.102
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=iso-8859-1
                                        
Date: Sun, 04 Dec 2022 15:32:48 GMT
Server: Apache
Location: https://www.knswsd.com
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 191
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   191
Md5:    5397d9cb08f79f39b31a91efe98d61b2
Sha1:   d9c6ee268f3613a88a66698bfc0426e1dbba3650
Sha256: 9497c6ac94cc79f04ad06a37618caceaf544a34ca92f88c994f0f6534d4444a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 15:11:19 GMT
cache-control: public,max-age=3600
age: 1289
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3042
Cache-Control: max-age=152683
Date: Sun, 04 Dec 2022 15:32:49 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:57:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=157949
Date: Sun, 04 Dec 2022 15:32:49 GMT
Etag: "638c839e-1d7"
Expires: Tue, 06 Dec 2022 11:25:18 GMT
Last-Modified: Sun, 04 Dec 2022 11:25:18 GMT
Server: nginx
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /jlXOoROOnQPa5as0opQMA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5/WDDl/pqKgAqYjDQs5mN/G7LE0=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 15:32:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 15:32:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 15:32:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3506
Expires: Sun, 04 Dec 2022 16:31:16 GMT
Date: Sun, 04 Dec 2022 15:32:50 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 63612
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 63944
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 29169
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 63769
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 64129
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 63603
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET / HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Date: Sun, 04 Dec 2022 15:32:49 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Cache-control: private
Set-Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7; path=/
Vary: User-Agent,Accept-Encoding
Content-Encoding: gzip
Content-Length: 5728
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1162), with CRLF line terminators
Size:   5728
Md5:    977db7f4a040bfac4d44c3ec27c5c51e
Sha1:   3a4fa6f9dc288bf01f106d132f249738164a2d37
Sha256: 4363caef6521c5369a5776c7237250894011a5f29cd1ff4748cac461c4d6696f

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /theme/knsw/css/bootstrap.css HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 04 Dec 2022 15:32:50 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfca1-1c6be-5dd4d34c37bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 18984
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65406)
Size:   18984
Md5:    a2ce7946b95ba2004ddb489a07bfd6f0
Sha1:   c0894aa3520e085365d37d3027b802fc3c578db2
Sha256: 7d51e8d1b09e5bdbbf550828694b67e9d081f93d7d3d168d5c1d04dfef1d53a4
                                        
                                            GET /theme/knsw/css/fonts.css HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 04 Dec 2022 15:32:50 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfca4-190aa-5dd4d34c37bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19980
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   19980
Md5:    4c3fa43b07ceff587ae513a8b0732bb5
Sha1:   7f41177481083de165129da42aef4b6dc3d93f6d
Sha256: b7a1cfe03dbf7f200e7f66787028b0fdc9e859b36d47d907794222f0f2d69bb8
                                        
                                            GET /theme/knsw/js/script.js HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 04 Dec 2022 15:32:51 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfcdd-b956-5dd4d34c37bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 10977
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   10977
Md5:    cc2ceb672b9d1317c383d56bf31998dd
Sha1:   2e2192be35969aa421f5a76edbe7dc0f007944e5
Sha256: 8d557f033c6870c720459670aea3bddfa4c1a02f58838aca179f13fb3988b9fb

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /theme/knsw/css/style.css HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Date: Sun, 04 Dec 2022 15:32:51 GMT
Server: Apache
Last-Modified: Tue, 02 Aug 2022 05:48:05 GMT
ETag: "df984-57e61-5e53ba910374c"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 51193
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  ASCII text, with very long lines (821)
Size:   51193
Md5:    d756ebf690252c9cba9c6f34c6d107b6
Sha1:   30a2665831f7f85adac2913bd642248f5bbfd5f3
Sha256: 770b183c457f6156d155231103e6586690ea7d7b05bf9d20816097be1a133b7a
                                        
                                            GET /theme/knsw/images/footerlogo.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Mon, 30 May 2022 07:23:16 GMT
ETag: "dfa02-1c19-5e03587930100"
Accept-Ranges: bytes
Content-Length: 7193
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 234 x 82, 8-bit/color RGBA, non-interlaced\012- data
Size:   7193
Md5:    7eb3096a1d6a1fa8fbedbc878f601ec4
Sha1:   757ac3583a2515893afc1ee743d49765427e4815
Sha256: 1b26f773ad555a0efe0cb5f757e6e7a86620e4beb0360a970c234c0e7ff991f0
                                        
                                            GET /theme/knsw/js/core.min.js HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Date: Sun, 04 Dec 2022 15:32:51 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfcd7-a7a6b-5dd4d34c37bc0"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Transfer-Encoding: chunked


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65323), with CRLF line terminators
Size:   186813
Md5:    3d283b371c5729a2603645dbcac763d4
Sha1:   867d5cb74c4734096043852ae18b7c1463262074
Sha256: 3aef39ed3bb41a5dce56b89770486b7d3a592581af43f5467f9388d344728d91

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /images/product/3_1652254714091023_thumb.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 04:09:56 GMT
ETag: "df9d6-a113-5e93c3bf58b37"
Accept-Ranges: bytes
Content-Length: 41235
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Size:   41235
Md5:    f5c262884e16c6f7cbe5014f68d2551e
Sha1:   05a4002dfe534df41abb15868d63fee01d7a645c
Sha256: a0e4860f665f4fa60d0541b886ab1e337cfe802dc317f271fafa7f67a9c54fed
                                        
                                            GET /images/product/4_1652255084611458_thumb.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 07:43:03 GMT
ETag: "dfa0d-a34b-5e93f3613d93f"
Accept-Ranges: bytes
Content-Length: 41803
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Size:   41803
Md5:    e31c44506303cc8e129a75914713a859
Sha1:   6a2aeffce4b4c3b87e497c92f72ba70e8f449989
Sha256: 8a3f097d00b0a5a20e1369ce54295030481c16d8c5ed9fc25637e9a9df7b65eb
                                        
                                            GET /images/product/6_1653881858382650_thumb.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 04:10:23 GMT
ETag: "df9f1-a211-5e93c3d881d02"
Accept-Ranges: bytes
Content-Length: 41489
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Size:   41489
Md5:    53dbbc98db856b296ee082140b3c6ee3
Sha1:   6eb6a8d88605b24920f7ca7340fc80068f83a31c
Sha256: 0bbd34becfa8dbd0108de752bae34ebc980c4a3220d9fd5fb6bc09eca543f7f7
                                        
                                            POST /gsrsaovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Content-Length: 1432
Connection: keep-alive
Expires: Thu, 08 Dec 2022 14:30:04 GMT
ETag: "56337dbbbf2003d46f2b96b90033709fe25d7d6e"
Last-Modified: Sun, 04 Dec 2022 14:30:05 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 774598e6dd58b517-OSL


--- Additional Info ---
Magic:  data
Size:   1432
Md5:    fdd745f17f79b4c63dab78c4b24ead86
Sha1:   56337dbbbf2003d46f2b96b90033709fe25d7d6e
Sha256: 627e5ec30a86c56fab374b9e6b4bf7edd96fe70d4a30a6faa91f10ad4e993cc4
                                        
                                            GET /images/box/1_1592375708480199.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Fri, 13 May 2022 10:34:55 GMT
ETag: "dfa25-b51b-5dee239aa71c0"
Accept-Ranges: bytes
Content-Length: 46363
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 470x324, components 3\012- data
Size:   46363
Md5:    1d0403d4b0dcfc47e4f0f281f26a8636
Sha1:   bfedb5bd6d4e1fbba3d79f5f08a15602facab3f0
Sha256: e009be59ffccda6f59f29b6d5955022685e01d81cc4f1c5348c7665ce4e568d4
                                        
                                            GET /images/fragment/about.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Wed, 18 May 2022 00:53:09 GMT
ETag: "df90c-bbbe-5df3eae500740"
Accept-Ranges: bytes
Content-Length: 48062
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 399 x 407, 8-bit colormap, non-interlaced\012- data
Size:   48062
Md5:    7537fc55d87d0aea209971550e34491f
Sha1:   2953b0947a80fa59d6c650e5fb8e475f7a777a69
Sha256: 68f2c1a831db39d56402d106a24dde17fd0fadc5327008d4a27605371a9ee4d3
                                        
                                            GET /images/product/1_1652253427759184_thumb.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Thu, 22 Sep 2022 04:10:42 GMT
ETag: "df9e8-a1b5-5e93c3eb2205e"
Accept-Ranges: bytes
Content-Length: 41397
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data
Size:   41397
Md5:    2f45644261d2bf850eba5be45f55c07e
Sha1:   4d67d3e445a437ca5162c76e00caf64eabbda5f5
Sha256: 28fe22a9957cb7474565041db4857b28a719bafa7f33364bcf7d6154cea50099
                                        
                                            GET /include/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.knswsd.com/theme/knsw/css/fonts.css
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Thu, 27 Oct 2016 20:51:44 GMT
ETag: "dfa3f-12d68-53fdee8c3f800"
Accept-Ranges: bytes
Content-Length: 77160
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size:   77160
Md5:    af7ae505a9eed503f8b8e6982036873e
Sha1:   d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /theme/knsw/fonts/materialdesignicons-webfont.woff2?v=1.4.57 HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.knswsd.com/theme/knsw/css/fonts.css
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Date: Sun, 04 Dec 2022 15:32:52 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfcaa-1378c-5dd4d34c37bc0"
Accept-Ranges: bytes
Content-Length: 79756
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 79756, version 1.0\012- data
Size:   79756
Md5:    380a87ac162f7313bdc7556fcca4fd38
Sha1:   4b29d05c0445f92f14a1c058fc06e34ab6e7f869
Sha256: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
                                        
                                            GET /images/fragment/qrcode.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Mon, 16 May 2022 23:20:27 GMT
ETag: "dfa31-30c6-5df2944f344c0"
Accept-Ranges: bytes
Content-Length: 12486
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 255 x 252, 8-bit colormap, non-interlaced\012- data
Size:   12486
Md5:    358b810698be7620636206faa18eb9e2
Sha1:   2280577a8fc1055abd369ef9e9dd81f397c3b279
Sha256: e0475feef79db77001e9e12377c1f26b0b140a786479e7ef6b6bcdd99a5165be
                                        
                                            GET /images/fragment/miniprogram.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Mon, 16 May 2022 23:20:29 GMT
ETag: "dfa2d-4012-5df294511c940"
Accept-Ranges: bytes
Content-Length: 16402
Vary: User-Agent
Keep-Alive: timeout=15, max=297
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 259 x 259, 8-bit colormap, non-interlaced\012- data
Size:   16402
Md5:    e8a0ec1c587faf4c08349faa5acaad3a
Sha1:   e6f4a14b9138225032d05b3f8d5f0f84eea27ab0
Sha256: a16650b82058d6ac87352680cd48bbebd2f3c105d45d3db59cbd5e52b1c268b5
                                        
                                            GET /theme/knsw/images/logo.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Fri, 27 May 2022 01:14:12 GMT
ETag: "dfa08-ec8-5dff4062a4100"
Accept-Ranges: bytes
Content-Length: 3784
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 80 x 77, 8-bit colormap, non-interlaced\012- data
Size:   3784
Md5:    967a7bfb45f53d740e2399dab1bd4545
Sha1:   978df84a1eb60970ec2cd4c6b4673d2e3ccbdc4b
Sha256: 6f2b3e145b2f52b39165703edb623188b4734075cd4de293736c2c0c70e4b808
                                        
                                            GET /data/slide/20220511yvlidb.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Fri, 13 May 2022 10:30:33 GMT
ETag: "df9e1-13b10-5dee22a0ca440"
Accept-Ranges: bytes
Content-Length: 80656
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x845, components 3\012- data
Size:   80656
Md5:    a5fa7b9f64b7ab169b134e8dc7e56b6e
Sha1:   197b745e859592859f79b171750537c47806f60c
Sha256: 77d3bbb550ebd7cc8a3d384a479ad6e0b89aef450c31780083a7e4f3d6398b7e
                                        
                                            GET /images/nopic.jpg HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/jpeg
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Fri, 13 May 2022 06:27:42 GMT
ETag: "dfcf9-1bcb-5dedec58cd380"
Accept-Ranges: bytes
Content-Length: 7115
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 580x290, components 3\012- data
Size:   7115
Md5:    f98ce1e540df0aacf11ee1f83ad60173
Sha1:   2ff56882584e70bbda2bbf4f5afdf0a7af2687ab
Sha256: 7de092f638e36aa43eab838b824bce9750b28bc4702592559028858e885f6778
                                        
                                            GET /images/fragment/logo.png HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Sun, 04 Dec 2022 15:32:53 GMT
Server: Apache
Last-Modified: Fri, 27 May 2022 00:38:08 GMT
ETag: "df9e2-a53-5dff3852e3c00"
Accept-Ranges: bytes
Content-Length: 2643
Vary: User-Agent
Keep-Alive: timeout=15, max=297
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 180 x 63, 8-bit colormap, non-interlaced\012- data
Size:   2643
Md5:    92d206d447366d2c2ec960ac526be26e
Sha1:   f0ba51c234159d9506e85ce33bcb338b083f1509
Sha256: 4bba1c4fb3edfd83b7d56ded87cf6b4cb02689c3c5f9a4c72dae4fef0bde825f
                                        
                                            GET /hm.js?dbf634faad69aa3a3781c05866af6e95 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11258
Date: Sun, 04 Dec 2022 15:32:53 GMT
Etag: 5c18d8585ccc498d780b7a5a580a8b2b
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=EDAF8A23550BBF4F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800


--- Additional Info ---
Magic:  ASCII text, with very long lines (620)
Size:   11258
Md5:    82d51594e4b15ef6fe577f648005c473
Sha1:   32b9e99e8de37edcc13817c319d09e544c13f00d
Sha256: 618a8bb83c0af9f696bee73f757593787778f713e1147d53d42cc22770f8a259
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: image/x-icon
                                        
Date: Sun, 04 Dec 2022 15:32:54 GMT
Server: Apache
Last-Modified: Sat, 14 May 2022 02:38:20 GMT
ETag: "df9c5-10be-5deefaf2487ca"
Accept-Ranges: bytes
Content-Length: 4286
Vary: User-Agent
Keep-Alive: timeout=15, max=296
Connection: Keep-Alive


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Size:   4286
Md5:    2ed31ec7b0fb9f9e83582a09b40466ac
Sha1:   3897f8e60d45b43892161438ab1ff0d510f07440
Sha256: 19fbbab4c7deb18e9e535c5307e26dac198189e0d3187da6a5d59537d5bb2621
                                        
                                            GET /theme/knsw/fonts/fl-bigmug-line.woff HTTP/1.1 
Host: www.knswsd.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.knswsd.com/theme/knsw/css/fonts.css
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         101.37.175.102
HTTP/1.1 200 OK
Content-Type: application/x-font-woff
                                        
Date: Sun, 04 Dec 2022 15:32:54 GMT
Server: Apache
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT
ETag: "dfca8-5448-5dd4d34c37bc0"
Accept-Ranges: bytes
Content-Length: 21576
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive


--- Additional Info ---
Magic:  Web Open Font Format, TrueType, length 21576, version 0.0\012- data
Size:   21576
Md5:    aacdd360f205807c20cdb5afbef8b6ce
Sha1:   05115095225399f12f6ab1ba9349f5ef3502b24c
Sha256: 50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1823869343&si=dbf634faad69aa3a3781c05866af6e95&v=1.3.0&lv=1&sn=8497&r=0&ww=1280&u=https%3A%2F%2Fwww.knswsd.com%2F&tt=%E7%89%9B%E7%BE%8A%E7%8C%AA%E9%A9%AC%E9%B8%A1%E5%8A%A8%E7%89%A9%E8%A1%80%E6%B8%85%E7%94%9F%E4%BA%A7%E5%8E%82%E5%AE%B6%20-%20%E5%BA%B7%E9%82%A3%E7%94%9F%E7%89%A9%E6%8A%80%E6%9C%AF(%E5%B1%B1%E4%B8%9C)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 
Host: hm.baidu.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.knswsd.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         103.235.46.191
HTTP/1.1 200 OK
Content-Type: image/gif
                                        
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Date: Sun, 04 Dec 2022 15:32:54 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=B2155BCCDB34C031; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   43
Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3
Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7
Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda