Report - charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77

Report Overview

Submitted URL
charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77
IP
3.124.99.72
ASN
#16509 AMAZON-02
Submitted
2023-01-27 06:44:16
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
charweredrepicks.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	486 B	800 B	3.124.99.72
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	50 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.9 kB	34.160.144.191
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	49 kB	151.101.65.229
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	368 B	1.9 kB	104.18.21.226
accounts.livechatinc.com	7698	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	492 B	1.6 kB	95.101.10.171
secure.livechatinc.com	6541	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	598 B	2.7 kB	95.101.10.171
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
uphollllsdlog.azurewebsites.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	54 kB	20.119.0.28
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.163.1.35
cdn.livechatinc.com	6288	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.1 kB	159 kB	95.101.10.171
api.livechatinc.com	5353	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.2 kB	6.7 kB	95.101.10.171
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	35.241.9.150

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-26	medium	charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold
2023-01-26	medium	uphollllsdlog.azurewebsites.net/	Uphold

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-27	medium	charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=11.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config	4.4 kB	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=11.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:21:39 Last Seen2023-03-13 10:54:26 Times Seen1 Hash 0f8a810e0c0c77fc1a31a4babc3c3513 5eecd28b2b9ac304c0102355560ffdffbb5cc1e9 a06b409bd9c269d3d337b565631095971cc93e2626972dfa935e7687d2aa3d04 Loading...

	api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization	11 kB	2023-03-08	2023-05-07
Pretty URL api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-05-07 22:45:30 Times Seen274 Hash 00708d557f5eeee5f3c15ccf12a0db38 6686346dfece2cd29baf4268b51df80a90d02424 f8edcfb3b4d6d8934fae03f8dc8ebb0eb6fe5f55cfb4002245b582e7dfdab450 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0	105 B	2023-03-07	2023-04-05
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-04-05 02:06:41 Times Seen330 Hash d30bfddcdb3764a782b7c8584021d1d6 64ed02149d0db57e6c1d68992361d7c1330a663a 5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0	2.5 kB	2023-03-13	2023-03-14
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:07 Times Seen1 Hash 0adfdee1bff3ae07357fcfca6cafc1fc 653c2a38a1047e3c6384942a315ab8b67e676e65 a8b49021237400981adbe4b95cf0f8a17c87ea0a1f88191ee0ccadc66b370ce6 Loading...

	unknown	0 B	2023-03-07	2024-05-11
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-05-11 04:43:57 Times Seen37534826 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js	19 kB	2023-03-07	2024-05-10
Pretty URL cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:23:52 Last Seen2024-05-10 20:20:08 Times Seen2426 Hash 541aecc95a7faeef0fc27558070f3647 0ec7ca4778ba3ccb4d1b1688094720834fbe9ed3 f395875eb5d58c5128c434812cd0a53d438b11536f7fd1577077d8a5c612e1fd Loading...

	uphollllsdlog.azurewebsites.net/	154 B	2023-03-07	2024-05-05
Pretty URL uphollllsdlog.azurewebsites.net/ IP 20.119.0.28 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2024-05-05 06:41:24 Times Seen163 Hash d0e637757a110c79abcca69eb6b11c47 c56a3950b959f0d612c09b974c2fc8726ea0f9bb 2e61946c1b30a901556e71def528a946276bc5e480cdf230c8d19c2a1e2b00ba Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/tracking.js IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:27:26 Times Seen1 Hash 29e075294399875f6fd4bdaa0f4a20e4 4b66dda1ae90f520557c9e3190686a4c4301282c b3fcf409ea4cc82df451395238d14a5c25a8bde7f6d6bf547125ed0b374e2dda Loading...

	cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js	764 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:06 Times Seen1 Hash 90cad0f1a20bbe0c7b70af650ab7491a e666a88b94923655225458041b850961df4e4ebe 5741acb692282784583db77424af958b107b6ba21a6e6e0b2c44b12d74b5c34c Loading...

	cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js	48 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash 10a3d7ac1ed37325d3341c379ee0de69 568234e1f256abe6987b7c9965b51bbc119c0160 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c Loading...

	cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js	59 kB	2023-03-07	2024-04-27
Pretty URL cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js IP 151.101.65.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:11:03 Last Seen2024-04-27 07:02:32 Times Seen25 Hash 6fb107c3f0d2309a7a29cb5c25cf6984 59c01b1dafbff713bc203f082da0963fdda204f4 7e9276746ee6d70a75d8362ddd8e20aa1ce8a008c8e39c66a9e05b758f636d01 Loading...

	uphollllsdlog.azurewebsites.net/	747 B	2023-03-13	2023-03-13
Pretty URL uphollllsdlog.azurewebsites.net/ IP 20.119.0.28 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:21:39 Last Seen2023-03-13 12:54:57 Times Seen1 Hash 8c229c422f4a5c2eeeaad812d126daaa 08c7dea2ddb6e4a74a0c0d598ec3870795beaff2 6d5bb82a132d729774b5717af7c55bc23b6227551f805ab1340b200ccf17f3f3 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fuphollllsdlog.azurewebsites.net%2F&channel_type=code&jsonp=__n5hbnnr6iro	227 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fuphollllsdlog.azurewebsites.net%2F&channel_type=code&jsonp=__n5hbnnr6iro IP 95.101.10.171 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 08:12:30 Last Seen2023-03-13 08:12:30 Times Seen1 Hash 02916b64042c2b46557bf65a21d3734d d37a933e82fb57fbf6719b4f64fd466e5697b25f f62fae23972d546ebbc5092080302cd57acee4a3e2ae28b95fe959ad0eeed76b Loading...

		Size	First Seen	Last Seen
	#1 Write - d806875927932bad97591d2fee0a29b2	13 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 08:12:30 Last Seen2023-03-13 08:12:30 Times Seen1 Hash d806875927932bad97591d2fee0a29b2 4bcba31d8e035ec4cbd2cb70aee16c0468898a9e ac77ad2531a9d061155a0a1b1b8db8170cfc494843ee2781cab003809e8540ea Loading...

	#2 Write - 619f0d1b8e000525caa6e60a3c81002b	13 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 08:12:30 Last Seen2023-03-13 08:12:30 Times Seen1 Hash 619f0d1b8e000525caa6e60a3c81002b 5edf9e0c8ac26fe54df8a51ee723189885b6a631 dbf72955aff3b20a201308c596cb06ba504cb3d32a14ac6bdb3c39f8b13d0762 Loading...

HTTP Transactions (43)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6236
Expires: Fri, 27 Jan 2023 08:28:01 GMT
Date: Fri, 27 Jan 2023 06:44:05 GMT
Connection: keep-alive

charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77

3.124.99.72

302 Found

0 B

URL HTTP/2
charweredrepicks.com/425572b8-ae77-44ed-a836-3d34d20bfb77
IP
3.124.99.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
openphish	Uphold
fortinet	Phishing

HTTP Headers

GET /425572b8-ae77-44ed-a836-3d34d20bfb77 HTTP/1.1
Host: charweredrepicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Fri, 27 Jan 2023 06:44:05 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://uphollllsdlog.azurewebsites.net/
pragma: no-cache
set-cookie: 425572b8-ae77-44ed-a836-3d34d20bfb77-v4=X5ol1vYCOptpzl8xGtpjZY_EnB74Mrz8VV6M5-DlCyU; Max-Age=86400; Expires=Sat, 28-Jan-2023 06:44:05 GMT; Domain=charweredrepicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=UsKV5F%2BpzF7ogCVnSMnahUZAnJBN5T1%2FubqcwUUvWvMgiShQMIyDVd3GzMuLPOkRgxmSdIO0x%2FR%2FIsDrxsBcLg1A3Ol04Lu%2F2Sql7ihOMHljTZpLcuo3FXtPJO9IGwpmvvjxZ18Ktoqzo6eFpgdsAw%3D%3D; Max-Age=31536000; Expires=Sat, 27-Jan-2024 06:44:05 GMT; Domain=charweredrepicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7955
Expires: Fri, 27 Jan 2023 08:56:40 GMT
Date: Fri, 27 Jan 2023 06:44:05 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 27 Jan 2023 06:42:58 GMT
content-type: application/json
age: 67
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2519
Expires: Fri, 27 Jan 2023 07:26:04 GMT
Date: Fri, 27 Jan 2023 06:44:05 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: B3GPmCWKiKJNZjwYbQIZXZ+P919ofxyxgthkL7oYIydcyRBNnqsP9/2K7XYRBy6g3XOfoYL4ovDjL+QEeIQHtQ==
x-amz-request-id: 6Z5N5M2384S9GAAN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 27 Jan 2023 05:49:18 GMT
age: 3287
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 27 Jan 2023 06:44:05 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

uphollllsdlog.azurewebsites.net/

20.119.0.28

200 OK

2.5 kB

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (672), with CRLF line terminators
Size
2.5 kB (2477 bytes)
Hash
d8da6f5081ad5850c3e633a67663b33d
190b723241cede167a982bdaa300ae79f8702c1e
4ebecfdf987cb96132f8d98aeda2d9b230af9eb92d9f14f5ca6c3f49bc1e77a4

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET / HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Content-Encoding: gzip
ETag: W/"63d22ce4-1876"
Last-Modified: Thu, 26 Jan 2023 07:33:56 GMT
Transfer-Encoding: chunked

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 27 Jan 2023 05:49:03 GMT
age: 3303
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js

151.101.65.229

200 OK

16 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/js/bootstrap.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (58940)
Size
16 kB (16337 bytes)
Hash
00bdc67c4e8305fd4824c5e9e1564f0c
980d2a74176760ed96e269ad751f262512762c15
ecdba6fb387da0cfcb488f3f483a9db3cb69d5237afcd6d7d2305c0d69b6cbd1

HTTP Headers

GET /npm/bootstrap@5.1.2/dist/js/bootstrap.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uphollllsdlog.azurewebsites.net
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 5.1.2
x-jsd-version-type: version
etag: W/"e753-WcAbHa+/9xO8ID8ILaCWP92iBPQ"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 27 Jan 2023 06:44:06 GMT
age: 1472503
x-served-by: cache-fra-eddf8230063-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 16337
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css

151.101.65.229

200 OK

24 kB

URL HTTP/2
cdn.jsdelivr.net/npm/bootstrap@5.1.2/dist/css/bootstrap.min.css
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (65306)
Size
24 kB (23945 bytes)
Hash
d8b6210ccf403251e24c86acf9ae90ac
73f84b94e38c41c642407a21bafd594885fbc8d6
ee4df9edf590e74dc4577238a2b0aaeaa2df1ff91d1d2f55edf5a31e87e5bfa3

HTTP Headers

GET /npm/bootstrap@5.1.2/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uphollllsdlog.azurewebsites.net
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 5.1.2
x-jsd-version-type: version
etag: W/"28033-Lut6yvcPnqX8AiDhXoU9TgvRAp8"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 27 Jan 2023 06:44:06 GMT
age: 3654924
x-served-by: cache-fra-eddf8230024-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 23945
X-Firefox-Spdy: h2

cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js

151.101.65.229

200 OK

6.7 kB

URL HTTP/2
cdn.jsdelivr.net/npm/@popperjs/core@2.10.2/dist/umd/popper.min.js
IP
151.101.65.229:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (18706)
Size
6.7 kB (6713 bytes)
Hash
af62a06145a499ced91af8684d652c30
dc727a6c7630d7414d1499a2c36b7c8fb0a9126c
c2a776c4bc325950b57ced81960260e02df5c2c23caa12c221ea230b72bfb8d9

HTTP Headers

GET /npm/@popperjs/core@2.10.2/dist/umd/popper.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://uphollllsdlog.azurewebsites.net
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.10.2
x-jsd-version-type: version
etag: W/"496b-DsfKR3i6PMtNGxaICUcgg0++ntM"
content-encoding: gzip
accept-ranges: bytes
date: Fri, 27 Jan 2023 06:44:06 GMT
age: 6242564
x-served-by: cache-fra-eddf8230067-FRA, cache-bma1658-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 6713
X-Firefox-Spdy: h2

ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4

104.18.21.226

200 OK

1.5 kB

URL HTTP/1.1
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q4
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.5 kB (1462 bytes)
Hash
31bc6fe3917df8acf1856c01cf837ff4
ea2595b49c3819a4b678cf1f4ddf7b063a23de0b
6eefcbae7d92e64ab96ee55ab8ceee9b99317899237d2b18965eb2803adee3fe

HTTP Headers

POST /ca/gsatlasr3dvtlsca2022q4 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 27 Jan 2023 06:44:06 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "74E175AC80F5A4B712D3BB2E74E7E83CB1DBA379"
Expires: Fri, 27 Jan 2023 18:00:00 GMT
Last-Modified: Fri, 27 Jan 2023 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 151
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 78ff84947ff4b523-OSL

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7128
Expires: Fri, 27 Jan 2023 08:42:54 GMT
Date: Fri, 27 Jan 2023 06:44:06 GMT
Connection: keep-alive

uphollllsdlog.azurewebsites.net/assets/css/style.css

20.119.0.28

404 Not Found

114 B

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/css/style.css
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
546071c6a6aeff34580b4d1a9b35a7c3
dc2de298837a86d3bc86e8a328411229d9eccdb6
2d1255033a3f5cde3fb430b15d84ad95c1d7d37b25132cd3dcca7c30963e9f12

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/css/style.css HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Content-Encoding: gzip
Transfer-Encoding: chunked

uphollllsdlog.azurewebsites.net/assets/scss/style.css

20.119.0.28

200 OK

6.1 kB

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/scss/style.css
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
6.1 kB (6144 bytes)
Hash
3c0ce43f5d586b600dc5e41d6d92e907
2649d648347b1aadc98f92aad945acf8be9f099d
05701f1dbf8f1854dd073020f1cbdaffaee06d577a5346590bc718a8fda1a3a3

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/scss/style.css HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 6144
Content-Type: text/css
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63d22cf1-1800"
Last-Modified: Thu, 26 Jan 2023 07:34:09 GMT

push.services.mozilla.com/

35.163.1.35

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.163.1.35:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: R8QNPdcRlvCHvjk9jEmGig==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lVjm/t0mC9jRyhI+OV1T1UcckgQ=

cdn.livechatinc.com/tracking.js

95.101.10.171

200 OK

26 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
data
Size
26 kB (25911 bytes)
Hash
349345e8baec106d74b4eb289b8d2b0b
5c4a724241c19e2de9063da2c3dc0c4a3366ea7a
a69d354aa4044e3786dc89e3a46f415276b8657f0caa8c8355b12558cfde8695

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: 5u3S8SQ2vBURIIW1wAHlf1ewj7O-VH6XVggEm945QBhoGAgQC4G-PQ==
content-length: 25911
cache-control: max-age=28800
expires: Fri, 27 Jan 2023 14:44:06 GMT
date: Fri, 27 Jan 2023 06:44:06 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

uphollllsdlog.azurewebsites.net/assets/images/favicon-32x32.png

20.119.0.28

200 OK

713 B

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/images/favicon-32x32.png
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
713 B (713 bytes)
Hash
bb34853707c687ba213b589581b4afa1
39b02086ad2e0c870ce641daf4f76f64aeeb5db8
cfd6fec7590a2081dd0b347a0f223a00529bc8b996fbc0dabdbe22ad1b459d50

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/images/favicon-32x32.png HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 713
Content-Type: image/png
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63d22cee-2c9"
Last-Modified: Thu, 26 Jan 2023 07:34:06 GMT

uphollllsdlog.azurewebsites.net/assets/images/roundabout%20(1).png

20.119.0.28

200 OK

1.6 kB

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/images/roundabout%20(1).png
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 24 x 24, 16-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1581 bytes)
Hash
721a5e18807e6723c750fbeeaee356ee
8d11f49c2f9b861e794db52cec7184a5a4f62442
4a35c5b46fffe0f4aab374373adbe9792a03bf47ae0c40454320b1171d307dca

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/images/roundabout%20(1).png HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1581
Content-Type: image/png
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63d22ced-62d"
Last-Modified: Thu, 26 Jan 2023 07:34:05 GMT

uphollllsdlog.azurewebsites.net/assets/images/sc.png

20.119.0.28

200 OK

41 kB

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/images/sc.png
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 555 x 386, 8-bit/color RGBA, non-interlaced\012- data
Size
41 kB (41169 bytes)
Hash
e6ae1443b9d60c035fb27c4b28cf5666
d7d30333612f12406c2f6d00ebe943a25799b36a
d91bd53f8d23edc72d7ac46430f272789f2eedb268dc1236bc8d47d65f7c8b8a

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/images/sc.png HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 41169
Content-Type: image/png
Date: Fri, 27 Jan 2023 06:44:06 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63d22ced-a0d1"
Last-Modified: Thu, 26 Jan 2023 07:34:05 GMT

uphollllsdlog.azurewebsites.net/assets/images/fabvicon.jpg

20.119.0.28

404 Not Found

114 B

URL HTTP/1.1
uphollllsdlog.azurewebsites.net/assets/images/fabvicon.jpg
IP
20.119.0.28:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
114 B (114 bytes)
Hash
546071c6a6aeff34580b4d1a9b35a7c3
dc2de298837a86d3bc86e8a328411229d9eccdb6
2d1255033a3f5cde3fb430b15d84ad95c1d7d37b25132cd3dcca7c30963e9f12

Detections

Analyzer	Verdict	Alert
openphish	Uphold

HTTP Headers

GET /assets/images/fabvicon.jpg HTTP/1.1
Host: uphollllsdlog.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Content-Type: text/html
Date: Fri, 27 Jan 2023 06:44:07 GMT
Server: nginx/1.22.1
Content-Encoding: gzip
Transfer-Encoding: chunked

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fuphollllsdlog.azurewebsites.net%2F&channel_type=code&jsonp=__n5hbnnr6iro

95.101.10.171

200 OK

227 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fuphollllsdlog.azurewebsites.net%2F&channel_type=code&jsonp=__n5hbnnr6iro
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
02916b64042c2b46557bf65a21d3734d
d37a933e82fb57fbf6719b4f64fd466e5697b25f
f62fae23972d546ebbc5092080302cd57acee4a3e2ae28b95fe959ad0eeed76b

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fuphollllsdlog.azurewebsites.net%2F&channel_type=code&jsonp=__n5hbnnr6iro HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors https://uphollllsdlog.azurewebsites.net/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://uphollllsdlog.azurewebsites.net/
content-length: 227
date: Fri, 27 Jan 2023 06:44:07 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=11.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config

95.101.10.171

200 OK

1.5 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=11.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4432), with no line terminators
Size
1.5 kB (1462 bytes)
Hash
2b00987a5013805f24e8f2588d575af0
1b544f21dc5ff532320a52684ebe7b4e4f38cd84
07dfaf681e498bbc5456c575b150757362177001659b77a013e87dedfb358550

HTTP Headers

GET /v3.3/customer/action/get_configuration?license_id=14971065&version=11.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1462
cache-control: public, max-age=579
expires: Fri, 27 Jan 2023 06:53:46 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization

95.101.10.171

200 OK

3.8 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (10873), with no line terminators
Size
3.8 kB (3785 bytes)
Hash
d1b3d63fb610e16ae90ebba26513f34d
4baa5a63b3692c86200b62692f3cb1091a380516
a691dcbd9c3569a1ee4196426f575560848c89a7a9d8662cd05acd445048cf10

HTTP Headers

GET /v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=580
expires: Fri, 27 Jan 2023 06:53:47 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
content-length: 3785
X-Firefox-Spdy: h2

secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0

95.101.10.171

200 OK

2.6 kB

URL HTTP/2
secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Size
2.6 kB (2557 bytes)
Hash
e73532c0c660a631b8b058705ce26d21
ac886227ce8d418692c8496201f8bc76709b1a63
0ee4d5761027247228422c7b57c6727e95d065c52b4f68501694f1a41754ac03

HTTP Headers

GET /customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Fri, 27 Jan 2023 06:44:07 GMT
content-length: 2557
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js

95.101.10.171

200 OK

15 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (47599), with no line terminators
Size
15 kB (14999 bytes)
Hash
aa354a30c2b34b7c6ca4afb13c39442c
4e033c71e891ad3d60d7437c6e674c601260c66d
f4ffa5e37b87bda31ba0d2c7b64fe9939011588c3233c527799262be7169cf95

HTTP Headers

GET /widget/static/js/0.d619df13.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 11 Jan 2023 08:35:01 GMT
x-amz-version-id: fr6Gz9d8KXQbrJuaQVT4sDUpSqjnuR9Q
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: DcjWrJ5J0UZqsGb4T2ZIU7t__E1ADvqdBmzVXTCZLmhoDUvGkFZlRA==
content-length: 14999
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:07 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js

95.101.10.171

200 OK

70 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65462)
Size
70 kB (69814 bytes)
Hash
88298c1f3a966d806ce3dd802d2cfdb5
e19a54d47ddc9bd3ed805f6e5471ae2de613404b
9373f82e3b877dd04122dacfd587cb7f62562b53744142a734210c8af0a61dbf

HTTP Headers

GET /widget/static/js/1.242d30c5.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 16 Jan 2023 07:45:14 GMT
x-amz-version-id: Px6texczRRdv2H_bvm87pAIOH7z7Z.qa
server: AmazonS3
content-encoding: gzip
etag: W/"6cc6a8d0a347434070e1ae1406714b63"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: BpmGXFPk1aGvtFzUfSPoO8bfNDP06kQHquXkuVVoPBldkY4nhooSMA==
content-length: 69814
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:07 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

95.101.10.171

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Size
13 kB (12852 bytes)
Hash
3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

HTTP Headers

GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:07 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

95.101.10.171

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Size
13 kB (12688 bytes)
Hash
d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

HTTP Headers

GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:07 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

accounts.livechatinc.com/customer/token

95.101.10.171

200 OK

138 B

URL HTTP/2
accounts.livechatinc.com/customer/token
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text
Size
138 B (138 bytes)
Hash
bd11620ee19723c857e4a1dde17acfbe
da475ce5e37094f606ae54d7f9322127d020f0f3
088f4a68f4bce798ec4956b639ac783784e45ad67d363fe5076a1e1ebd2447cd

HTTP Headers

POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Fri, 27 Jan 2023 06:44:08 GMT
set-cookie: __lc_cid=ed9250b3-1af6-4f64-5950-275206a1c488; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 27 Jan 2025 06:44:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=85819f589e045801e333cc133668bba5ef5e1f7a5b7dc7a13b7f70edce45ce523655a322b61d0857d98436804f1399bce5343a92c45ff933202e04499427; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 27 Jan 2025 06:44:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=ed9250b3-1af6-4f64-5950-275206a1c488; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 27 Jan 2025 06:44:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=85819f589e045801e333cc133668bba5ef5e1f7a5b7dc7a13b7f70edce45ce523655a322b61d0857d98436804f1399bce5343a92c45ff933202e04499427; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Mon, 27 Jan 2025 06:44:08 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1674801878&tag=cf82864fc9c2af89441c61b1c5ccb9d683ec300c; Path=/; Expires=Fri, 27 Jan 2023 06:44:38 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4703
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 06:44:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4703
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 06:44:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4703
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 06:44:08 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4703
Expires: Fri, 27 Jan 2023 08:02:31 GMT
Date: Fri, 27 Jan 2023 06:44:08 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11568 bytes)
Hash
b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 27766
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10973 bytes)
Hash
2dfd3530064d405643a31fedd4fd7618
d8268771360e609892c5506f3114dc4f73c0aad0
b4790125e39e400c30d640cd0c64497256168892405511ec3d43b03dc0e5715a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: caff330a-0cc6-488d-be82-c09c2bb87408
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQYTEduIAMFZkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa9b-1f26b225062c8465440cf460;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L-i1AEFIP6AoWwjds6n7ohyz-Ls1HoF9CXNJS7RRDFApBceBZXmoxA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:29:15 GMT
age: 65693
etag: "d8268771360e609892c5506f3114dc4f73c0aad0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.5 kB (9482 bytes)
Hash
a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CLTiEOu21gcngjMAN7EcwiAVeXsOYrTqwKr-puh4Cq9W51bI4WivVQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Fri, 27 Jan 2023 05:22:53 GMT
age: 4875
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js

95.101.10.171

200 OK

7.6 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
data
Size
7.6 kB (7573 bytes)
Hash
7364957de1b4c82a923bd947f0cce750
d8aa55b64a65757e043b4b1b63efd93c8261d275
f1f7059968d08adfa1c775c906ecb6e5b752210af0bcdcebfa77c2ba6f15bbf4

HTTP Headers

GET /widget/static/js/iframe.73879adc.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:14 GMT
x-amz-version-id: DWqeOBaonG9oWcxGU0ZIpqeLsqrYCT6x
server: AmazonS3
content-encoding: gzip
etag: W/"90cad0f1a20bbe0c7b70af650ab7491a"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: MgLZ1iZ8LpNw3GUGmXeMSFOx05M7e3xvuc4-Sud2VVDGYvBOPceAhQ==
content-length: 228662
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:07 GMT
date: Fri, 27 Jan 2023 06:44:07 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.3 kB (5263 bytes)
Hash
7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 33606
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7973 bytes)
Hash
02c8d9f27e0d17c38a55da6699dfb96e
6804d00e292afc0b7aadb08b11e7650488dacaa2
1ce3b93f1348649ddca495022525daf6d760823edd67bb9e506c7ee031a849b1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F53bbd20e-50aa-4ce8-8565-a97b3c8ee694.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7973
x-amzn-requestid: acaa2abf-9789-4953-b3ab-98064a9a0137
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fXrXvHvBIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2f297-2dc2c04e2a491b3f7f5e8370;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Dw4ycOqAZkaeJgMvGEOlqphQjDZVO5umrvlSh_Gnx9i_6saWVl8dLw==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:56 GMT
age: 32172
etag: "6804d00e292afc0b7aadb08b11e7650488dacaa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14971065

95.101.10.202

101 Switching Protocols

0 B

URL HTTP/1.1
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14971065
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3.3/customer/rtm/ws?license_id=14971065 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JL7LecXYBK236GvdN6PqXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
sec-websocket-accept: S+ZYM7G448mum2fGjuCOQGR6TIQ=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Fri, 27 Jan 2023 06:44:08 GMT
Upgrade: websocket
Connection: Upgrade

cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg

95.101.10.171

206 Partial Content

11 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/media/new_message.34190d36.ogg
IP
95.101.10.171:0
ASN
#20940 Akamai International B.V.

File type
Ogg data, Vorbis audio, stereo, 44100 Hz, ~112000 bps\012- data
Size
11 kB (11404 bytes)
Hash
a37211a6cfcda45352d5abcff1e446bb
5f46f941ea3247a17e35be65dcd38583c7ecbfb6
1d0bdbe8013ddd58bf31229ea12bd42dfe6bf4cb022cc65d519a45a13c403b5d

HTTP Headers

GET /widget/static/media/new_message.34190d36.ogg HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://uphollllsdlog.azurewebsites.net/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 206 Partial Content
content-type: audio/ogg
last-modified: Tue, 17 May 2022 09:36:25 GMT
etag: "a37211a6cfcda45352d5abcff1e446bb"
x-amz-version-id: eZRIQSZD0lW3pkAGsDAUVCG6CIe7mUMl
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: BVPgRAWectxY7HlSG2tRr1mRZ6uYKO1AuHRqd0Xsh9BWDn8bcf8QpA==
cache-control: max-age=31536000
expires: Sat, 27 Jan 2024 06:44:14 GMT
date: Fri, 27 Jan 2023 06:44:14 GMT
content-range: bytes 0-11403/11404
content-length: 11404
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL