r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d931e0142ef5ffe9cdb4c4c6bfcb9bc9
d9c4caf525e8926b042a14f38d374cc4033ed768
f610984fb0a75b3a31424faa860cbc8172c7f21804df1dc14fbb685b7c456f29
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F610984FB0A75B3A31424FAA860CBC8172C7F21804DF1DC14FBB685B7C456F29"
Last-Modified: Sat, 03 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10943
Expires: Tue, 06 Sep 2022 15:08:35 GMT
Date: Tue, 06 Sep 2022 12:06:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 06 Sep 2022 11:32:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: PglLUIBk4iJw-uG_LrkbaDNqOT5QqNW9KjJv2LO_RNDz66S4NRMkhg==
Age: 2026
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 06 Sep 2022 01:15:18 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: c2NxRUMc7QGICHwhxL1xINnLJekvZBjGjHYynk9fHVg0BrfqP9ydlw==
age: 39055
X-Firefox-Spdy: h2
v88agent.com/
18.138.91.122301 Moved Permanently 178 B IP 18.138.91.122:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 06 Sep 2022 12:06:12 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.v88agent.com/
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Sep 2022 12:06:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 06 Sep 2022 11:38:18 GMT
Cache-Control: max-age=3600
Expires: Tue, 06 Sep 2022 12:38:18 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a2b4f68a89fc87406bff22c95fc07fba.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AFjm3ZUUczjZnvKOvo3YjxdDUtpL8-kH-1XfiS53gM3sUCgBpYNQzQ==
Age: 1675
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash e8952752ad4a452a575522a7eb737217
c5554fa2af05d7a7117032b0f99352de08988346
8c182bed7bbd843774a2136823b30a4cb707e2a5386f71d01640aa3558888bf7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 11
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 06 Sep 2022 12:06:13 GMT
Last-Modified: Tue, 06 Sep 2022 12:06:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.238.202.79101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.202.79:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TVloZxME0991ZZHvakQcLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9qTGRrziokj+rpF/3uy5aF43IGQ=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 462a349c93c3941bd2cc4fc3cd96d5a3
eb586cc0df3c8436588e07202c8de27164104e43
652a7a53843e7fea6ed3d537f15216c996c0d8cae87e397e15a81f6eb292a06b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "652A7A53843E7FEA6ED3D537F15216C996C0D8CAE87E397E15A81F6EB292A06B"
Last-Modified: Mon, 05 Sep 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21552
Expires: Tue, 06 Sep 2022 18:05:26 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11155
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11155
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11155
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11155
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bc70b1691dd339e8120b92ba393ffb69
99118be3645b3182ccdc5f9da149a97c220a3929
da94f53f998808b2b187d6c265722e95e4cdce9f0a4b23ff0bf6c96d2cdf2bd8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DA94F53F998808B2B187D6C265722E95E4CDCE9F0A4B23FF0BF6C96D2CDF2BD8"
Last-Modified: Mon, 05 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11155
Expires: Tue, 06 Sep 2022 15:12:09 GMT
Date: Tue, 06 Sep 2022 12:06:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c81f3df885bdee8cac46ea9495e6b63b
fc766bca874a352a4acb569577d4cf6527f4f074
e21473f88c613ca33ba6bbe1e0cab338274a06744cdcb088f14873c972445b36
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7ad09c5e-a115-4ff7-9742-809e93046365.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4426
x-amzn-requestid: b5b68557-e46d-41cd-9b11-d996aabc0de7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzfYTHHFIAMFjFw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631145ce-1d3504367cf6ef724a345564;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 23:52:46 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: bSBSzzRMdrVdoV3Ld8hYWq2AwO7Mswcwa8Tk_AKa44j1SlrFugNqpg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:48:06 GMT
age: 51488
etag: "fc766bca874a352a4acb569577d4cf6527f4f074"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4b2d6a516e93799b54fe2bbd6630f86
b5a7380f294876dd308c7fde294f36a425c1be01
7463878d8967ff31d7ce20d5a4408c23ad59123032a990c21a47df0881edcb86
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F326e03cd-e1aa-45a4-8a6b-bdd21f21012c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5377
x-amzn-requestid: 2adc68e8-1889-4233-8ac4-e2a8d44ccbdd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: X_4XzF1FoAMF3AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63163a98-5918897d7de556f75bbfab34;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 18:06:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: DpNb6dBygeDbRbFWIkeXYVddcgxlSVuq4y73JvG315Xp-wkwiDhZyQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 18:09:25 GMT
age: 64609
etag: "b5a7380f294876dd308c7fde294f36a425c1be01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3fe4a321dcd6a94a637a528d74f9321a
3f3aad2cc71226b39549db1a9baa6837d4f1d897
a19b6749429e8ecaeac8fc0849abc4d891bfc628489762b1619a3ee3064536e3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9e36fad7-34cb-448b-b231-07f66a5adf7e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12573
x-amzn-requestid: 92e03b26-883b-41e2-9033-379a6d02210c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAYCdGy8oAMFQZw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166d42-1c4ea2f74b796623574bde87;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:42:26 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: u1hKGB5UKEuuIVqcQ_Lx5wfBjy_hB32Jnp7_mDnF2BrsN4a6Mj_WJQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 21:46:16 GMT
etag: "3f3aad2cc71226b39549db1a9baa6837d4f1d897"
content-type: image/jpeg
age: 51598
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 19b452d6541a6028e7d3f90529477077
1c16eb50bc2490b4ebff6775ef611fdcb282f9f9
f4763a0f464067991c2c484c384df4fe791d7df6e3d6ad15650a954db537249f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F228f042c-3a57-45c7-84c2-4aaaa1dd2f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10694
x-amzn-requestid: c3d2f71c-927d-41f6-93ab-bf041374a9f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YAWsgHQOIAMFvSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63166b1c-5d2efd595cdf300972f4fb79;Sampled=0
x-amzn-remapped-date: Mon, 05 Sep 2022 21:33:16 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eikhT8BkN5e163S6QriQybdyPNTKDTf3BCsHifNwfBJfrWv7LqgL8Q==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Sep 2022 22:02:23 GMT
etag: "1c16eb50bc2490b4ebff6775ef611fdcb282f9f9"
content-type: image/jpeg
age: 50631
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.v88agent.com/
210.57.28.80302 Found 9.3 kB IP 210.57.28.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0d404793e430ea237e75be9cb1e2bce4
059b34d1809abedd223f7beec75e7831673878be
f180b1cdeb9a794ba3211348673783508d021aeaed419d782374be1a92a4c8dc
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Location: https://www.v88agent.com/
Connection: close
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec466c0d472e43c11d36bf6fce068205
720d3624a76d060b8e2699e9aa7a320e3efd4878
5553fc24713aae808f5ab81671551b0ae719435f3ced9f25df97d8edf6bfe86f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F106059e1-95ed-4ffb-b6d2-7b4f160333ed.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12683
x-amzn-requestid: 6127e5b6-72f6-40df-b400-41a1f147f6da
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xz8XmEe0IAMFQDA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63117430-2b27a2683d2d320172cef32e;Sampled=0
x-amzn-remapped-date: Fri, 02 Sep 2022 03:10:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mj_IT5g7hGu2AunKK7mvierv5BQ8cAxhnbGaUNsL6hRNu6MRAzIBDw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Sep 2022 04:36:52 GMT
age: 26962
etag: "720d3624a76d060b8e2699e9aa7a320e3efd4878"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.v88agent.com/
210.57.28.80200 OK 2.4 kB IP 210.57.28.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 16c8265ce9b7888b7408bc9c7a2514e7
0ac23ff1f4eb37760abdf4d6e7a0bfd3ffa1baa1
cd43f8f156aefd5c0ce5cebaec09244092491188c652d76651febed7030c5194
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Cache-Control: private
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; path=/; HttpOnly; SameSite=Lax
ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; path=/; HttpOnly; SameSite=Lax
__utms=A86839AF86FBD8A8C184E5A813DF8F; domain=www.v88agent.com; expires=Wed, 07-Sep-2022 12:06:15 GMT; path=/; HttpOnly
__RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1; path=/; HttpOnly
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN, SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:14 GMT
Content-Length: 2355
www.v88agent.com/assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200
210.57.28.80200 OK 6.4 kB URL HTTP/1.1 www.v88agent.com/assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200
IP 210.57.28.80:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (23180), with CRLF line terminators
Hash b3f7b07e538dce514b792ecafed57335
70ae6fc6e9595f6ecc30d1d0a40b706b2f301f51
383cecbacc2c3210904860796911723b1785d1d3bd44281765cc58b7c8e2ce79
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/vendors-extensions/login/bootstrap-ex.min.css?ver=2022051200 HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Tue, 13 Sep 2016 02:05:31 GMT
Accept-Ranges: bytes
ETag: "e14e6b4e63dd21:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:14 GMT
Content-Length: 6406
www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
210.57.28.80200 OK 2.7 kB URL HTTP/1.1 www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
IP 210.57.28.80:0
File type ASCII text, with very long lines (9435), with no line terminators
Hash d482d9a5d4c8d3221ca245d17ef7c408
c5040857bd9ccdb8734f1246aee30203e5af9b79
ecd649b0d5258971d9ccbe402ee2e0f56a58532d5ce211275ec80a40912e9f21
Analyzer Verdict Alert fortinet Phishing
GET /assets/bundles/themes/default.min.css?ver=2022051200 HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 12 May 2022 02:41:22 GMT
Accept-Ranges: bytes
ETag: "2f4a56c4a965d81:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:15 GMT
Content-Length: 2706
www.v88agent.com/assets/styles/alpha.slider-captcha.css?ver=2022051200
210.57.28.80200 OK 1.0 kB URL HTTP/1.1 www.v88agent.com/assets/styles/alpha.slider-captcha.css?ver=2022051200
IP 210.57.28.80:0
File type ASCII text, with very long lines (3861), with CRLF line terminators
Hash 740b60715e3fd08fe7d57026aa4d4285
11beed1575ab3cc160eb52ff8a8eb8c5c970b988
13c7c4c77f8c36395049115114f53e15111655c46b240bce8e347704ce996fc7
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/alpha.slider-captcha.css?ver=2022051200 HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Thu, 16 Sep 2021 06:33:58 GMT
Accept-Ranges: bytes
ETag: "c52f42d4c4aad71:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:14 GMT
Content-Length: 1036
www.v88agent.com/assets/styles/images/mode/y9.svg
210.57.28.80200 OK 648 B URL HTTP/1.1 www.v88agent.com/assets/styles/images/mode/y9.svg
IP 210.57.28.80:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (541), with CRLF line terminators
Hash 235f6bb85521c15a5d9abe3e615f6116
745a59eea91caad0849267ecaccd95ce253275da
29efa1b62629e9bb35328b924001d0c79cefedc968c87aa69351fd013f3e2417
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/images/mode/y9.svg HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/svg+xml
Last-Modified: Thu, 12 May 2022 02:41:22 GMT
Accept-Ranges: bytes
ETag: "8fab58c4a965d81:0"
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:15 GMT
Content-Length: 648
www.v88agent.com/assets/styles/images/crossword.png
210.57.28.80200 OK 44 kB URL HTTP/1.1 www.v88agent.com/assets/styles/images/crossword.png
IP 210.57.28.80:0
File type PNG image data, 400 x 400, 4-bit colormap, non-interlaced\012- data
Hash b5c5ab66d8331513696fe3ec992187a0
84bc265bc6c53141f9656878b371ca93543090c0
2f23f323330dd47e39b3af4892097e56ef0cabf5980e4c2ed794f58d4f629437
GET /assets/styles/images/crossword.png HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
Last-Modified: Thu, 15 Sep 2016 01:53:55 GMT
Accept-Ranges: bytes
ETag: "a3388e4f4ed21:0"
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:14 GMT
Content-Length: 43694
www.v88agent.com/assets/scripts/login/fps.js?ver=2022051200
210.57.28.80200 OK 1.1 kB URL HTTP/1.1 www.v88agent.com/assets/scripts/login/fps.js?ver=2022051200
IP 210.57.28.80:0
File type ASCII text, with CRLF line terminators
Hash 791b5e1085f4eeb6fadc0bc7b5164668
efb60abc5521cd4653ae6e4ce5cfa084ad8482f6
954398ab36eae336394f9d3eb44c81f52e874749eda0708ef2dfed4bf174fdff
GET /assets/scripts/login/fps.js?ver=2022051200 HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/javascript
Content-Encoding: gzip
Last-Modified: Tue, 14 Sep 2021 02:29:13 GMT
Accept-Ranges: bytes
ETag: "d3d5684e10a9d71:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:16 GMT
Content-Length: 1097
www.v88agent.com/assets/styles/images/sprites2.png
210.57.28.80200 OK 6.0 kB URL HTTP/1.1 www.v88agent.com/assets/styles/images/sprites2.png
IP 210.57.28.80:0
File type PNG image data, 115 x 116, 8-bit/color RGBA, non-interlaced\012- data
Hash 086f86511b0813d1d729762d4abd4240
d5dc9fccead81ab85acd0d770bf39bd8b2c7f0a0
c79966b969c421b3c2ce86193262adaddf406717f7899a071204bc62975b2a57
GET /assets/styles/images/sprites2.png HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/png
Last-Modified: Fri, 17 Feb 2017 02:22:53 GMT
Accept-Ranges: bytes
ETag: "a3f868bec488d21:0"
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:16 GMT
Content-Length: 5981
www.v88agent.com/assets/bundles/login.min.js?ver=2022051200
210.57.28.80200 OK 63 kB URL HTTP/1.1 www.v88agent.com/assets/bundles/login.min.js?ver=2022051200
IP 210.57.28.80:0
File type ASCII text, with very long lines (65240), with CRLF line terminators
Hash 5a1908d7322b6c4421e44a0002fc9cbb
4d2997d160e178be48b8bd2c7635fb36b6dc62ac
4c714c1614ec1a92e8f5d6ca5b68c864277ed25a0bfc57b3bc84e5f3a06d08d5
GET /assets/bundles/login.min.js?ver=2022051200 HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: text/javascript
Content-Encoding: gzip
Last-Modified: Thu, 03 Mar 2022 03:23:53 GMT
Accept-Ranges: bytes
ETag: "4d3bc01bae2ed81:0"
Vary: Accept-Encoding
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:16 GMT
Content-Length: 62917
stcdn.b8ag.com/bundles/common/hc.css?v=1662465971980
104.18.15.215200 OK 129 B URL HTTP/2 stcdn.b8ag.com/bundles/common/hc.css?v=1662465971980
IP 104.18.15.215:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash 8e8455cc288489fe903eee1bdacc3eb8
2cde3c9a3183b55295fb4fefa7bee21f4ba674d2
152fb186d128e2513bce3956ce7e4f4aafb5199fdb8215c7ffb7f84187d9ea82
GET /bundles/common/hc.css?v=1662465971980 HTTP/1.1
Host: stcdn.b8ag.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.v88agent.com
Connection: keep-alive
Referer: https://www.v88agent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:06:17 GMT
content-type: text/css
content-length: 129
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 02:35:28 GMT
etag: "dfd96b58a72ed81:0"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 746713e76a900b31-OSL
X-Firefox-Spdy: h2
stcdn.agbong88.com/bundles/common/hc.css?v=1662465971982
104.18.14.215200 OK 129 B URL HTTP/2 stcdn.agbong88.com/bundles/common/hc.css?v=1662465971982
IP 104.18.14.215:0
File type Unicode text, UTF-8 (with BOM) text, with no line terminators
Hash 8e8455cc288489fe903eee1bdacc3eb8
2cde3c9a3183b55295fb4fefa7bee21f4ba674d2
152fb186d128e2513bce3956ce7e4f4aafb5199fdb8215c7ffb7f84187d9ea82
GET /bundles/common/hc.css?v=1662465971982 HTTP/1.1
Host: stcdn.agbong88.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.v88agent.com
Connection: keep-alive
Referer: https://www.v88agent.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Sep 2022 12:06:17 GMT
content-type: text/css
content-length: 129
cache-control: max-age=2592000
content-encoding: gzip
last-modified: Thu, 03 Mar 2022 02:35:28 GMT
etag: "dfd96b58a72ed81:0"
vary: Accept-Encoding
access-control-allow-origin: *
strict-transport-security: max-age=15768000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 746713e77f14b518-OSL
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 674706a42c1e770c9b98b0abeea9c3fc
6fe1e02b1a6a88448e00fb34fd88acd0f11831cc
11b71e9769edae1c55315bd707e4b56a3f14cc91c82e90ecfcf471aae19b4888
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "11B71E9769EDAE1C55315BD707E4B56A3F14CC91C82E90ECFCF471AAE19B4888"
Last-Modified: Sun, 04 Sep 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9857
Expires: Tue, 06 Sep 2022 14:50:34 GMT
Date: Tue, 06 Sep 2022 12:06:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 278a673cb71d3d40dd9af2b06fe7d70b
9fbd75ef6273225124a913c447916b141319b09d
f35d50b0ce867bc7657d6a13c47e01a3fcafae3b045868d6adb875c0b87975c7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35D50B0CE867BC7657D6A13C47E01A3FCAFAE3B045868D6ADB875C0B87975C7"
Last-Modified: Mon, 05 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19851
Expires: Tue, 06 Sep 2022 17:37:08 GMT
Date: Tue, 06 Sep 2022 12:06:17 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9ff67c5fbad5f0d22d9789abdeb45569
e0142ac8b31b4ca1296c1ac83ead25c2545bc43f
8b2966a1cd600b1698cf5f34cca4c571d1000123a1ce0258575c05b9d1e32305
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B2966A1CD600B1698CF5F34CCA4C571D1000123A1CE0258575C05B9D1E32305"
Last-Modified: Tue, 06 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17203
Expires: Tue, 06 Sep 2022 16:53:00 GMT
Date: Tue, 06 Sep 2022 12:06:17 GMT
Connection: keep-alive
www.v88agent.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
210.57.28.80200 OK 217 kB URL HTTP/1.1 www.v88agent.com/assets/styles/fonts/opensans/OpenSans-Regular.ttf
IP 210.57.28.80:0
File type TrueType Font data, digitally signed, 19 tables, 1st "DSIG", 26 names, Macintosh, Digitized data copyright \251 2010-2011, Google Corporation.Open SansRegularAscender - Open Sans\012- data
Size 217 kB (217360 bytes)
Hash 629a55a7e793da068dc580d184cc0e31
3564ed0b5363df5cf277c16e0c6bedc5a682217f
e64e508b2aa2880f907e470c4550980ec4c0694d103a43f36150ac3f93189bee
Analyzer Verdict Alert fortinet Phishing
GET /assets/styles/fonts/opensans/OpenSans-Regular.ttf HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/assets/bundles/themes/default.min.css?ver=2022051200
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: application/x-font-ttf
Last-Modified: Tue, 13 Sep 2016 04:10:41 GMT
Accept-Ranges: bytes
ETag: "5ffdcca74dd21:0"
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:16 GMT
Content-Length: 217360
www.v88agent.com/favicon.ico
210.57.28.80200 OK 1.2 kB URL HTTP/1.1 www.v88agent.com/favicon.ico
IP 210.57.28.80:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash 23a27fbf4dc1a97dc2b7d27ab763c3c2
142dab028705bce2748867f60bd871208ccc51f8
208479e9579799b5c17a89b4b7ffb7a0895eff3b6a8240c213cff121c54a655b
GET /favicon.ico HTTP/1.1
Host: www.v88agent.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Cookie: ASP.NET_SessionId=itkq24rt4htjxuwjs0x20jdy; __utms=A86839AF86FBD8A8C184E5A813DF8F; __RequestVerificationToken=Fu8POalSHGdfTBancEhkbwfCP-3tQWQaT3BzN3rh8g_sAIEqoFoNDleFb7GXMO_WanBEPkNzc9xXj1DiD0SoxgiOUuo1; hidLanguage=en-US
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2592000
Content-Type: image/x-icon
Last-Modified: Tue, 04 Apr 2017 07:17:05 GMT
Accept-Ranges: bytes
ETag: "5ef1a47613add21:0"
Strict-Transport-Security: max-age=15768000
X-Frame-Options: SAMEORIGIN
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Security-Policy: default-src *; img-src 'self' data: https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://pw.detecas.com https://www.google-analytics.com https://www.google.com https://www.gstatic.com https://sentry.starixplay.com; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-eval' 'unsafe-inline' https://sc.detecas.com/di/ec.ashx https://sc.saceted.com/di/ec.ashx https://sc.casemed.net/di/ec.ashx https://sc.detecas.com/di/activator.ashx https://sc.saceted.com/di/activator.ashx https://sc.casemed.net/di/activator.ashx https://sc.detecas.com/di/hc.html https://sc.saceted.com/di/hc.html https://sc.casemed.net/di/hc.html https://www.gstatic.com https://www.google.com https://sc.detecas.com/di/activator.ashx https://sc.detecas.com/di2/activator.ashx https://ws.detecas.com https://sc.starixsoft.com/di2/activator.ashx https://fps.starixsoft.com/ws https://fps.starixsoft.com/di/activator.ashx https://sc.detecas.com/di/ec.ashx https://sc.detecas.com/di/dd.ashx https://www.google-analytics.com https://sentry.starixplay.com;
Date: Tue, 06 Sep 2022 12:06:18 GMT
Content-Length: 1150
sc.detecas.com/di/hc.html
54.230.111.126200 OK 205 B URL HTTP/2 sc.detecas.com/di/hc.html
IP 54.230.111.126:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88agent.com/
Origin: https://www.v88agent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Tue, 06 Sep 2022 12:06:18 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-mly-id: 58057bdb7e976236f44545a7fc25a536
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9aSkQkWiHDoNFfnZEIZr0zPXJSOlHtRE3DlMdktEWuahkMMz0IZoBw==
X-Firefox-Spdy: h2
sc.casemed.net/di/hc.html
54.230.111.81200 OK 205 B URL HTTP/2 sc.casemed.net/di/hc.html
IP 54.230.111.81:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.casemed.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88agent.com/
Origin: https://www.v88agent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Tue, 06 Sep 2022 12:06:18 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-mly-id: b5a5d96775861f0ab46aaad8f786b32a
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -aVAhwXwUgZlmbq1jMHMMKvXIaUGABCY58fg45EhkvfEU0WB_4MjoA==
X-Firefox-Spdy: h2
sc.saceted.com/di/hc.html
54.230.111.66200 OK 205 B URL HTTP/2 sc.saceted.com/di/hc.html
IP 54.230.111.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 77c054f8b81343374662df079138ecdf
5074c0e0d8ea926d5b3afeae9f11b2d4d1eaae62
0d32ba2390235ab29d5086712e791b9cb8605ba53ccb58314c1bf62100cb9599
GET /di/hc.html HTTP/1.1
Host: sc.saceted.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.v88agent.com/
Origin: https://www.v88agent.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 205
server: nginx
date: Tue, 06 Sep 2022 12:06:18 GMT
content-encoding: gzip
last-modified: Wed, 18 Aug 2021 03:07:28 GMT
accept-ranges: bytes
etag: "dca74e2dde93d71:0"
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-mly-id: 18831779dc9042cc6500cc524857c559
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5_4rBPsAKHinqR5B-NzNV-FV3fX3mVgaLVKJnXaOUN0Z5ceLxxRVTQ==
X-Firefox-Spdy: h2
sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKEwrDCosOKw7zCmMOBw5LCqsOzwqvDm8OfNsKGw6XDrcOSwoU2w4AeL3VKwoPDqSDCqMOHwp3DhUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCuxxSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7WnnDkMKBPsOXw7Ipw4pbNW4IEsO6wpgsw4vCs04Cw78iwptrwqHDoQfCucKmFcO4wq7DoMKVw6vCl8OAw5k%2BSyxEHsKfLBAbwpUTw7HCg083wo%2FCujMQbUzDvcKdWcO%2Bw7E7woHDrxsPK2Rhwp3DoDHDhRTCkkB1wqfDuQnCnsK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkBQjJsOLGsKWwqU4ZAXDkmovwqzDk8KGNEgNw4JUw7RiAsOMwo0ACl85wo5Nw60eHsKbImsEw5nDj3rCvltUw7vDlsO0ew7DjjkNFsKXPT9dWsKIw50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8KqRRx9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
54.230.111.126200 OK 104 B URL HTTP/2 sc.detecas.com/di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKEwrDCosOKw7zCmMOBw5LCqsOzwqvDm8OfNsKGw6XDrcOSwoU2w4AeL3VKwoPDqSDCqMOHwp3DhUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCuxxSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7WnnDkMKBPsOXw7Ipw4pbNW4IEsO6wpgsw4vCs04Cw78iwptrwqHDoQfCucKmFcO4wq7DoMKVw6vCl8OAw5k%2BSyxEHsKfLBAbwpUTw7HCg083wo%2FCujMQbUzDvcKdWcO%2Bw7E7woHDrxsPK2Rhwp3DoDHDhRTCkkB1wqfDuQnCnsK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkBQjJsOLGsKWwqU4ZAXDkmovwqzDk8KGNEgNw4JUw7RiAsOMwo0ACl85wo5Nw60eHsKbImsEw5nDj3rCvltUw7vDlsO0ew7DjjkNFsKXPT9dWsKIw50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8KqRRx9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D
IP 54.230.111.126:0
File type ASCII text, with no line terminators
Hash 7f7c6c6b8fce02bdfbb0223f7a6803b9
3750a8583e511d54b572cbe766a5fe4e9e459da1
b5653209acdff8b4e2a3e061978e2bfe8c5571381b44b299536867d66e0bcceb
GET /di/ec.ashx?v=Mi4wLjY%3D&deviceInfo=w6nCpjXDrcKrJmdHNsKpYMO6wpBmJ2bDoETCqMKBA8KVw7fDmipzHlB7JHHDonkyHsKNwp05HMKQLcO2w4%2FCp8KOwqwSwrzDiw1ye8O9ZcK6wrjCgWBew7jChn3DmMKOw6DCosKcw6%2FCtsOvH18gwpLDrjxrw5R0BHTCusOzesOzdcK2bkJEw4DCgMOAw6HDicOaw6zDkMOfw6cQwr7Cs2liJMKFwpnCqsKyN1DCp8K5wp0ww6p9Ww0kOcK%2Fw4c2wps5wrfCpsOkw5nDkMKjwpXCoxUIwr7CoQwzD8K1FcOnwrVyBHwjwoXCpcKeCQvDp8K%2Fw6PDtihnwpHDmsKEwrDCosOKw7zCmMOBw5LCqsOzwqvDm8OfNsKGw6XDrcOSwoU2w4AeL3VKwoPDqSDCqMOHwp3DhUvDm8KYw6Rdb8ObwpgobUTCtU0CfcOmH8Olw6B0R0ttYMOOMhPCj8K7w5cDw7lkwrnDk8OTEQrCmMKyw5PDj8KzXGjCksKVV8Oxw77Ct8K1w6k3GsK3w7DCkitSwqZDwrnDtsK1e2g1w6%2FCiWfCpcOGUCdfDkgoEsK%2Fw6tkw6hob1vDqh9Uw54bw4rCh8K4KsOVR0jDonQYw4XCryw4Z8Olw4vCsjFxIX%2FCkQTClyDDosORH10PFMKnXCnDkcO4EBMVw4LDisK2w6FBZMOjTX9gw58Ew4ANPn44w77CphoSw5IEw6BNXF7DsMKWA3xMUgoOB2dSw6XCmFpeTBDClQlgw6ViVhAIw7h2w5U8P8Oww7%2FCmmFXw6oaV8KywpvDmSzDgMKkVsKTwqrCj8Ocw4Jnw7swP8OVw5LCrsOUakF7wpjCvcKEw5g4WMOcCUEGWWZaDcOaDMO4w4dYwr%2FCoXFTwrlTw4sSXcKVw5vDjsKBwpHCqMK%2Ff8KuVMKyAcKrw6kARUNyQl0aFmlQbCzDoBB%2BwpvCumcMw4nCrcKWDBxmcRMLwonDjcK5w5AIwoLCh8OHB0dWw7XDrMOJIVjDt8Oww4gqPcKaw6vCkMKhXFkewqcgXMOSLcOyw4bCuBY9w4HDpgYawpnDtx54wqXCncOcMsKKw4XCuxxSMlPCmijCiWZwOsOaw4gyw7vDlHrCjcKjbVczccOaw53DlibDisKyw7RLwp%2FCiQFgX8OdIicydhQfdyvCh0dNwpFDRsO2e2YFw67CkRB%2FE8OYwqbCh8Kxwo9pwpU7EShEwp0bwqElwrpLw5nCscKMwr4NRxbDizTDi1nDpD0bLMOwwqEIw5HCqsOqJkRaw7EVA21AwoIzwrURw7JOwr3DnyZzwqA7WnnDkMKBPsOXw7Ipw4pbNW4IEsO6wpgsw4vCs04Cw78iwptrwqHDoQfCucKmFcO4wq7DoMKVw6vCl8OAw5k%2BSyxEHsKfLBAbwpUTw7HCg083wo%2FCujMQbUzDvcKdWcO%2Bw7E7woHDrxsPK2Rhwp3DoDHDhRTCkkB1wqfDuQnCnsK5w7Z8KDUmBcKaEsOINsKvw6kwcsKeLk%2FDnMKqOTHCkBQjJsOLGsKWwqU4ZAXDkmovwqzDk8KGNEgNw4JUw7RiAsOMwo0ACl85wo5Nw60eHsKbImsEw5nDj3rCvltUw7vDlsO0ew7DjjkNFsKXPT9dWsKIw50mw6fDl8Kkw7LDvMOow7HCqsKfKxVJX1XCoMKVK1AywqDCm8OLwqNMO8OUwqEEwq5wWMO8wqrCij7ChjfDjnkcOXfCnAfDucOkYMKVfWfCjcKLwpJdclTDmcKtwp7Dv1nDg8KqRRx9wocdw7XCvcOQ&ip=wqHDn8Omwp%2FDhMOMwo3ChsK0w7bDgsKn&version=Mi4wLjY%3D HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 104
server: nginx
date: Tue, 06 Sep 2022 12:06:20 GMT
cache-control: private, max-age=2592000
last-modified: Fri, 07 May 2021 09:43:21 GMT
etag: 416751cdaa583992e297d061cb9719f22740f6aca692ec6dcb02e17b0130d21e
set-cookie: SameSite=None; Secure
(global.c3)=416751cdaa583992e297d061cb9719f22740f6aca692ec6dcb02e17b0130d21e; expires=Mon, 06-Sep-2032 12:06:20 GMT; path=/
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-mly-id: f6ce169c48327faab2a5ab7a6b752616
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XgIseb0HnOTiWbCjzNajvCHwbcpsuIpOxlV1SGOaN2YGYuaUYsPhKg==
X-Firefox-Spdy: h2
sc.detecas.com/di/activator.ashx
54.230.111.126200 OK 0 B URL HTTP/2 sc.detecas.com/di/activator.ashx
IP 54.230.111.126:0
GET /di/activator.ashx HTTP/1.1
Host: sc.detecas.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.v88agent.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
server: nginx
date: Tue, 06 Sep 2022 12:06:19 GMT
cache-control: private, max-age=600
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST,PUT,DELETE,OPTIONS
access-control-allow-credentials: true
via: mly, 1.1 9d4a908d41124cba1276d6cef8f00c60.cloudfront.net (CloudFront)
x-mly-id: 233bc12c23f9fcb8179be13d32db62f4
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zB-TewSEDb9fC0RKRLr-8PfxXKJsvAnNGShGEtiPBTegLaUvds8jpw==
X-Firefox-Spdy: h2