r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e36c852b5e145f2f09fe73111fb162e1
e439c6a462f86a3003d6464a8b9999b1c4d1e210
52a721168d0c41cb0854ff8c730fce3b79db2e804b383238e95ff1401922bd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "52A721168D0C41CB0854FF8C730FCE3B79DB2E804B383238E95FF1401922BD74"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8782
Expires: Thu, 27 Oct 2022 05:31:04 GMT
Date: Thu, 27 Oct 2022 03:04:42 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6193
Cache-Control: max-age=115773
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:42 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:14:15 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6193
Cache-Control: max-age=115773
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:42 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:14:15 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3168
Expires: Thu, 27 Oct 2022 03:57:30 GMT
Date: Thu, 27 Oct 2022 03:04:42 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: ZYiVH1j4NvFmQFz9AlzMsVUQSh4fki9JPNBUrQ4z9el8m1AVWqc+HfbNc+ubWHe3dsTFbnEK73A=
x-amz-request-id: 1AX32ZA4K59BXPQ7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 02:39:26 GMT
age: 1516
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 03:04:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
elmersity.com/public/KZHEyWJchR65DSKxMP17aQHK9mfUlcWH
144.91.88.248302 Found 201 B URL HTTP/1.1 elmersity.com/public/KZHEyWJchR65DSKxMP17aQHK9mfUlcWH
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 5fa97679571a0d11c97cdbb6966a224e
b949ecf70b847d64cbc7e6b669bfa41be0847465
9201cf94219ff9281b0870271a008f8f566379a6c3892f3dc2e0f86d5eb426c2
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/KZHEyWJchR65DSKxMP17aQHK9mfUlcWH HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Connection: Keep-Alive
X-Powered-By: PHP/8.0.15
Cache-Control: no-cache, no-store, must-revalidate, max-age=0
Location: http://elmersity.com/public
Content-Type: text/html; charset=UTF-8
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImhFSS9wdmFzQWovMzYvZnIvWTM3dUE9PSIsInZhbHVlIjoiclRxTWdqc1FtL3lIeUZPdXM3dDdNcjREZUtpSWJib1B3WmZBS0JQOUtHcnplbGJXMSsrSlpBdFEzUUpmNHYzSmVVMGVFQVF6WENUUEtIcE81aWdrc3BDOTZFNVpFaS9HZmYyVEpuKzZYQW5RWjBzR3V3d25JMEFzemIxT1g5T1giLCJtYWMiOiJjM2Q0MmMzYWE1NTExNzhiMzNjMzk5NTExYmJlMGJkN2EyNmQzOWIzMTMzZjFjMjcyZGM2MzFhMjBlYjc2ODkyIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:42 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IldqQm9TeGZuc2xZWlJsWTlram10ZWc9PSIsInZhbHVlIjoidTJreFZsMWluaDhOZ2toWlJvWkFSSzZydS9WaWdSM0VPOURydmRxUE4zVzM1WGhMZU94dS9idll1a1Q1L0FZU0ZleVQrc1N1TWdTNzl3dWx1cHIzeWo1YXp5TUNIcW9Haml4bE5nMGtTekdNdHBWZ3p5WThTT0xvdFBsV25oRzciLCJtYWMiOiJlN2I4MDczYmY0MTg4ODZkMzg1ZDE4OTkyYTc5ZGZhM2M0ZDQ5ZGYyNGE5Njk5ZGE3NGRkN2NhYWI3MzExZmMwIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:42 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Content-Length: 201
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 27 Oct 2022 03:04:42 GMT
Server: LiteSpeed
elmersity.com/public
144.91.88.248301 Moved Permanently 706 B IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImhFSS9wdmFzQWovMzYvZnIvWTM3dUE9PSIsInZhbHVlIjoiclRxTWdqc1FtL3lIeUZPdXM3dDdNcjREZUtpSWJib1B3WmZBS0JQOUtHcnplbGJXMSsrSlpBdFEzUUpmNHYzSmVVMGVFQVF6WENUUEtIcE81aWdrc3BDOTZFNVpFaS9HZmYyVEpuKzZYQW5RWjBzR3V3d25JMEFzemIxT1g5T1giLCJtYWMiOiJjM2Q0MmMzYWE1NTExNzhiMzNjMzk5NTExYmJlMGJkN2EyNmQzOWIzMTMzZjFjMjcyZGM2MzFhMjBlYjc2ODkyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldqQm9TeGZuc2xZWlJsWTlram10ZWc9PSIsInZhbHVlIjoidTJreFZsMWluaDhOZ2toWlJvWkFSSzZydS9WaWdSM0VPOURydmRxUE4zVzM1WGhMZU94dS9idll1a1Q1L0FZU0ZleVQrc1N1TWdTNzl3dWx1cHIzeWo1YXp5TUNIcW9Haml4bE5nMGtTekdNdHBWZ3p5WThTT0xvdFBsV25oRzciLCJtYWMiOiJlN2I4MDczYmY0MTg4ODZkMzg1ZDE4OTkyYTc5ZGZhM2M0ZDQ5ZGYyNGE5Njk5ZGE3NGRkN2NhYWI3MzExZmMwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 27 Oct 2022 03:04:42 GMT
Server: LiteSpeed
Location: http://elmersity.com/public/
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4392
Cache-Control: max-age=108917
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:42 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:19:59 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: vPguIpPmr0BIdRch+AInBw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: bm6cDr2usiAZgu4kGCtHtgfQJ0Q=
elmersity.com/public/
144.91.88.248200 OK 352 B IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash c18677c42298eee11bfcfec1db8ed376
3158c0d0f1f13a2ad62f056f742cf3ed4cf6c153
99c9aa4dd2ff7ca9d0c5ef1029ace64871f675c2485997059c680f394f13b135
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/ HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImhFSS9wdmFzQWovMzYvZnIvWTM3dUE9PSIsInZhbHVlIjoiclRxTWdqc1FtL3lIeUZPdXM3dDdNcjREZUtpSWJib1B3WmZBS0JQOUtHcnplbGJXMSsrSlpBdFEzUUpmNHYzSmVVMGVFQVF6WENUUEtIcE81aWdrc3BDOTZFNVpFaS9HZmYyVEpuKzZYQW5RWjBzR3V3d25JMEFzemIxT1g5T1giLCJtYWMiOiJjM2Q0MmMzYWE1NTExNzhiMzNjMzk5NTExYmJlMGJkN2EyNmQzOWIzMTMzZjFjMjcyZGM2MzFhMjBlYjc2ODkyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IldqQm9TeGZuc2xZWlJsWTlram10ZWc9PSIsInZhbHVlIjoidTJreFZsMWluaDhOZ2toWlJvWkFSSzZydS9WaWdSM0VPOURydmRxUE4zVzM1WGhMZU94dS9idll1a1Q1L0FZU0ZleVQrc1N1TWdTNzl3dWx1cHIzeWo1YXp5TUNIcW9Haml4bE5nMGtTekdNdHBWZ3p5WThTT0xvdFBsV25oRzciLCJtYWMiOiJlN2I4MDczYmY0MTg4ODZkMzg1ZDE4OTkyYTc5ZGZhM2M0ZDQ5ZGYyNGE5Njk5ZGE3NGRkN2NhYWI3MzExZmMwIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/8.0.15
Content-Type: text/html; charset=UTF-8
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IkdyMml4Z01FaEw0a3ZhT1N2TldZL2c9PSIsInZhbHVlIjoiemtXRVlNdU50OS9YbE1DME5IZyt5UHovcTZsbHNPcXUwTUNMS0FWUFRkVmk1TmxMQmhuMmkrVWl2ZFUxNHpVTFYrMzVaeW9sYktmMitBWWtkMUhLcHRTY1FEUGc5ZnFuenpiQkZTM0pJWFNxTW1nQlljMlMweGJld0FZdDZ4Vm4iLCJtYWMiOiIxYTkwNzhmN2E1MjMzNGY0YmMxYTJlYjljOGJmNTU3NTQyMWQyMzk4MDY2ZmIxNGRjNjZjYTQ2NDQ5M2UwMWUyIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:44 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InRCdnc2aXVld005RDVwTSsyZHpXV1E9PSIsInZhbHVlIjoiU3Vqd1RWOUJScDlXZGU1ci9pL09lc211VkJvcThWcFNtTFYwZ0pYV2pxMmtUbjdGRzMxcHlaajNxQmc0RkYyaHBEOW5pM1N2M1VmVlFYdHhhVEQrS2R5RUxZM2hyTmprOTF5R0p6MDJiRXVzbXVWZ1NRdUdhNVV2Wks2MkxsbTQiLCJtYWMiOiIyNDZjNWMwNTMzNWIzNTY4ZTdjNGE3MGY0ZGU0OTI2OGU1OTYxNzljNWQ1MThkZDAyZGQxODBjY2NhYWQ0NzEyIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:44 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Content-Length: 352
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Thu, 27 Oct 2022 03:04:44 GMT
Server: LiteSpeed
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fba1d1cbe4c46db0bfe071c3049a88
7f41048df3809499a87e75f137fc43cceaf3186a
e1e365a6076f395e535751a9aa6f68da5579835e0cc24be12332da781015a6a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5270
Cache-Control: max-age=111941
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Etag: "6358f2fb-116"
Expires: Fri, 28 Oct 2022 10:10:25 GMT
Last-Modified: Wed, 26 Oct 2022 08:42:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fba1d1cbe4c46db0bfe071c3049a88
7f41048df3809499a87e75f137fc43cceaf3186a
e1e365a6076f395e535751a9aa6f68da5579835e0cc24be12332da781015a6a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5270
Cache-Control: max-age=111941
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:44 GMT
Etag: "6358f2fb-116"
Expires: Fri, 28 Oct 2022 10:10:25 GMT
Last-Modified: Wed, 26 Oct 2022 08:42:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
elmersity.com/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/
144.91.88.248301 Moved Permanently 706 B URL HTTP/1.1 elmersity.com/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/ HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://elmersity.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6IkdyMml4Z01FaEw0a3ZhT1N2TldZL2c9PSIsInZhbHVlIjoiemtXRVlNdU50OS9YbE1DME5IZyt5UHovcTZsbHNPcXUwTUNMS0FWUFRkVmk1TmxMQmhuMmkrVWl2ZFUxNHpVTFYrMzVaeW9sYktmMitBWWtkMUhLcHRTY1FEUGc5ZnFuenpiQkZTM0pJWFNxTW1nQlljMlMweGJld0FZdDZ4Vm4iLCJtYWMiOiIxYTkwNzhmN2E1MjMzNGY0YmMxYTJlYjljOGJmNTU3NTQyMWQyMzk4MDY2ZmIxNGRjNjZjYTQ2NDQ5M2UwMWUyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InRCdnc2aXVld005RDVwTSsyZHpXV1E9PSIsInZhbHVlIjoiU3Vqd1RWOUJScDlXZGU1ci9pL09lc211VkJvcThWcFNtTFYwZ0pYV2pxMmtUbjdGRzMxcHlaajNxQmc0RkYyaHBEOW5pM1N2M1VmVlFYdHhhVEQrS2R5RUxZM2hyTmprOTF5R0p6MDJiRXVzbXVWZ1NRdUdhNVV2Wks2MkxsbTQiLCJtYWMiOiIyNDZjNWMwNTMzNWIzNTY4ZTdjNGE3MGY0ZGU0OTI2OGU1OTYxNzljNWQ1MThkZDAyZGQxODBjY2NhYWQ0NzEyIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Connection: Keep-Alive
Content-Type: text/html
Content-Length: 706
Date: Thu, 27 Oct 2022 03:04:44 GMT
Server: LiteSpeed
Location: https://elmersity.com/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6267
Expires: Thu, 27 Oct 2022 04:49:11 GMT
Date: Thu, 27 Oct 2022 03:04:44 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05e2d92ca05c08e9598d4128d55b1cba
109364ef1db445ba6c5e8c1178ab56fcce80d346
078e257c6bb8d7d46022c4786b54584c8868eb138e293b37ef164221b519f7bb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44add2bd-5fb0-4610-825b-d696ec78ca49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6619
x-amzn-requestid: 245cd792-64fd-4490-b8f8-5b354fd9b0b5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ak4zTELFoAMFyzg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63583b48-33a9dfe97f63f43050b4ecdd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 19:38:48 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: bCL523JRD-JUSoK1Hdsk2hLdEp1NXxckJshwO96kQesEZAxdT7YKfg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 10:21:57 GMT
age: 60167
etag: "109364ef1db445ba6c5e8c1178ab56fcce80d346"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bd4d7051e9d8525d8ed7d5249b24068d
cbad9147991b1a1b27088f90fe7078d1056a9633
4701cc21f58c8ac8b8ad78a34973b3ade538255868afbf59be40e7f1365bcc20
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9247b163-9d83-4148-9c1f-890b5e2b0a45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7542
x-amzn-requestid: 95e8df21-80b6-400a-bcd5-41efdab9cc57
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwLH0lIAMFT2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a800-3300914f11c46b9902b30fe4;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:56 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Yfx_KpfPPFKISGbuSM0g1eg1VVnevA0t39NFemmMxeTSiiimsMlDkA==
via: 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:57:10 GMT
age: 18454
etag: "cbad9147991b1a1b27088f90fe7078d1056a9633"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d71555b55dd7d34a53b9e8252902da1
551ceee96287d4d5fa8c8f286baebd382c8aff67
ff2040a25f467fc41873bdb2c7ed9f28ab508e8096b54152607bd0b40580567f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2c688787-a081-40df-8d2a-850013df8828.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4670
x-amzn-requestid: bd7ccf26-ed98-4252-82df-a8f17108fc2d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocvtEoYoAMFrCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7fd-51c97f553b02f4750e78023a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:53 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: AANmFqkisteLJO0nLhaNgo6NTfYSkLPEGf5zewefdRtPZbEziAPz3Q==
via: 1.1 c21a0d27ceec21e266c9f962d0349438.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 22:08:06 GMT
etag: "551ceee96287d4d5fa8c8f286baebd382c8aff67"
content-type: image/jpeg
age: 17798
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8240214ef7bc82b09de023cde217beb9
0f432e521fc4392f528042c711139dc0becc5598
2d5f1a426441536086c8278651808dc6e3e819ec18b48048520a4dedbc8a08ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc5a9dae4-226e-42f6-b38d-d6f3f560ed69.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6806
x-amzn-requestid: bdf4f489-b474-4143-881f-521ad5dee74b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocwUGb9oAMFRGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a801-2a1e822f6b1dd3304c8f0527;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: oxLrpXYZuUBO5qEKrFYAkh3lx2ZE7Jph8tcq0b4dWIHxUODXP3FDDQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:52:49 GMT
etag: "0f432e521fc4392f528042c711139dc0becc5598"
content-type: image/jpeg
age: 18715
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c92c49279a7704d715e50836676d1abb
3092b4dbd87f7e5a2eff65c463da9c5103ff748a
6941145d63e68abf0f20081517faa4082eed3c59f8b8a69066f70b29d90fd355
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F529195e0-f6ac-4fd1-b685-62456b469ad7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4709
x-amzn-requestid: c2923a57-57c4-4d62-83bc-e4c8b61aa2bd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aocuiGeeIAMF9Dg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6359a7f6-7e47cfe804e333cc540f162a;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 21:34:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: M72Vjcyc06ihmWcqr2_Xrk8dGcC5pCoDidg5rhtRkVddavcUFE6G6w==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:50:52 GMT
age: 18832
etag: "3092b4dbd87f7e5a2eff65c463da9c5103ff748a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4ded5eb41644bfe7ea87cff5ab0d79f0
9b13eca2d768277b92c05a8a82743018489783a6
3de7fcc3e9c8a107e4c5d6e59506ec71e68129a8351e47af63930873775ac3f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F577b3c1d-3b6e-4105-8d19-8557bacffa02.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15768
x-amzn-requestid: ab678277-5d12-4ae2-9af7-f15fab294657
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aRoclEbBoAMFz9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63508783-344a14d17bfcd6b12ffe02b0;Sampled=0
x-amzn-remapped-date: Wed, 19 Oct 2022 23:25:55 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: AgS3Yq-WCRRnFvCxMcwq13lQz8cGvvdwZ51C3H0szmB0iyZLb9mf-A==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 21:51:09 GMT
age: 18815
etag: "9b13eca2d768277b92c05a8a82743018489783a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
elmersity.com/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/
144.91.88.248301 Moved Permanently 706 B URL HTTP/2 elmersity.com/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6/ HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://elmersity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 706
date: Thu, 27 Oct 2022 03:04:44 GMT
server: LiteSpeed
location: https://elmersity.com/public/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
X-Firefox-Spdy: h2
elmersity.com/public/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6
144.91.88.248302 Found 167 B URL HTTP/2 elmersity.com/public/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b515b8701228c28c45bdae384f66dd6f
d3fce68947f53786e4988a8be57788f310b58bfe
145905ba5a8c713222fac4edd495feee1dc1801459332e6dd89b2e54e7040bca
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/3XOWG8nR4mb0smQSJvfjdwzwNJQ5NDG6 HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://elmersity.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: https://elmersity.com/public
content-type: text/html; charset=UTF-8
set-cookie: XSRF-TOKEN=eyJpdiI6IkhHTkpRQ3FReW1pdnlGNGRTRzVyb0E9PSIsInZhbHVlIjoicFZOZkd6VVRKeldQMURMM1ZrK2dWTFB2RzZmOGVQeWp2aGZ6VDUwZ3BzeUdnbFFIWVVGZ3NEYklUMXQ2eko1TENUQytXTGVTNGxSR3ppQ0pKalNuVFdvT2swcHlXZEZNVGJYMkh6MEcza0UvK3pZbkY0OGFsVWFwZnVqSTViemoiLCJtYWMiOiJhZDljY2NmNmU0ODZkZDQyMTQ3MGQ4OWNiZDAwYWIwZGRhMTAwZTY2ZmI2N2RmYzc2ZDM5ZDE2MDVjYzFlYmFjIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:44 GMT; Max-Age=7200; path=/; samesite=lax; secure
laravel_session=eyJpdiI6IkR2azVlSWFTZVh4cWFCaG8wd0VYN2c9PSIsInZhbHVlIjoiUXhPZ1JvMTZJWWNUZUpGbTZLeFlhN3JGRnVORlBPY1NhUVR3b3dUcmRyYjRHakhzNXkxcFQzYXlRRDhYaHArN2dBSzIzckVLODBIRzhST1Y0eU0rYUJ3VTduT01Oc2pOdXFyRGFZeVBjVlhxWGl0V083LzlZWWpGRXR3TitMdUoiLCJtYWMiOiIxNzdmYTVhZWYxM2EyYmUxOGNiZTZlZWZhYjhiZTFiOTY1M2I5OGViYTRjZmFjODEwZGY4N2Q3YmI1NGM4MWI5IiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:44 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-length: 167
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 03:04:44 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/public
144.91.88.248301 Moved Permanently 706 B IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://elmersity.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhHTkpRQ3FReW1pdnlGNGRTRzVyb0E9PSIsInZhbHVlIjoicFZOZkd6VVRKeldQMURMM1ZrK2dWTFB2RzZmOGVQeWp2aGZ6VDUwZ3BzeUdnbFFIWVVGZ3NEYklUMXQ2eko1TENUQytXTGVTNGxSR3ppQ0pKalNuVFdvT2swcHlXZEZNVGJYMkh6MEcza0UvK3pZbkY0OGFsVWFwZnVqSTViemoiLCJtYWMiOiJhZDljY2NmNmU0ODZkZDQyMTQ3MGQ4OWNiZDAwYWIwZGRhMTAwZTY2ZmI2N2RmYzc2ZDM5ZDE2MDVjYzFlYmFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkR2azVlSWFTZVh4cWFCaG8wd0VYN2c9PSIsInZhbHVlIjoiUXhPZ1JvMTZJWWNUZUpGbTZLeFlhN3JGRnVORlBPY1NhUVR3b3dUcmRyYjRHakhzNXkxcFQzYXlRRDhYaHArN2dBSzIzckVLODBIRzhST1Y0eU0rYUJ3VTduT01Oc2pOdXFyRGFZeVBjVlhxWGl0V083LzlZWWpGRXR3TitMdUoiLCJtYWMiOiIxNzdmYTVhZWYxM2EyYmUxOGNiZTZlZWZhYjhiZTFiOTY1M2I5OGViYTRjZmFjODEwZGY4N2Q3YmI1NGM4MWI5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 706
date: Thu, 27 Oct 2022 03:04:44 GMT
server: LiteSpeed
location: https://elmersity.com/public/
X-Firefox-Spdy: h2
elmersity.com/public/
144.91.88.248200 OK 302 B IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 44ea84ea4ed29ea396632fc417fa0e3c
3b83bf9fbcf9e4433a5ba903f4e54d6a094524ba
f6f51dce30ae7696916768d30da1c11fb5ad65c735095e8c971336a012abb533
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/ HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://elmersity.com/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkhHTkpRQ3FReW1pdnlGNGRTRzVyb0E9PSIsInZhbHVlIjoicFZOZkd6VVRKeldQMURMM1ZrK2dWTFB2RzZmOGVQeWp2aGZ6VDUwZ3BzeUdnbFFIWVVGZ3NEYklUMXQ2eko1TENUQytXTGVTNGxSR3ppQ0pKalNuVFdvT2swcHlXZEZNVGJYMkh6MEcza0UvK3pZbkY0OGFsVWFwZnVqSTViemoiLCJtYWMiOiJhZDljY2NmNmU0ODZkZDQyMTQ3MGQ4OWNiZDAwYWIwZGRhMTAwZTY2ZmI2N2RmYzc2ZDM5ZDE2MDVjYzFlYmFjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkR2azVlSWFTZVh4cWFCaG8wd0VYN2c9PSIsInZhbHVlIjoiUXhPZ1JvMTZJWWNUZUpGbTZLeFlhN3JGRnVORlBPY1NhUVR3b3dUcmRyYjRHakhzNXkxcFQzYXlRRDhYaHArN2dBSzIzckVLODBIRzhST1Y0eU0rYUJ3VTduT01Oc2pOdXFyRGFZeVBjVlhxWGl0V083LzlZWWpGRXR3TitMdUoiLCJtYWMiOiIxNzdmYTVhZWYxM2EyYmUxOGNiZTZlZWZhYjhiZTFiOTY1M2I5OGViYTRjZmFjODEwZGY4N2Q3YmI1NGM4MWI5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.0.15
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Im1tRi9oMlBURVZwem15cWtHZWF4cnc9PSIsInZhbHVlIjoiMHZxZGZPTENrV2kzRFZ5MFpTb0VRWVRiaXlwL2VqNnhudjVyMzYrc050ODFEUnpaa1RQSDRtYzQzWVJRSXZDcnBGczVuV1N5TEJ6NUw3MkJEYksyQURlSEtITEpSSHp5RlFubXRVcGhmdVoxR3JVU0V5b0dHV3ZvQVBCd3QxbUUiLCJtYWMiOiI4ZDVmMGEzNjJiZjBjY2FlNTMyNjE4YzIxMDQ1OGU1NjAyYTVlM2ZlMjk2ZDVhYTU3NDJlYTBjMTM3YmE2NWFmIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:46 GMT; Max-Age=7200; path=/; samesite=lax; secure
laravel_session=eyJpdiI6IlNuL0N6UmhQM0t3TjBydWpsQzBBeGc9PSIsInZhbHVlIjoiajlYN2ZQdjB2MHVJSWNrYTc0dEhKRU41cjZwb3ozS29SaDJacXBpaHdQVHEvSU1pSFhoRnEyek15aFdnV0lDZXpNU2tBcnBUVUVhYnMxRnM2TldXQUVqa204Sjk5blRWOGNLdW1USUtjSVhQL3NsU2hrZ25HUTE4UmgwbGd3SkUiLCJtYWMiOiI1MjQ3MzBjNzY0YTJlMzE0MWIzYjcwMGY2MTM2YTczNjliNjgzM2FjNzcwMjUyODU5ZTdlOTMwMmU1ZmRiNzk5IiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:46 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-length: 302
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 03:04:46 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash e0fba1d1cbe4c46db0bfe071c3049a88
7f41048df3809499a87e75f137fc43cceaf3186a
e1e365a6076f395e535751a9aa6f68da5579835e0cc24be12332da781015a6a3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5272
Cache-Control: max-age=111941
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:46 GMT
Etag: "6358f2fb-116"
Expires: Fri, 28 Oct 2022 10:10:27 GMT
Last-Modified: Wed, 26 Oct 2022 08:42:35 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
elmersity.com/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA/
144.91.88.248301 Moved Permanently 706 B URL HTTP/2 elmersity.com/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA/
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 67f3a5933c17b3ab044826d3927d0ba9
5957076d09bacaa6db8ddc832b4fd87ed8f05f8a
97e800f4836b7030dd58fe6296294b7ff5ef1b5eb0e88353f230ea1608d2bb64
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA/ HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6Im1tRi9oMlBURVZwem15cWtHZWF4cnc9PSIsInZhbHVlIjoiMHZxZGZPTENrV2kzRFZ5MFpTb0VRWVRiaXlwL2VqNnhudjVyMzYrc050ODFEUnpaa1RQSDRtYzQzWVJRSXZDcnBGczVuV1N5TEJ6NUw3MkJEYksyQURlSEtITEpSSHp5RlFubXRVcGhmdVoxR3JVU0V5b0dHV3ZvQVBCd3QxbUUiLCJtYWMiOiI4ZDVmMGEzNjJiZjBjY2FlNTMyNjE4YzIxMDQ1OGU1NjAyYTVlM2ZlMjk2ZDVhYTU3NDJlYTBjMTM3YmE2NWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNuL0N6UmhQM0t3TjBydWpsQzBBeGc9PSIsInZhbHVlIjoiajlYN2ZQdjB2MHVJSWNrYTc0dEhKRU41cjZwb3ozS29SaDJacXBpaHdQVHEvSU1pSFhoRnEyek15aFdnV0lDZXpNU2tBcnBUVUVhYnMxRnM2TldXQUVqa204Sjk5blRWOGNLdW1USUtjSVhQL3NsU2hrZ25HUTE4UmgwbGd3SkUiLCJtYWMiOiI1MjQ3MzBjNzY0YTJlMzE0MWIzYjcwMGY2MTM2YTczNjliNjgzM2FjNzcwMjUyODU5ZTdlOTMwMmU1ZmRiNzk5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 301 Moved Permanently
content-type: text/html
content-length: 706
date: Thu, 27 Oct 2022 03:04:46 GMT
server: LiteSpeed
location: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
X-Firefox-Spdy: h2
elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
144.91.88.248200 OK 15 kB URL HTTP/2 elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Hash 2664b59a21be593ac498735c0ba1afc7
d4e14809fc0298fad80283032f8e267a6d6ee1b2
8d2b0d87cd876410ecaefa498779bbd94d9567934146abcab6c33f4c7576fcdf
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elmersity.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6Im1tRi9oMlBURVZwem15cWtHZWF4cnc9PSIsInZhbHVlIjoiMHZxZGZPTENrV2kzRFZ5MFpTb0VRWVRiaXlwL2VqNnhudjVyMzYrc050ODFEUnpaa1RQSDRtYzQzWVJRSXZDcnBGczVuV1N5TEJ6NUw3MkJEYksyQURlSEtITEpSSHp5RlFubXRVcGhmdVoxR3JVU0V5b0dHV3ZvQVBCd3QxbUUiLCJtYWMiOiI4ZDVmMGEzNjJiZjBjY2FlNTMyNjE4YzIxMDQ1OGU1NjAyYTVlM2ZlMjk2ZDVhYTU3NDJlYTBjMTM3YmE2NWFmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IlNuL0N6UmhQM0t3TjBydWpsQzBBeGc9PSIsInZhbHVlIjoiajlYN2ZQdjB2MHVJSWNrYTc0dEhKRU41cjZwb3ozS29SaDJacXBpaHdQVHEvSU1pSFhoRnEyek15aFdnV0lDZXpNU2tBcnBUVUVhYnMxRnM2TldXQUVqa204Sjk5blRWOGNLdW1USUtjSVhQL3NsU2hrZ25HUTE4UmgwbGd3SkUiLCJtYWMiOiI1MjQ3MzBjNzY0YTJlMzE0MWIzYjcwMGY2MTM2YTczNjliNjgzM2FjNzcwMjUyODU5ZTdlOTMwMmU1ZmRiNzk5IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-powered-by: PHP/8.0.15
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:48 GMT; Max-Age=7200; path=/; samesite=lax; secure
laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D; expires=Thu, 27-Oct-2022 05:04:48 GMT; Max-Age=7200; path=/; httponly; samesite=lax; secure
content-length: 14622
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8706e5b56251f5c659fb02758e57f780
fac8fd27068bfcbe4342958795fb77820c176b3f
a1b1e438c4a539b1079d4c45b7e3cf9dfeb71d1e8fa4eabe67e93fddc887f473
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3298
Cache-Control: max-age=102794
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "6358d6f8-1d7"
Expires: Fri, 28 Oct 2022 07:38:02 GMT
Last-Modified: Wed, 26 Oct 2022 06:43:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4041
Cache-Control: max-age=149258
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 20:32:26 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
104.17.25.14200 OK 5.6 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (30837)
Hash 109d1ed85cd01f9cdab73a4cac5bf80d
d6c6498ad46de2d8e2008a8ff68e364ae7f16b32
8b3a74fe462f5b3c0635995fd721a60eb640e237680b0b532b96711f2823e8bc
GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:48 GMT
content-type: text/css; charset=utf-8
content-length: 5631
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7918"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 546
expires: Tue, 17 Oct 2023 03:04:48 GMT
accept-ranges: bytes
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 760834d63815b51d-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6b1e0de8176d23d192ffb1d0fecb4756
a6aa98a11af43e61382eefeece08c0783a57a64f
e6921fb2e7afb168609077c947ffccceb864d83e30f0ed7a0e913d7b71edb3ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3942
Cache-Control: max-age=125742
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "63592e18-116"
Expires: Fri, 28 Oct 2022 14:00:30 GMT
Last-Modified: Wed, 26 Oct 2022 12:54:48 GMT
Server: ECS (amb/6BBF)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 625ad6aa33dda47097bff081ac75bf05
5f5bc1b567c8322e09f8f4fac2a542d063f83421
d9f85e2da8a3f517763eada5449029a0285aea770bb16be15de5a70d154f9565
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4041
Cache-Control: max-age=149258
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "63598991-117"
Expires: Fri, 28 Oct 2022 20:32:26 GMT
Last-Modified: Wed, 26 Oct 2022 19:25:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
elmersity.com/public/css/app.css
144.91.88.248200 OK 52 kB URL HTTP/2 elmersity.com/public/css/app.css
IP 144.91.88.248:0
Hash b3f9617e760d1c198d9bec74d54092e7
86f2ab0e7809048f1605216ead067fb5fec4a0f1
0ac1755a5f22fa597aa1ae578730799981ca38619085d1294ad05d0ad6b23780
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /public/css/app.css HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:48 GMT
content-type: text/css
last-modified: Tue, 29 Mar 2022 21:11:08 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 51485
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/images/logo.png
144.91.88.248200 OK 2.0 kB URL HTTP/2 elmersity.com/images/logo.png
IP 144.91.88.248:0
File type PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Hash 5d14ab93691604e826e1319d53599eb9
78724360e9d25da584445b851e37bca05abe6b85
3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /images/logo.png HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:48 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 14:24:00 GMT
accept-ranges: bytes
content-length: 1998
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/images/all.png
144.91.88.248200 OK 12 kB URL HTTP/2 elmersity.com/images/all.png
IP 144.91.88.248:0
File type PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data
Hash 2cb0b7f615faf2deb9ec6f53d3149a3b
694a2c881c83e2ab86365bf1d16302ac5b9d500f
c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /images/all.png HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:48 GMT
content-type: image/png
last-modified: Sun, 17 Apr 2022 14:24:34 GMT
accept-ranges: bytes
content-length: 12499
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/public/js/session-recorder.js
144.91.88.248200 OK 11 kB URL HTTP/2 elmersity.com/public/js/session-recorder.js
IP 144.91.88.248:0
File type ASCII text, with very long lines (44992)
Hash 7f8cf62ef1ae71703aabe2a132b760de
4d675e9ee3ef21a00fa7744f4989398abd28ae8e
65ba4b9caaa6f6ca73ee3dbe5d00020e0ae1d370233c171f9a03857e4eb91d2d
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/js/session-recorder.js HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 20:35:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 10820
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/public/js/app.js
144.91.88.248200 OK 195 kB URL HTTP/2 elmersity.com/public/js/app.js
IP 144.91.88.248:0
Size 195 kB (195222 bytes)
Hash cda4ec86132252a82e520523cd3289dc
0ae1003d45fed906db7ced2f8d53957f059c6d19
10222ea48f478aa446fd0d6e366707369f943cb4a401cdbe72aac3a49897c4b3
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
quad9 Sinkholed
GET /public/js/app.js HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:48 GMT
content-type: application/javascript
last-modified: Tue, 29 Mar 2022 20:35:56 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 195222
date: Thu, 27 Oct 2022 03:04:48 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6b1e0de8176d23d192ffb1d0fecb4756
a6aa98a11af43e61382eefeece08c0783a57a64f
e6921fb2e7afb168609077c947ffccceb864d83e30f0ed7a0e913d7b71edb3ad
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=121800
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "63592e18-116"
Expires: Fri, 28 Oct 2022 12:54:48 GMT
Last-Modified: Wed, 26 Oct 2022 12:54:48 GMT
Server: nginx
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f3cc21f7ccb212a9fff2fbf60a4a928
b2f742341af9babb1ed4f6c98f2ef8ee6c7a3f22
778c89c953e5f1e6951e548fdf8ddbee512d7576c65362b955b6f6efbe59100e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3223
Cache-Control: max-age=125760
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "635930f9-116"
Expires: Fri, 28 Oct 2022 14:00:48 GMT
Last-Modified: Wed, 26 Oct 2022 13:07:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f3cc21f7ccb212a9fff2fbf60a4a928
b2f742341af9babb1ed4f6c98f2ef8ee6c7a3f22
778c89c953e5f1e6951e548fdf8ddbee512d7576c65362b955b6f6efbe59100e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4149
Cache-Control: max-age=126686
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "635930f9-116"
Expires: Fri, 28 Oct 2022 14:16:14 GMT
Last-Modified: Wed, 26 Oct 2022 13:07:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f3cc21f7ccb212a9fff2fbf60a4a928
b2f742341af9babb1ed4f6c98f2ef8ee6c7a3f22
778c89c953e5f1e6951e548fdf8ddbee512d7576c65362b955b6f6efbe59100e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3223
Cache-Control: max-age=125760
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "635930f9-116"
Expires: Fri, 28 Oct 2022 14:00:48 GMT
Last-Modified: Wed, 26 Oct 2022 13:07:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f3cc21f7ccb212a9fff2fbf60a4a928
b2f742341af9babb1ed4f6c98f2ef8ee6c7a3f22
778c89c953e5f1e6951e548fdf8ddbee512d7576c65362b955b6f6efbe59100e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4149
Cache-Control: max-age=126686
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "635930f9-116"
Expires: Fri, 28 Oct 2022 14:16:14 GMT
Last-Modified: Wed, 26 Oct 2022 13:07:05 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 6f3cc21f7ccb212a9fff2fbf60a4a928
b2f742341af9babb1ed4f6c98f2ef8ee6c7a3f22
778c89c953e5f1e6951e548fdf8ddbee512d7576c65362b955b6f6efbe59100e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3223
Cache-Control: max-age=125760
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 03:04:48 GMT
Etag: "635930f9-116"
Expires: Fri, 28 Oct 2022 14:00:48 GMT
Last-Modified: Wed, 26 Oct 2022 13:07:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=f7165dd215
172.64.202.28200 OK 100 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free.min.css?token=f7165dd215
IP 172.64.202.28:0
File type ASCII text, with very long lines (65321)
Size 100 kB (100287 bytes)
Hash dfe6746d968737dd195816fe3baf041f
2eae146210cdc4e005c876892d5dd59a7e7c5423
68ee41623011a5bd316259001338adef2cafa9cf4823c76649b9ea9baccae50a
GET /releases/v6.2.0/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elmersity.com/
Origin: https://elmersity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:48 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"0fb4e5b70c498af98f246511192b899d"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81a5a0f348d8c55baa9c088dd6b5ecbc.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: fU7-_XNmyJbAyTTFEuOtLCHhSqdrvj4bYc_hFeCKmFBVjzV4znD7BQ==
age: 197573
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PI9xMW331v3%2FL4jExpDXV2tS13VFZ0I6f2nIvNdp4a60DenUvQLzF4Dc%2BOCynuV6j%2FqwqBCI8146gSvb3cIf%2BJ%2F%2Fvqmo7I9HWOhO2XnteYy9o9Tj8lvfS%2FxuQVOS7O5fXXFTgLO3Pw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760834d84a2171c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
elmersity.com/images/foo.png
144.91.88.248404 Not Found 2.0 kB URL HTTP/2 elmersity.com/images/foo.png
IP 144.91.88.248:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 144c41aa994708df20ab86fbbd5105bf
095ac45377f4bf36aa2db505596f2e6e933d329a
08e088a0b217cf842287c6e0bf2acc54da9ff1c5e23c7bd0ac0db9106f79d47c
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /images/foo.png HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
content-length: 2032
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 03:04:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ocsp.usertrust.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash be252681ef56dff0ed7d68a78a7650fa
f894d08752a14858f072ea1b0d74f05200f54337
e4d0493296c30b3cf862f017178b4c640adf7a14b441d259f33afb1978799b7f
POST / HTTP/1.1
Host: ocsp.usertrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 27 Oct 2022 03:04:49 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 00:05:08 GMT
Expires: Wed, 02 Nov 2022 00:05:07 GMT
Etag: "f894d08752a14858f072ea1b0d74f05200f54337"
Cache-Control: max-age=508564,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 760834db6a070b4d-OSL
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
52.207.105.207101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 52.207.105.207:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://elmersity.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Fpo0Lnba0HHuw4lgs80H2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Thu, 27 Oct 2022 03:04:49 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: 91zGrWgzJXsEpihKEuMuA3dBUBk=
elmersity.com/images/favicon.gif
144.91.88.248200 OK 2.2 kB URL HTTP/2 elmersity.com/images/favicon.gif
IP 144.91.88.248:0
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert openphish DHL Airways, Inc.
quad9 Sinkholed
GET /images/favicon.gif HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/public/U5IMRlpJXYqhryTv1WwUy8ZlrgtjLVcA
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a226fe93-22be-4d20-91e2-55d5b720ee89%22%2C%22lastActivity%22:1666839888556}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1666839888556}; _lr_uf_-mnnzup=a0fd531b-0b4a-47e4-8ac2-75f7db119ed2
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Thu, 03 Nov 2022 03:04:49 GMT
content-type: image/gif
last-modified: Sun, 17 Apr 2022 14:25:28 GMT
accept-ranges: bytes
content-length: 2238
date: Thu, 27 Oct 2022 03:04:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215
172.64.202.28200 OK 1.3 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215
IP 172.64.202.28:0
File type ASCII text, with very long lines (608)
Hash c1655afb814081bc1ca7b21767d1999a
cc70cc7a591533474ae06b56786a9fd2447bd44d
5f62301c394c577e4eadd6539e5bfe88ee5d21f7e7a8833e10e4b41633271ee3
GET /releases/v6.2.0/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://elmersity.com/
Origin: https://elmersity.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:48 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:04:58 GMT
etag: W/"e2e288c32f411dc30c0c399302a30654"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 e2b64644cdf0d895a1660adff04dfa18.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: 86GXbBNpOLPybmKioWORNhubul8VY5b4raC5KEGvpGwkrP0WAbO4qg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=csZGUllXNRalYozwXCBJQaicTXQsWc9%2BJNjoY8n%2B%2F1eII4KV2D8T5P4xKKWVSKiQ44Zk0939MgxNRTFB7Oyo6qDNgJ7GURhC9GE4YD9D8Tf8bvcWXTFMMpe4FxfhtgG7dDCSjMETwA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760834d84a1a71c3-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
elmersity.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
144.91.88.248404 Not Found 73 kB URL HTTP/2 elmersity.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775
IP 144.91.88.248:0
Hash e462bb7736c8441a86ee63b70d9526e6
8e7b549bcc5de6d6beee0edc4d5ee2b03df1ccd1
1288988661812e0d7499cdb994da2789036ac374e8d27e69d4ca826697339df5
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://elmersity.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-a226fe93-22be-4d20-91e2-55d5b720ee89%22%2C%22lastActivity%22:1666839888556}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1666839888556}; _lr_uf_-mnnzup=a0fd531b-0b4a-47e4-8ac2-75f7db119ed2
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:50 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
144.91.88.248404 Not Found 15 kB URL HTTP/2 elmersity.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 144.91.88.248:0
Hash c30f3e00aaba6727724077604c9a1d49
cc104abce5b6167d154ef0aab65923da849893ec
a347209bc2ba2deb492dffc9235e681eb97050a30a550584fd771250e673bbdf
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://elmersity.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
elmersity.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
144.91.88.248404 Not Found 15 kB URL HTTP/2 elmersity.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 144.91.88.248:0
Hash c30f3e00aaba6727724077604c9a1d49
cc104abce5b6167d154ef0aab65923da849893ec
a347209bc2ba2deb492dffc9235e681eb97050a30a550584fd771250e673bbdf
Analyzer Verdict Alert openphish DHL Airways, Inc.
fortinet Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://elmersity.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.0/webfonts/free-fa-solid-900.woff2
172.64.202.28200 OK 150 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.0/webfonts/free-fa-solid-900.woff2
IP 172.64.202.28:0
File type Web Open Font Format (Version 2), TrueType, length 150456, version 770.256\012- data
Size 150 kB (150456 bytes)
Hash 822fa3f2f51f169c970f713b88158737
74b5ddde927a0f84883fed55a65ffbb6ada11761
ad28ece0bf48b1488c82aaf700201d7f6b56a62e11b5b6a0a12481780c8a3417
GET /releases/v6.2.0/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://elmersity.com
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:50 GMT
content-type: font/woff2
content-length: 150456
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Tue, 30 Aug 2022 16:15:00 GMT
etag: "822fa3f2f51f169c970f713b88158737"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 e2b64644cdf0d895a1660adff04dfa18.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR62-C2
x-amz-cf-id: jQo2STTY2e1jRdmL3w8tOQpWYyb4GiaQU8CRElIDnWuTYStnAZxA5g==
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m7yT%2FZcIlUG9aG3Cof0ba3mGn9j3pQD7r9eVlvYvVtu2hC1C1WLzCZNqGOrCKYK7fW%2F8hY%2BimZ8iYFoBDXsi4iXBoFPbQPSism%2FeVii4%2BZ8UXSCxdOzCOrvrjcALNy%2FeojPPmO%2FVmQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760834e5fdd971c3-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.lr-in.com/logger-1.min.js
104.21.50.143200 OK 0 B URL HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 104.21.50.143:0
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:48 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"fdd1267c6ec2a714828bc47e3c13eee81f7fd3255ac7f1f656d9ab606e3c9ae3"
last-modified: Wed, 26 Oct 2022 22:09:19 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-bma1620-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1666822346.295710,VS0,VE147
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 193
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OZ6JfaBr0HzPd7Gt92RI1qBnkQJE3v6y23%2B5eWZ7FTxl9WP5FlyYiPQPAosnzeUQSivZh8FDPNI%2F%2FfgnWR6tR0pzHRTrb%2F8TPv5ULGmueDCiqH0B9sMB4XN3Jq20Joo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760834d66ad8b511-OSL
content-encoding: br
X-Firefox-Spdy: h2
kit.fontawesome.com/f7165dd215.js
104.18.23.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.23.52:0
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://elmersity.com
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 03:04:48 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: FyEaFLbsbhE-7thuePRi
cf-cache-status: REVALIDATED
server: cloudflare
cf-ray: 760834d629f31c0e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
elmersity.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
144.91.88.248404 Not Found 0 B URL HTTP/2 elmersity.com/public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c
IP 144.91.88.248:0
Analyzer Verdict Alert quad9 Sinkholed
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1
Host: elmersity.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://elmersity.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6IkMyaVRXRFBuL3J2S2dBYXBqKy81Qmc9PSIsInZhbHVlIjoiV2dDNVVuQXJLN0k2M3hKWFMzWUN4NCtqZlZiNkkyQjVOMTBpelFDeEtneGFWVmVaNkVDLzNMVjRTbWRZT0oyeEYwaWhwUzdsSG5ENEMrcUFkQzVPeGpJT01Bd1RiOWJGS0xVRnNBVUJqZnY4c3UwRjcwVVEzaDNwWlExUEFMc2oiLCJtYWMiOiJmYTIxMDZiY2FjNzRmN2FjNjE4Y2E5Y2Q4Mzc3N2Y1ODZmYjg0YzBmOTgwNjJjZjU2YzQ2Y2Q1NTk0MTIwMjdjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkVSRjM5aVBheFdLSFlRYkJxblh5Smc9PSIsInZhbHVlIjoickJzc05wa21iN2JBK005VlZlQ2h3RDNMUEVrVUMvRHhYQWI2NSswQVMzaVl6YTJESHFwNHVWQW5CNysvUmI0SkhDY0VzM1hDeTluQWNMR0tUMGViWW02VmcvUWhreVdYdU5YYmZOQlU5NmQ4MCtVbTFQSUtDeGZQWHZmSmRrOVgiLCJtYWMiOiIxZWRlOThmYWM2NTMyMzgwOGQ3YTk1YTIzNDYyN2ZiZjQ3MGE0YTc1MjQ0YzQ3YzAzYjA3YWZkNmIxOThkYzljIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
x-powered-by: PHP/8.0.15
cache-control: no-cache, private
content-type: text/html; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:49 GMT
server: LiteSpeed
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2895475.js?sv=6
143.204.55.84200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 143.204.55.84:0
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 27 Oct 2022 03:04:19 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/b86476a55c2d147c08ad37cc14619ea0
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 277d0e3af1ffdcb1ee40b7dc9f040146.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: KtHHWq3FV5rSfAK4iuNguaikOd9B_H8m_mQwTuCdDYBqzNDKuHKH1w==
age: 31
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
104.21.11.160404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 104.21.11.160:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://elmersity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 27 Oct 2022 03:04:44 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: HIT
age: 105
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r06l9%2B2THTAi4pF8U8hEAGZxoIR5X1BdcB0IIE3HffZEve1BxdRShFV4Z%2FKNqbrF53ewyDx4RzLTmYJR1uo0YO1vw%2BF2%2Bsfuv%2F7QCh26okZ7p%2B%2FdvlJoqQ98pXhH7WBX4I2%2B9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760834bd5ade0afe-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
files.killbot.org/.cdn-cgi/killbot-security.js
104.21.11.160404 Not Found 0 B URL HTTP/2 files.killbot.org/.cdn-cgi/killbot-security.js
IP 104.21.11.160:0
GET /.cdn-cgi/killbot-security.js HTTP/1.1
Host: files.killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://elmersity.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 404 Not Found
date: Thu, 27 Oct 2022 03:04:46 GMT
content-type: text/html
content-security-policy: default-src 'self' http: https: data: blob: 'unsafe-inline' 'unsafe-eval'
cache-control: max-age=14400
cf-cache-status: HIT
age: 107
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Js8VaI7PMJnSxFCJA6bhvR2TmQLBomM3RPi8aHd7iZhzxBV0BV6EbAq54ZsjcSbToVuIB4nqeB6uzNmY2KwEzSrNgAdEa%2BKkcvChUuPqEEBFVO8jYAJFfuaIviMVswcEmUOkEg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760834cb6c5db500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2