urlquery - report: www.knswsd.com/

Scan Date	Severity	Indicator	Comment
2022-12-04	2	www.knswsd.com/	Phishing
2022-12-04	2	www.knswsd.com/	Phishing
2022-12-04	2	www.knswsd.com/theme/knsw/js/script.js	Phishing
2022-12-04	2	www.knswsd.com/theme/knsw/js/core.min.js	Phishing
2022-12-04	2	www.knswsd.com/include/fonts/fontawesome-webfont.woff2?v=4.7.0	Phishing
2022-12-04	2	www.knswsd.com/theme/knsw/fonts/fl-bigmug-line.woff	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-04 15:32:59 +0000	0 - 0 - 6	www.knswsd.com/	101.37.175.102

Date	UQ / IDS / BL	URL	IP
2023-01-26 21:44:13 +0000	0 - 2 - 0	www.packmage.cn/uc/goto/?url=frizzytwta.world (...)	39.101.140.226
2023-01-26 21:17:45 +0000	0 - 6 - 2	112.74.185.5/AMS.exe	112.74.185.5
2023-01-26 21:01:08 +0000	0 - 2 - 0	tj.l1l1l1l1l1.com/	121.41.56.35
2023-01-26 19:53:29 +0000	0 - 0 - 1	files.cnblogs.com/files/MACLEO/D-CF5ZE2.ZIP	47.110.20.149
2023-01-26 19:53:06 +0000	0 - 0 - 1	files.cnblogs.com/files/testware/automatedqa. (...)	47.110.20.149

Date	UQ / IDS / BL	URL	IP
2022-12-04 15:32:59 +0000	0 - 0 - 6	www.knswsd.com/	101.37.175.102

Request	Response
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3097 Cache-Control: max-age=157806 Date: Sun, 04 Dec 2022 15:32:48 GMT Etag: "638c76f5-1d7" Expires: Tue, 06 Dec 2022 11:22:54 GMT Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: fb2c0697c6d9a96a5411dd2952947458 Sha1: 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 Sha256: 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14612 Expires: Sun, 04 Dec 2022 19:36:20 GMT Date: Sun, 04 Dec 2022 15:32:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: cfec3d7283a9b66d2be426ce54d210f3 Sha1: 808c1feb1ba918951d1928c1f6bfc0c253262774 Sha256: 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sun, 04 Dec 2022 15:18:24 GMT cache-control: public,max-age=3600 age: 864 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=4913 Expires: Sun, 04 Dec 2022 16:54:41 GMT Date: Sun, 04 Dec 2022 15:32:48 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 1ea206ac3c440825741687351f8c6e4e Sha1: 2f38dafd8c43dcce2411a0590bc5c02cd6286735 Sha256: 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ== x-amz-request-id: XR53846W1CWHM1CC content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sun, 04 Dec 2022 14:47:01 GMT age: 2747 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sun, 04 Dec 2022 15:32:48 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET / HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: www.knswsd.com/ FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 9497c6ac94cc79f04ad06a37618caceaf544a34ca92f88c994f0f6534d4444a6 101.37.175.102 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sun, 04 Dec 2022 15:32:48 GMT Server: Apache Location: https://www.knswsd.com Vary: Accept-Encoding Content-Encoding: gzip Content-Length: 191 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 191 Md5: 5397d9cb08f79f39b31a91efe98d61b2 Sha1: d9c6ee268f3613a88a66698bfc0426e1dbba3650 Sha256: 9497c6ac94cc79f04ad06a37618caceaf544a34ca92f88c994f0f6534d4444a6 Alerts: Blocklists: - fortinet: Phishing
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sun, 04 Dec 2022 15:11:19 GMT cache-control: public,max-age=3600 age: 1289 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3042 Cache-Control: max-age=152683 Date: Sun, 04 Dec 2022 15:32:49 GMT Etag: "638c632b-1d7" Expires: Tue, 06 Dec 2022 09:57:32 GMT Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 31b129c94a90b1e695b21395cb54e378 Sha1: a3cae46b48d469cc61ab0581303bcd5f5b654db9 Sha256: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 26f72e02dd51d0bd2b8d007dda53eb272c30905a7400ae3a25d202af59d943c3 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Cache-Control: max-age=157949 Date: Sun, 04 Dec 2022 15:32:49 GMT Etag: "638c839e-1d7" Expires: Tue, 06 Dec 2022 11:25:18 GMT Last-Modified: Sun, 04 Dec 2022 11:25:18 GMT Server: nginx Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 170c2574bb145089bcdc8a11ae57be52 Sha1: 6fb1b9d0e2074090facd71871b6dafbec636b041 Sha256: 26f72e02dd51d0bd2b8d007dda53eb272c30905a7400ae3a25d202af59d943c3
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: /jlXOoROOnQPa5as0opQMA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.191.251.76 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.191.251.76 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 5/WDDl/pqKgAqYjDQs5mN/G7LE0= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3506 Expires: Sun, 04 Dec 2022 16:31:16 GMT Date: Sun, 04 Dec 2022 15:32:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3506 Expires: Sun, 04 Dec 2022 16:31:16 GMT Date: Sun, 04 Dec 2022 15:32:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3506 Expires: Sun, 04 Dec 2022 16:31:16 GMT Date: Sun, 04 Dec 2022 15:32:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3506 Expires: Sun, 04 Dec 2022 16:31:16 GMT Date: Sun, 04 Dec 2022 15:32:50 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 83e0936435ad95a15c9ec5ff9520f4fe Sha1: a8225ee0d8ae117f977f7ff817c342c62e91b5a9 Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5681 x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cltXnEotIAMFqkA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA== via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:52:38 GMT age: 63612 etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5681 Md5: 43309032a892c486f9985ef520df696e Sha1: 36f4682ca6a33ff80ee02129c77e6f27e996ede0 Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 10431 x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: clsCGEwxIAMF34g= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:47:06 GMT age: 63944 etag: "8637105f41058bc0d2b259d462b560881928adb6" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 10431 Md5: 2636f91bb8fa4d9bb7bef114c248a9ae Sha1: 8637105f41058bc0d2b259d462b560881928adb6 Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 16143 x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cdGyLGqmoAMFnaA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0 x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Sun, 04 Dec 2022 07:26:41 GMT age: 29169 etag: "1d702df3a64258628f4124eafd580695f2d350af" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 16143 Md5: 14dcca2a9c4792d835ee709bcd947402 Sha1: 1d702df3a64258628f4124eafd580695f2d350af Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8989 x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cltl4Gk2oAMFSWQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA== via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:50:01 GMT age: 63769 etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8989 Md5: a6e7b32ac999cf3c899a234c621fa91a Sha1: fc5d4f3163ebb9faf85968cbb1d194e8e68418be Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4666 x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: clr_-GiboAMFwww= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ== via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:44:01 GMT age: 64129 etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4666 Md5: c01fe1cccdb3b672bbade6d98217ffe9 Sha1: a9a529dc9894827f6243a1bf57f81caa4fe88fc2 Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8315 x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: clsAMGVboAMFfxg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg== via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google date: Sat, 03 Dec 2022 21:52:47 GMT age: 63603 etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8315 Md5: db1701b7b9d161a0c935bb6e10b17893 Sha1: 22a8c4bd58c729c1abcf794466e8f3231dfb034b Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET / HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1	URL: www.knswsd.com/ FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 4363caef6521c5369a5776c7237250894011a5f29cd1ff4748cac461c4d6696f 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/html; charset=utf-8 Date: Sun, 04 Dec 2022 15:32:49 GMT Server: Apache Expires: Thu, 19 Nov 1981 08:52:00 GMT Pragma: no-cache Cache-control: private Set-Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7; path=/ Vary: User-Agent,Accept-Encoding Content-Encoding: gzip Content-Length: 5728 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1162), with CRLF line terminators Size: 5728 Md5: 977db7f4a040bfac4d44c3ec27c5c51e Sha1: 3a4fa6f9dc288bf01f106d132f249738164a2d37 Sha256: 4363caef6521c5369a5776c7237250894011a5f29cd1ff4748cac461c4d6696f Alerts: Blocklists: - fortinet: Phishing
GET /theme/knsw/css/bootstrap.css HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/css/bootstrap.css FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 7d51e8d1b09e5bdbbf550828694b67e9d081f93d7d3d168d5c1d04dfef1d53a4 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 04 Dec 2022 15:32:50 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfca1-1c6be-5dd4d34c37bc0" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 18984 Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (65406) Size: 18984 Md5: a2ce7946b95ba2004ddb489a07bfd6f0 Sha1: c0894aa3520e085365d37d3027b802fc3c578db2 Sha256: 7d51e8d1b09e5bdbbf550828694b67e9d081f93d7d3d168d5c1d04dfef1d53a4
GET /theme/knsw/css/fonts.css HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/css/fonts.css FQDN: www.knswsd.com IP: 101.37.175.102 HASH: b7a1cfe03dbf7f200e7f66787028b0fdc9e859b36d47d907794222f0f2d69bb8 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 04 Dec 2022 15:32:50 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfca4-190aa-5dd4d34c37bc0" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 19980 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (65536), with no line terminators Size: 19980 Md5: 4c3fa43b07ceff587ae513a8b0732bb5 Sha1: 7f41177481083de165129da42aef4b6dc3d93f6d Sha256: b7a1cfe03dbf7f200e7f66787028b0fdc9e859b36d47d907794222f0f2d69bb8
GET /theme/knsw/js/script.js HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/js/script.js FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 8d557f033c6870c720459670aea3bddfa4c1a02f58838aca179f13fb3988b9fb 101.37.175.102 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 04 Dec 2022 15:32:51 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfcdd-b956-5dd4d34c37bc0" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 10977 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with CRLF line terminators Size: 10977 Md5: cc2ceb672b9d1317c383d56bf31998dd Sha1: 2e2192be35969aa421f5a76edbe7dc0f007944e5 Sha256: 8d557f033c6870c720459670aea3bddfa4c1a02f58838aca179f13fb3988b9fb Alerts: Blocklists: - fortinet: Phishing
GET /theme/knsw/css/style.css HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/css/style.css FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 770b183c457f6156d155231103e6586690ea7d7b05bf9d20816097be1a133b7a 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/css Date: Sun, 04 Dec 2022 15:32:51 GMT Server: Apache Last-Modified: Tue, 02 Aug 2022 05:48:05 GMT ETag: "df984-57e61-5e53ba910374c" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 51193 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text, with very long lines (821) Size: 51193 Md5: d756ebf690252c9cba9c6f34c6d107b6 Sha1: 30a2665831f7f85adac2913bd642248f5bbfd5f3 Sha256: 770b183c457f6156d155231103e6586690ea7d7b05bf9d20816097be1a133b7a
GET /theme/knsw/images/footerlogo.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/images/footerlogo.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 1b26f773ad555a0efe0cb5f757e6e7a86620e4beb0360a970c234c0e7ff991f0 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Mon, 30 May 2022 07:23:16 GMT ETag: "dfa02-1c19-5e03587930100" Accept-Ranges: bytes Content-Length: 7193 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 234 x 82, 8-bit/color RGBA, non-interlaced\012- data Size: 7193 Md5: 7eb3096a1d6a1fa8fbedbc878f601ec4 Sha1: 757ac3583a2515893afc1ee743d49765427e4815 Sha256: 1b26f773ad555a0efe0cb5f757e6e7a86620e4beb0360a970c234c0e7ff991f0
GET /theme/knsw/js/core.min.js HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/js/core.min.js FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 3aef39ed3bb41a5dce56b89770486b7d3a592581af43f5467f9388d344728d91 101.37.175.102 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sun, 04 Dec 2022 15:32:51 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfcd7-a7a6b-5dd4d34c37bc0" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Keep-Alive: timeout=15, max=300 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (65323), with CRLF line terminators Size: 186813 Md5: 3d283b371c5729a2603645dbcac763d4 Sha1: 867d5cb74c4734096043852ae18b7c1463262074 Sha256: 3aef39ed3bb41a5dce56b89770486b7d3a592581af43f5467f9388d344728d91 Alerts: Blocklists: - fortinet: Phishing
GET /images/product/3_1652254714091023_thumb.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/product/3_1652254714091023_thumb.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: a0e4860f665f4fa60d0541b886ab1e337cfe802dc317f271fafa7f67a9c54fed 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Thu, 22 Sep 2022 04:09:56 GMT ETag: "df9d6-a113-5e93c3bf58b37" Accept-Ranges: bytes Content-Length: 41235 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data Size: 41235 Md5: f5c262884e16c6f7cbe5014f68d2551e Sha1: 05a4002dfe534df41abb15868d63fee01d7a645c Sha256: a0e4860f665f4fa60d0541b886ab1e337cfe802dc317f271fafa7f67a9c54fed
GET /images/product/4_1652255084611458_thumb.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/product/4_1652255084611458_thumb.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 8a3f097d00b0a5a20e1369ce54295030481c16d8c5ed9fc25637e9a9df7b65eb 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Thu, 22 Sep 2022 07:43:03 GMT ETag: "dfa0d-a34b-5e93f3613d93f" Accept-Ranges: bytes Content-Length: 41803 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data Size: 41803 Md5: e31c44506303cc8e129a75914713a859 Sha1: 6a2aeffce4b4c3b87e497c92f72ba70e8f449989 Sha256: 8a3f097d00b0a5a20e1369ce54295030481c16d8c5ed9fc25637e9a9df7b65eb
GET /images/product/6_1653881858382650_thumb.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/product/6_1653881858382650_thumb.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 0bbd34becfa8dbd0108de752bae34ebc980c4a3220d9fd5fb6bc09eca543f7f7 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Thu, 22 Sep 2022 04:10:23 GMT ETag: "df9f1-a211-5e93c3d881d02" Accept-Ranges: bytes Content-Length: 41489 Vary: User-Agent Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data Size: 41489 Md5: 53dbbc98db856b296ee082140b3c6ee3 Sha1: 6eb6a8d88605b24920f7ca7340fc80068f83a31c Sha256: 0bbd34becfa8dbd0108de752bae34ebc980c4a3220d9fd5fb6bc09eca543f7f7
POST /gsrsaovsslca2018 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 79 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/gsrsaovsslca2018 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 627e5ec30a86c56fab374b9e6b4bf7edd96fe70d4a30a6faa91f10ad4e993cc4 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sun, 04 Dec 2022 15:32:52 GMT Content-Length: 1432 Connection: keep-alive Expires: Thu, 08 Dec 2022 14:30:04 GMT ETag: "56337dbbbf2003d46f2b96b90033709fe25d7d6e" Last-Modified: Sun, 04 Dec 2022 14:30:05 GMT Cache-Control: public, no-transform, must-revalidate, s-maxage=3600 CF-Cache-Status: HIT Age: 814 Accept-Ranges: bytes Vary: Accept-Encoding Server: cloudflare CF-RAY: 774598e6dd58b517-OSL --- Additional Info --- Magic: data Size: 1432 Md5: fdd745f17f79b4c63dab78c4b24ead86 Sha1: 56337dbbbf2003d46f2b96b90033709fe25d7d6e Sha256: 627e5ec30a86c56fab374b9e6b4bf7edd96fe70d4a30a6faa91f10ad4e993cc4
GET /images/box/1_1592375708480199.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/box/1_1592375708480199.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: e009be59ffccda6f59f29b6d5955022685e01d81cc4f1c5348c7665ce4e568d4 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Fri, 13 May 2022 10:34:55 GMT ETag: "dfa25-b51b-5dee239aa71c0" Accept-Ranges: bytes Content-Length: 46363 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 470x324, components 3\012- data Size: 46363 Md5: 1d0403d4b0dcfc47e4f0f281f26a8636 Sha1: bfedb5bd6d4e1fbba3d79f5f08a15602facab3f0 Sha256: e009be59ffccda6f59f29b6d5955022685e01d81cc4f1c5348c7665ce4e568d4
GET /images/fragment/about.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/fragment/about.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 68f2c1a831db39d56402d106a24dde17fd0fadc5327008d4a27605371a9ee4d3 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Wed, 18 May 2022 00:53:09 GMT ETag: "df90c-bbbe-5df3eae500740" Accept-Ranges: bytes Content-Length: 48062 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 399 x 407, 8-bit colormap, non-interlaced\012- data Size: 48062 Md5: 7537fc55d87d0aea209971550e34491f Sha1: 2953b0947a80fa59d6c650e5fb8e475f7a777a69 Sha256: 68f2c1a831db39d56402d106a24dde17fd0fadc5327008d4a27605371a9ee4d3
GET /images/product/1_1652253427759184_thumb.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/product/1_1652253427759184_thumb.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 28fe22a9957cb7474565041db4857b28a719bafa7f33364bcf7d6154cea50099 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Thu, 22 Sep 2022 04:10:42 GMT ETag: "df9e8-a1b5-5e93c3eb2205e" Accept-Ranges: bytes Content-Length: 41397 Vary: User-Agent Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data Size: 41397 Md5: 2f45644261d2bf850eba5be45f55c07e Sha1: 4d67d3e445a437ca5162c76e00caf64eabbda5f5 Sha256: 28fe22a9957cb7474565041db4857b28a719bafa7f33364bcf7d6154cea50099
GET /include/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://www.knswsd.com/theme/knsw/css/fonts.css Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/include/fonts/fontawesome-webfont.woff2? (...) FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/plain Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Thu, 27 Oct 2016 20:51:44 GMT ETag: "dfa3f-12d68-53fdee8c3f800" Accept-Ranges: bytes Content-Length: 77160 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data Size: 77160 Md5: af7ae505a9eed503f8b8e6982036873e Sha1: d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c Sha256: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe Alerts: Blocklists: - fortinet: Phishing
GET /theme/knsw/fonts/materialdesignicons-webfont.woff2?v=1.4.57 HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://www.knswsd.com/theme/knsw/css/fonts.css Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/fonts/materialdesignicons-web (...) FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1 101.37.175.102 HTTP/1.1 200 OK Content-Type: text/plain Date: Sun, 04 Dec 2022 15:32:52 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfcaa-1378c-5dd4d34c37bc0" Accept-Ranges: bytes Content-Length: 79756 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format (Version 2), TrueType, length 79756, version 1.0\012- data Size: 79756 Md5: 380a87ac162f7313bdc7556fcca4fd38 Sha1: 4b29d05c0445f92f14a1c058fc06e34ab6e7f869 Sha256: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1
GET /images/fragment/qrcode.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/fragment/qrcode.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: e0475feef79db77001e9e12377c1f26b0b140a786479e7ef6b6bcdd99a5165be 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Mon, 16 May 2022 23:20:27 GMT ETag: "dfa31-30c6-5df2944f344c0" Accept-Ranges: bytes Content-Length: 12486 Vary: User-Agent Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 255 x 252, 8-bit colormap, non-interlaced\012- data Size: 12486 Md5: 358b810698be7620636206faa18eb9e2 Sha1: 2280577a8fc1055abd369ef9e9dd81f397c3b279 Sha256: e0475feef79db77001e9e12377c1f26b0b140a786479e7ef6b6bcdd99a5165be
GET /images/fragment/miniprogram.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/fragment/miniprogram.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: a16650b82058d6ac87352680cd48bbebd2f3c105d45d3db59cbd5e52b1c268b5 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Mon, 16 May 2022 23:20:29 GMT ETag: "dfa2d-4012-5df294511c940" Accept-Ranges: bytes Content-Length: 16402 Vary: User-Agent Keep-Alive: timeout=15, max=297 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 259 x 259, 8-bit colormap, non-interlaced\012- data Size: 16402 Md5: e8a0ec1c587faf4c08349faa5acaad3a Sha1: e6f4a14b9138225032d05b3f8d5f0f84eea27ab0 Sha256: a16650b82058d6ac87352680cd48bbebd2f3c105d45d3db59cbd5e52b1c268b5
GET /theme/knsw/images/logo.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/images/logo.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 6f2b3e145b2f52b39165703edb623188b4734075cd4de293736c2c0c70e4b808 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Fri, 27 May 2022 01:14:12 GMT ETag: "dfa08-ec8-5dff4062a4100" Accept-Ranges: bytes Content-Length: 3784 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 80 x 77, 8-bit colormap, non-interlaced\012- data Size: 3784 Md5: 967a7bfb45f53d740e2399dab1bd4545 Sha1: 978df84a1eb60970ec2cd4c6b4673d2e3ccbdc4b Sha256: 6f2b3e145b2f52b39165703edb623188b4734075cd4de293736c2c0c70e4b808
GET /data/slide/20220511yvlidb.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/data/slide/20220511yvlidb.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 77d3bbb550ebd7cc8a3d384a479ad6e0b89aef450c31780083a7e4f3d6398b7e 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Fri, 13 May 2022 10:30:33 GMT ETag: "df9e1-13b10-5dee22a0ca440" Accept-Ranges: bytes Content-Length: 80656 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x845, components 3\012- data Size: 80656 Md5: a5fa7b9f64b7ab169b134e8dc7e56b6e Sha1: 197b745e859592859f79b171750537c47806f60c Sha256: 77d3bbb550ebd7cc8a3d384a479ad6e0b89aef450c31780083a7e4f3d6398b7e
GET /images/nopic.jpg HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/nopic.jpg FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 7de092f638e36aa43eab838b824bce9750b28bc4702592559028858e885f6778 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/jpeg Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Fri, 13 May 2022 06:27:42 GMT ETag: "dfcf9-1bcb-5dedec58cd380" Accept-Ranges: bytes Content-Length: 7115 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 580x290, components 3\012- data Size: 7115 Md5: f98ce1e540df0aacf11ee1f83ad60173 Sha1: 2ff56882584e70bbda2bbf4f5afdf0a7af2687ab Sha256: 7de092f638e36aa43eab838b824bce9750b28bc4702592559028858e885f6778
GET /images/fragment/logo.png HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/images/fragment/logo.png FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 4bba1c4fb3edfd83b7d56ded87cf6b4cb02689c3c5f9a4c72dae4fef0bde825f 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/png Date: Sun, 04 Dec 2022 15:32:53 GMT Server: Apache Last-Modified: Fri, 27 May 2022 00:38:08 GMT ETag: "df9e2-a53-5dff3852e3c00" Accept-Ranges: bytes Content-Length: 2643 Vary: User-Agent Keep-Alive: timeout=15, max=297 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 180 x 63, 8-bit colormap, non-interlaced\012- data Size: 2643 Md5: 92d206d447366d2c2ec960ac526be26e Sha1: f0ba51c234159d9506e85ce33bcb338b083f1509 Sha256: 4bba1c4fb3edfd83b7d56ded87cf6b4cb02689c3c5f9a4c72dae4fef0bde825f
GET /hm.js?dbf634faad69aa3a3781c05866af6e95 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.js?dbf634faad69aa3a3781c05866af6e95 FQDN: hm.baidu.com IP: 103.235.46.191 HASH: 618a8bb83c0af9f696bee73f757593787778f713e1147d53d42cc22770f8a259 103.235.46.191 HTTP/1.1 200 OK Content-Type: application/javascript Cache-Control: max-age=0, must-revalidate Content-Encoding: gzip Content-Length: 11258 Date: Sun, 04 Dec 2022 15:32:53 GMT Etag: 5c18d8585ccc498d780b7a5a580a8b2b P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Server: apache Set-Cookie: HMACCOUNT=EDAF8A23550BBF4F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 --- Additional Info --- Magic: ASCII text, with very long lines (620) Size: 11258 Md5: 82d51594e4b15ef6fe577f648005c473 Sha1: 32b9e99e8de37edcc13817c319d09e544c13f00d Sha256: 618a8bb83c0af9f696bee73f757593787778f713e1147d53d42cc22770f8a259
GET /favicon.ico HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/favicon.ico FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 19fbbab4c7deb18e9e535c5307e26dac198189e0d3187da6a5d59537d5bb2621 101.37.175.102 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Sun, 04 Dec 2022 15:32:54 GMT Server: Apache Last-Modified: Sat, 14 May 2022 02:38:20 GMT ETag: "df9c5-10be-5deefaf2487ca" Accept-Ranges: bytes Content-Length: 4286 Vary: User-Agent Keep-Alive: timeout=15, max=296 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Size: 4286 Md5: 2ed31ec7b0fb9f9e83582a09b40466ac Sha1: 3897f8e60d45b43892161438ab1ff0d510f07440 Sha256: 19fbbab4c7deb18e9e535c5307e26dac198189e0d3187da6a5d59537d5bb2621
GET /theme/knsw/fonts/fl-bigmug-line.woff HTTP/1.1 Host: www.knswsd.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: https://www.knswsd.com/theme/knsw/css/fonts.css Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 Sec-Fetch-Dest: font Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin	URL: www.knswsd.com/theme/knsw/fonts/fl-bigmug-line.woff FQDN: www.knswsd.com IP: 101.37.175.102 HASH: 50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375 101.37.175.102 HTTP/1.1 200 OK Content-Type: application/x-font-woff Date: Sun, 04 Dec 2022 15:32:54 GMT Server: Apache Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT ETag: "dfca8-5448-5dd4d34c37bc0" Accept-Ranges: bytes Content-Length: 21576 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 21576, version 0.0\012- data Size: 21576 Md5: aacdd360f205807c20cdb5afbef8b6ce Sha1: 05115095225399f12f6ab1ba9349f5ef3502b24c Sha256: 50d94f8262f73dbea0c4e89cc67bc8c432c9f8baba9d97e8f5cf47939acf0375 Alerts: Blocklists: - fortinet: Phishing
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1823869343&si=dbf634faad69aa3a3781c05866af6e95&v=1.3.0&lv=1&sn=8497&r=0&ww=1280&u=https%3A%2F%2Fwww.knswsd.com%2F&tt=%E7%89%9B%E7%BE%8A%E7%8C%AA%E9%A9%AC%E9%B8%A1%E5%8A%A8%E7%89%A9%E8%A1%80%E6%B8%85%E7%94%9F%E4%BA%A7%E5%8E%82%E5%AE%B6%20-%20%E5%BA%B7%E9%82%A3%E7%94%9F%E7%89%A9%E6%8A%80%E6%9C%AF(%E5%B1%B1%E4%B8%9C)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 Host: hm.baidu.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://www.knswsd.com/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl (...) FQDN: hm.baidu.com IP: 103.235.46.191 HASH: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda 103.235.46.191 HTTP/1.1 200 OK Content-Type: image/gif Cache-Control: private, max-age=0, no-cache Content-Length: 43 Date: Sun, 04 Dec 2022 15:32:54 GMT P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" Pragma: no-cache Server: apache Set-Cookie: HMACCOUNT=B2155BCCDB34C031; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT Strict-Transport-Security: max-age=172800 X-Content-Type-Options: nosniff --- Additional Info --- Magic: GIF image data, version 89a, 1 x 1\012- data Size: 43 Md5: ad4b0f606e0f8465bc4c4c170b37e1a3 Sha1: 50b30fd5f87c85fe5cba2635cb83316ca71250d7 Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3097 

                                        
                                            
Cache-Control: max-age=157806 

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:48 GMT 

                                        
                                            
Etag: "638c76f5-1d7" 

                                        
                                            
Expires: Tue, 06 Dec 2022 11:22:54 GMT 

                                        
                                            
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    fb2c0697c6d9a96a5411dd2952947458

                                                Sha1:   79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4

                                                Sha256: 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.102.187.140

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 15:18:24 GMT 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
age: 864 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: ZAY5tl3OXiKdhdCSzU6VfXMfbyD5DKIUt2zd1OWt7tmoIQPidFJPOf9GlYMEnhLslFuWLVydXUaW4SlFVFvMGQ== 

                                        
                                            
x-amz-request-id: XR53846W1CWHM1CC 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Sun, 04 Dec 2022 14:47:01 GMT 

                                        
                                            
age: 2747 

                                        
                                            
last-modified: Thu, 10 Nov 2022 09:21:27 GMT 

                                        
                                            
etag: "9ebddc2b260d081ebbefee47c037cb28" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    9ebddc2b260d081ebbefee47c037cb28

                                                Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39

                                                Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 3042 

                                        
                                            
Cache-Control: max-age=152683 

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:49 GMT 

                                        
                                            
Etag: "638c632b-1d7" 

                                        
                                            
Expires: Tue, 06 Dec 2022 09:57:32 GMT 

                                        
                                            
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    31b129c94a90b1e695b21395cb54e378

                                                Sha1:   a3cae46b48d469cc61ab0581303bcd5f5b654db9

                                                Sha256: fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: /jlXOoROOnQPa5as0opQMA== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.191.251.76

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 5/WDDl/pqKgAqYjDQs5mN/G7LE0= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3506 

                                        
                                            
Expires: Sun, 04 Dec 2022 16:31:16 GMT 

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:50 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    83e0936435ad95a15c9ec5ff9520f4fe

                                                Sha1:   a8225ee0d8ae117f977f7ff817c342c62e91b5a9

                                                Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7" 

                                        
                                            
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3506 

                                        
                                            
Expires: Sun, 04 Dec 2022 16:31:16 GMT 

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:50 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    83e0936435ad95a15c9ec5ff9520f4fe

                                                Sha1:   a8225ee0d8ae117f977f7ff817c342c62e91b5a9

                                                Sha256: ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 10431 

                                        
                                            
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: clsCGEwxIAMF34g= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w== 

                                        
                                            
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Dec 2022 21:47:06 GMT 

                                        
                                            
age: 63944 

                                        
                                            
etag: "8637105f41058bc0d2b259d462b560881928adb6" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   10431

                                                Md5:    2636f91bb8fa4d9bb7bef114c248a9ae

                                                Sha1:   8637105f41058bc0d2b259d462b560881928adb6

                                                Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8989 

                                        
                                            
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cltl4Gk2oAMFSWQ= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA== 

                                        
                                            
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Dec 2022 21:50:01 GMT 

                                        
                                            
age: 63769 

                                        
                                            
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8989

                                                Md5:    a6e7b32ac999cf3c899a234c621fa91a

                                                Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be

                                                Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 8315 

                                        
                                            
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: clsAMGVboAMFfxg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg== 

                                        
                                            
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 03 Dec 2022 21:52:47 GMT 

                                        
                                            
age: 63603 

                                        
                                            
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   8315

                                                Md5:    db1701b7b9d161a0c935bb6e10b17893

                                                Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b

                                                Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787

                                        
                                            GET /theme/knsw/css/bootstrap.css HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/css,*/*;q=0.1 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: style 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/css

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:50 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT 

                                        
                                            
ETag: "dfca1-1c6be-5dd4d34c37bc0" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Vary: Accept-Encoding,User-Agent 

                                        
                                            
Content-Encoding: gzip 

                                        
                                            
Content-Length: 18984 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65406)

                                                Size:   18984

                                                Md5:    a2ce7946b95ba2004ddb489a07bfd6f0

                                                Sha1:   c0894aa3520e085365d37d3027b802fc3c578db2

                                                Sha256: 7d51e8d1b09e5bdbbf550828694b67e9d081f93d7d3d168d5c1d04dfef1d53a4

                                        
                                            GET /theme/knsw/images/footerlogo.png HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:52 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Mon, 30 May 2022 07:23:16 GMT 

                                        
                                            
ETag: "dfa02-1c19-5e03587930100" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 7193 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 234 x 82, 8-bit/color RGBA, non-interlaced\012- data

                                                Size:   7193

                                                Md5:    7eb3096a1d6a1fa8fbedbc878f601ec4

                                                Sha1:   757ac3583a2515893afc1ee743d49765427e4815

                                                Sha256: 1b26f773ad555a0efe0cb5f757e6e7a86620e4beb0360a970c234c0e7ff991f0

                                        
                                            GET /images/product/3_1652254714091023_thumb.jpg HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:52 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Thu, 22 Sep 2022 04:09:56 GMT 

                                        
                                            
ETag: "df9d6-a113-5e93c3bf58b37" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 41235 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data

                                                Size:   41235

                                                Md5:    f5c262884e16c6f7cbe5014f68d2551e

                                                Sha1:   05a4002dfe534df41abb15868d63fee01d7a645c

                                                Sha256: a0e4860f665f4fa60d0541b886ab1e337cfe802dc317f271fafa7f67a9c54fed

                                        
                                            GET /images/product/6_1653881858382650_thumb.jpg HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:52 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Thu, 22 Sep 2022 04:10:23 GMT 

                                        
                                            
ETag: "df9f1-a211-5e93c3d881d02" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 41489 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=298 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data

                                                Size:   41489

                                                Md5:    53dbbc98db856b296ee082140b3c6ee3

                                                Sha1:   6eb6a8d88605b24920f7ca7340fc80068f83a31c

                                                Sha256: 0bbd34becfa8dbd0108de752bae34ebc980c4a3220d9fd5fb6bc09eca543f7f7

                                        
                                            GET /images/box/1_1592375708480199.jpg HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:52 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Fri, 13 May 2022 10:34:55 GMT 

                                        
                                            
ETag: "dfa25-b51b-5dee239aa71c0" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 46363 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 470x324, components 3\012- data

                                                Size:   46363

                                                Md5:    1d0403d4b0dcfc47e4f0f281f26a8636

                                                Sha1:   bfedb5bd6d4e1fbba3d79f5f08a15602facab3f0

                                                Sha256: e009be59ffccda6f59f29b6d5955022685e01d81cc4f1c5348c7665ce4e568d4

                                        
                                            GET /images/product/1_1652253427759184_thumb.jpg HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:53 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Thu, 22 Sep 2022 04:10:42 GMT 

                                        
                                            
ETag: "df9e8-a1b5-5e93c3eb2205e" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 41397 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=298 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 300x300, components 3\012- data

                                                Size:   41397

                                                Md5:    2f45644261d2bf850eba5be45f55c07e

                                                Sha1:   4d67d3e445a437ca5162c76e00caf64eabbda5f5

                                                Sha256: 28fe22a9957cb7474565041db4857b28a719bafa7f33364bcf7d6154cea50099

                                        
                                            GET /theme/knsw/fonts/materialdesignicons-webfont.woff2?v=1.4.57 HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: identity 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/theme/knsw/css/fonts.css 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: font 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: text/plain

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:52 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Sat, 23 Apr 2022 07:22:31 GMT 

                                        
                                            
ETag: "dfcaa-1378c-5dd4d34c37bc0" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 79756 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=300 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  Web Open Font Format (Version 2), TrueType, length 79756, version 1.0\012- data

                                                Size:   79756

                                                Md5:    380a87ac162f7313bdc7556fcca4fd38

                                                Sha1:   4b29d05c0445f92f14a1c058fc06e34ab6e7f869

                                                Sha256: 56ca131e02e335cbc5604cf53451ad97f160b33a46bba0b0b8f41578de9715c1

                                        
                                            GET /images/fragment/miniprogram.png HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:53 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Mon, 16 May 2022 23:20:29 GMT 

                                        
                                            
ETag: "dfa2d-4012-5df294511c940" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 16402 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=297 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 259 x 259, 8-bit colormap, non-interlaced\012- data

                                                Size:   16402

                                                Md5:    e8a0ec1c587faf4c08349faa5acaad3a

                                                Sha1:   e6f4a14b9138225032d05b3f8d5f0f84eea27ab0

                                                Sha256: a16650b82058d6ac87352680cd48bbebd2f3c105d45d3db59cbd5e52b1c268b5

                                        
                                            GET /data/slide/20220511yvlidb.jpg HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/jpeg

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:53 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Fri, 13 May 2022 10:30:33 GMT 

                                        
                                            
ETag: "df9e1-13b10-5dee22a0ca440" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 80656 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x845, components 3\012- data

                                                Size:   80656

                                                Md5:    a5fa7b9f64b7ab169b134e8dc7e56b6e

                                                Sha1:   197b745e859592859f79b171750537c47806f60c

                                                Sha256: 77d3bbb550ebd7cc8a3d384a479ad6e0b89aef450c31780083a7e4f3d6398b7e

                                        
                                            GET /images/fragment/logo.png HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/png

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:53 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Fri, 27 May 2022 00:38:08 GMT 

                                        
                                            
ETag: "df9e2-a53-5dff3852e3c00" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 2643 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=297 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PNG image data, 180 x 63, 8-bit colormap, non-interlaced\012- data

                                                Size:   2643

                                                Md5:    92d206d447366d2c2ec960ac526be26e

                                                Sha1:   f0ba51c234159d9506e85ce33bcb338b083f1509

                                                Sha256: 4bba1c4fb3edfd83b7d56ded87cf6b4cb02689c3c5f9a4c72dae4fef0bde825f

                                        
                                            GET /favicon.ico HTTP/1.1 

                                        
                                            
Host: www.knswsd.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Cookie: PHPSESSID=k6nddv40gg76aok88vgfqfpsh7 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: same-origin

                                         101.37.175.102

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:54 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Sat, 14 May 2022 02:38:20 GMT 

                                        
                                            
ETag: "df9c5-10be-5deefaf2487ca" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 4286 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=296 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data

                                                Size:   4286

                                                Md5:    2ed31ec7b0fb9f9e83582a09b40466ac

                                                Sha1:   3897f8e60d45b43892161438ab1ff0d510f07440

                                                Sha256: 19fbbab4c7deb18e9e535c5307e26dac198189e0d3187da6a5d59537d5bb2621

                                        
                                            GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1823869343&si=dbf634faad69aa3a3781c05866af6e95&v=1.3.0&lv=1&sn=8497&r=0&ww=1280&u=https%3A%2F%2Fwww.knswsd.com%2F&tt=%E7%89%9B%E7%BE%8A%E7%8C%AA%E9%A9%AC%E9%B8%A1%E5%8A%A8%E7%89%A9%E8%A1%80%E6%B8%85%E7%94%9F%E4%BA%A7%E5%8E%82%E5%AE%B6%20-%20%E5%BA%B7%E9%82%A3%E7%94%9F%E7%89%A9%E6%8A%80%E6%9C%AF(%E5%B1%B1%E4%B8%9C)%E6%9C%89%E9%99%90%E5%85%AC%E5%8F%B8 HTTP/1.1 

                                        
                                            
Host: hm.baidu.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: https://www.knswsd.com/ 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         103.235.46.191

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/gif

                                        

                                        
                                            
Cache-Control: private, max-age=0, no-cache 

                                        
                                            
Content-Length: 43 

                                        
                                            
Date: Sun, 04 Dec 2022 15:32:54 GMT 

                                        
                                            
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Server: apache 

                                        
                                            
Set-Cookie: HMACCOUNT=B2155BCCDB34C031; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT 

                                        
                                            
Strict-Transport-Security: max-age=172800 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  GIF image data, version 89a, 1 x 1\012- data

                                                Size:   43

                                                Md5:    ad4b0f606e0f8465bc4c4c170b37e1a3

                                                Sha1:   50b30fd5f87c85fe5cba2635cb83316ca71250d7

                                                Sha256: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

URL	www.knswsd.com/
IP	101.37.175.102 (China)
ASN	#37963 Hangzhou Alibaba Advertising Co.,Ltd.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-04 15:32:59 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	6
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 101.37.175.102

Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.

Last 1 reports on domain: knswsd.com

No other reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (47)

Overview

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 101.37.175.102

Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.

Last 1 reports on domain: knswsd.com

No other reports with similar screenshot

JavaScript

Executed Scripts (4)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (47)

Network Intrusion Detection Systems