kdmh.live/web
192.151.157.182301 Moved Permanently 229 B IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 663f8b30bc0646bfbd6d6771f7735c18
df085193effbbb1a58258aa0dbeb8c93ef98ebdf
fc65511624db260fe7efaa07fd2b02c40e826402d1e0b148dd8361a62a5819b7
Analyzer Verdict Alert fortinet Phishing
GET /web HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 04 Dec 2022 12:17:15 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 229
Connection: keep-alive
Location: http://kdmh.live/web/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6777
Expires: Sun, 04 Dec 2022 14:10:12 GMT
Date: Sun, 04 Dec 2022 12:17:15 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4509
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:15 GMT
Etag: "638b2570-1d7"
Last-Modified: Sun, 04 Dec 2022 11:02:06 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 11:18:24 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3531
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7868
Expires: Sun, 04 Dec 2022 14:28:23 GMT
Date: Sun, 04 Dec 2022 12:17:15 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: IL8dw5HYoFhYWI+zFJPiA+wXakAKedq64AdYa5xJLMLxdTFX9oiGgeiIwOT+8MjzN+qXZOdfu2w=
x-amz-request-id: N7BVJ80S0SY64FBM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 11:46:58 GMT
age: 1817
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 12:17:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
kdmh.live/web/
192.151.157.182200 OK 34 kB IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3471)
Hash 80397bfdc07dab68f64ea4d6d65899b0
5332dbf12cda79747d8c3beecaa54ec8bdd1e280
024c194e4b1506241476bf58b49fdfe09fa9d32d3beaec81d78b518ac288fb11
Analyzer Verdict Alert openphish Canada Post
fortinet Phishing
GET /web/ HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:15 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/gpt.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/gpt.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/gpt.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/beacon.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/beacon.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/beacon.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/f.txt
192.151.157.182200 OK 14 kB URL HTTP/1.1 kdmh.live/web/index_files/f.txt
IP 192.151.157.182:0
File type ASCII text, with very long lines (2427)
Hash 699ea7efc326fc66967cc59a0012561f
b2aea627140f7b36f51e8f296ec7419207a9e0f0
5a14d3a561d7899a425a1da93babde4d466913dc9abf3f3f1266c717b33fff9c
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/f.txt HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:06 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/fbevents.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/fbevents.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/fbevents.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/uwt.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/uwt.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/uwt.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/satelliteLib-f2fc6f00da802a0747b6ffed3c12e3931bfca496.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/Acc_Carding.js
192.151.157.182200 OK 386 B URL HTTP/1.1 kdmh.live/web/lib/js/Acc_Carding.js
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash 7cf64dbeb4819f94823025b50d34417a
be1dd6456ebcb23fecd6e679af3b79e7416ec495
b158b5a6fa226628225f1aa68029e79a860cd03d52105c6a7a986ab7e4a01387
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/Acc_Carding.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Apr 2021 12:20:26 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/jquery.mask.min.js
192.151.157.182200 OK 3.4 kB URL HTTP/1.1 kdmh.live/web/lib/js/jquery.mask.min.js
IP 192.151.157.182:0
File type ASCII text, with very long lines (537)
Hash be420b6c9c21d667a94aa3b0f830252a
c762216c78f649ca117de1a793322ea16fc44ab5
aa28470d3c8c8bc443e4000450b78fab2bdb6b82d3b6c40d6208bad262a76a4a
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/jquery.mask.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 23 May 2018 23:53:56 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 12:11:19 GMT
cache-control: public,max-age=3600
age: 357
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
kdmh.live/web/lib/js/phone.js
192.151.157.182200 OK 379 B URL HTTP/1.1 kdmh.live/web/lib/js/phone.js
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash 7ed506be461b32ad1bad2a7e9a885ecf
9beab3dc3683b04f6e4988495d1c5ec82e489cde
33a4d72eb96ab1ebac01fcced152a976657fef35eaebfd2d92a2bb6bc760400d
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/phone.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sat, 10 Apr 2021 12:20:04 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/zip.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/lib/js/zip.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/zip.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/jquery-latest.min.js
192.151.157.182200 OK 34 kB URL HTTP/1.1 kdmh.live/web/lib/js/jquery-latest.min.js
IP 192.151.157.182:0
File type ASCII text, with very long lines (32086)
Hash 2a41e9a149da33459c4ddce57cd10e7f
0dca54bc1aedcfda3d3c697ff2302e8b84471d4d
2b9dd330ec53e85a2e358ac80f823f677b29b8b53ad770821c4ff0299c376e63
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/jquery-latest.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Wed, 23 May 2018 23:53:20 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/txt-crypt.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/lib/js/txt-crypt.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/txt-crypt.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/normalize.css
192.151.157.182200 OK 2.6 kB URL HTTP/1.1 kdmh.live/web/index_files/normalize.css
IP 192.151.157.182:0
Hash bb44c120776f7a62c7fda1147c84fa0e
ff8e5b372dd3f03c7cc8addca2a548a5f0e9fcba
a4e7ff54933e9ac088565f0f60553be29e611def38f0a49aecc7c3a7269143ec
GET /web/index_files/normalize.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:08 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/dob.js
192.151.157.182200 OK 371 B URL HTTP/1.1 kdmh.live/web/lib/js/dob.js
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash dc88b38e5fa8289f61b66348fb67e87d
7899c2b74159a71cf967752dc2082ab67a352e59
88c9e26faf645316b630835fe567c5b76a86e68501adb2cccf9a23afa1d4d837
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/dob.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Sun, 14 Feb 2021 02:45:12 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/responsive.css
192.151.157.182200 OK 20 kB URL HTTP/1.1 kdmh.live/web/index_files/responsive.css
IP 192.151.157.182:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (449), with CRLF line terminators
Hash 6696731bef0af109ca5324cacf6b47a4
f494ee2c26c6b90785bc7118a7d6cdac37a12f69
26d6d3baa40a13d822fb1cc3ed835082775ba246b2e804b48896cc9b2981eac9
GET /web/index_files/responsive.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/foundation.min.css
192.151.157.182200 OK 20 kB URL HTTP/1.1 kdmh.live/web/index_files/foundation.min.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash fbc4e73825deae2103194f1e2b80bf3f
2355df36e7293723c57d307730ae3f43d899c64e
c016b727beeb6f5aff09794c791aa197b7f9e56fbb69318b2ad3ef2ecaab2f55
GET /web/index_files/foundation.min.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:08 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/slick_slider.css
192.151.157.182200 OK 2.3 kB URL HTTP/1.1 kdmh.live/web/index_files/slick_slider.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash ccfdb700e9df7d77d792bee14e884863
e4ad8efc8abd5c218561311d56d6a458bf7ba675
9ece91519762f0f7629446fa4e7e2dffb4b4f38c9f82475bed8774e5908be9cd
GET /web/index_files/slick_slider.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/vpo.css
192.151.157.182200 OK 9.3 kB URL HTTP/1.1 kdmh.live/web/index_files/vpo.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (303), with CRLF line terminators
Hash be9be90be28b73d187a3cadf4063c4ef
aef580582926bddef4b869646746cfb739acc60a
d93347644d0d890a911818bab04056d773ef1d8b2d8a70893390845acde61daa
GET /web/index_files/vpo.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cwc.css
192.151.157.182200 OK 22 kB URL HTTP/1.1 kdmh.live/web/index_files/cwc.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 53f7f7a8219b3fc5f5d9c598cb41a563
1cd8452f32b768786114082159fd8da4a2805014
094c0e535f0a259e4161963d9213eb129fa297a820b84d2f8b05fc03257ebc66
GET /web/index_files/cwc.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery-ui.min.css
192.151.157.182200 OK 7.9 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery-ui.min.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (29137)
Hash eada957b43c10ab4ef6d3286d4eb92c7
9d5dbb30ce498b621d25449f70dca55362e2180d
ca77eadcd5c08733bc0b0c611497b3315764e274b0b866f6d5a28205e760c167
GET /web/index_files/jquery-ui.min.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic
142.250.74.74200 OK 1.1 kB URL HTTP/1.1 fonts.googleapis.com/css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic
IP 142.250.74.74:0
Hash 17cce38776875efe998ecea591cd7906
7cfadcda2073ada8bc5889ed948193ebbb8ef1c3
a6b4a0dfc642602da0ef34ac6ad86e09b655cecd6fc7eda814754621d683b993
GET /css?family=Roboto:400,100,100italic,300,300italic,400italic,500,500italic,700,700italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 04 Dec 2022 12:17:16 GMT
Date: Sun, 04 Dec 2022 12:17:16 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
kdmh.live/web/index_files/extendstyles.css
192.151.157.182200 OK 18 kB URL HTTP/1.1 kdmh.live/web/index_files/extendstyles.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (612), with CRLF line terminators
Hash 9f8c6838060da6aa6f179eb1260c51b3
95f6ac717f3b0045a875d8603aa928a34daf5b91
eb8b950d545696e4d88142a568abb9f3f69126fecb792921052d575df4fc54c2
GET /web/index_files/extendstyles.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4504
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:16 GMT
Last-Modified: Sun, 04 Dec 2022 11:02:12 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
kdmh.live/web/index_files/aaron.css
192.151.157.182200 OK 7.8 kB URL HTTP/1.1 kdmh.live/web/index_files/aaron.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (561), with CRLF line terminators
Hash fa7ae4dd9f98c3a5aea4b2d88232c2b9
3d0b5cdfca1c4829b6f37aa6767858e805ce69db
09a8c5f1e207b65ff7b6b3cd3c382524db4741d817cbed71001bdd432d6e9f6c
GET /web/index_files/aaron.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/donald.css
192.151.157.182200 OK 784 B URL HTTP/1.1 kdmh.live/web/index_files/donald.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash fd8d9487fb63a4939deef8000243e17b
300d85acbf22b0e4d521f35e7b639799347400fe
fff41c307aeca5ced2f743dbdd9cc04b48d10ef2245da6c9007aa172d5474374
GET /web/index_files/donald.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/kirk.css
192.151.157.182200 OK 2.8 kB URL HTTP/1.1 kdmh.live/web/index_files/kirk.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash 20cb9643a73e02691aa733336ea08b6d
e7b7c6dc26b42b7eb937e25a57194114108cb9d4
fe6daaf68f28f5fb4f35dac29a3809fb89e767046c36ee23bab7ea3ced67412c
GET /web/index_files/kirk.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/tony.css
192.151.157.182200 OK 7.1 kB URL HTTP/1.1 kdmh.live/web/index_files/tony.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (546), with CRLF line terminators
Hash 9b2357d716616d3ce321baa4fbba1c83
eb59f90448a50c95dbb3d9f8af6a547149fefd32
2d5ba3a27dee9cb99c9ce20038a3c4f0a73b121c7871bf30e9c208c12828921f
GET /web/index_files/tony.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kdmh.live/web/index_files/michael.css
192.151.157.182200 OK 7.5 kB URL HTTP/1.1 kdmh.live/web/index_files/michael.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (404), with CRLF line terminators
Hash fc192979d076dcaefc63d021a2b90a34
127ef258db1871f8e246905477ccc5c7566cabf3
79189d58782972dc929a15e9cf05b0dece4df94d44bfe74975133c2d02cca39f
GET /web/index_files/michael.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 122124f83967c12700f5a6f5546b0f1f
d7acd2db61ad811c388a44b7bd407fa5f4aea8ee
b6b9e0b6c241b4eeb5161b1c297dec2aa6188032017074ee7f8e5533fab87a4d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kdmh.live/web/index_files/jquery.autocomplete.css
192.151.157.182200 OK 442 B URL HTTP/1.1 kdmh.live/web/index_files/jquery.autocomplete.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash ccc7b222999c58c4de3613b659ce35e2
2f0b468deb584675b529dd610ab0981d8679da18
6b7aaa230eae81697aff34caa6f8930473f7a0f5d7773670d738ed7a9f5329f8
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/index_files/jquery.autocomplete.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/storeEcommerce.css
192.151.157.182200 OK 2.2 kB URL HTTP/1.1 kdmh.live/web/index_files/storeEcommerce.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash d348bf7cbaea241e048a984ce6616c41
c7b5869534bc70aa8518aa20637f0cf8444c080a
7b134a682cc4b3a913225feeffc9e966aedbdf778a2825b19610271c906dfe72
GET /web/index_files/storeEcommerce.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/2012_eCommerce.css
192.151.157.182200 OK 9.1 kB URL HTTP/1.1 kdmh.live/web/index_files/2012_eCommerce.css
IP 192.151.157.182:0
File type ASCII text, with CRLF line terminators
Hash 35f3f2b658168436c7e4124957338830
16d0a07dc8f5668577f36463f95e7a658e3e37c6
d5197162c9bb72a94fab3afb565e93445b720230129722645e8201d59934c615
GET /web/index_files/2012_eCommerce.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/modernizr.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/modernizr.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/modernizr.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:16 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
push.services.mozilla.com/
44.238.3.246101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.3.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: B68XYMhKnYgJICyA8MDg9g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0zHtx1NgN4RCpVXimsju4a7hAm0=
kdmh.live/web/index_files/cwc.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/cwc.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cwc.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery-ui.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery-ui.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery-ui.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery-cookie.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery-cookie.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery-cookie.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/search_autocomplete.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/search_autocomplete.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/search_autocomplete.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/function.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/function.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/function.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/f(2).txt
192.151.157.182200 OK 1.2 kB URL HTTP/1.1 kdmh.live/web/index_files/f(2).txt
IP 192.151.157.182:0
File type ASCII text, with very long lines (2858), with no line terminators
Hash 99ebd46f8aa935b50e7dc76a7abaa186
23085b76709963128c9b639d5fbba391c25535b6
ed4b4bc7ea8892971451c45e42be3978369b5ace11fd7d8ab594dc3dd42f2ad4
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/f(2).txt HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:12 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/selector.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/selector.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/selector.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jCarousel.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jCarousel.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jCarousel.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/google-dfp.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/google-dfp.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/google-dfp.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/app.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/app.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/app.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/chat-common.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/chat-common.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/chat-common.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery.smartbanner.css
192.151.157.182200 OK 1.5 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery.smartbanner.css
IP 192.151.157.182:0
File type ASCII text, with very long lines (496)
Hash 87121b8d224a734d98514f90fdc13538
8e5e5f8ab7b4c5074decaf9bd90bcb58286e84c8
cd525ee3fb6e379fc376a10253d04e34ed5ab065100aa5e691441f0593e81e07
GET /web/index_files/jquery.smartbanner.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:12 GMT
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery.smartbanner.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery.smartbanner.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery.smartbanner.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/pubads_impl_2021040101.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/pubads_impl_2021040101.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/pubads_impl_2021040101.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cpo.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/cpo.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cpo.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/insight.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/insight.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/insight.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jsf.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jsf.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jsf.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/foundation.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/foundation.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/foundation.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/RightNow.Client.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/RightNow.Client.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/RightNow.Client.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/foundation.equalizer.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/foundation.equalizer.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/foundation.equalizer.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/CoreModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/CoreModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/CoreModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/UserDefinedHTMLModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/UserDefinedHTMLModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/UserDefinedHTMLModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/EX69ea3e2d8d9a41d99a46ba219e259885-libraryCode_source.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/ScreenCaptureModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/ScreenCaptureModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/ScreenCaptureModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/lib/js/zip.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/lib/js/zip.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/zip.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/search.svg
192.151.157.182200 OK 218 B URL HTTP/1.1 kdmh.live/web/index_files/search.svg
IP 192.151.157.182:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash fb6dd2c30b85c7fc024bee4011a1eb5a
1bab1d1ccbaa99a29a105a4f6c182e73f88822b6
9529f8d89767d01d28a89249859cfa96063ec2048a2410a64009379a7dbee4ce
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/search.svg HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cpc-logo.svg
192.151.157.182200 OK 598 B URL HTTP/1.1 kdmh.live/web/index_files/cpc-logo.svg
IP 192.151.157.182:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 57b16e2e1cac8e487cb924f2f61d4b7b
08c3547f5480c8e0e8c0f3492184d258f7ba7fd3
c43b1b2baa163df01dbabaabedc843a7fde676b1f74eedacb10caa30053b1e19
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/cpc-logo.svg HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cpc-main-logo.svg
192.151.157.182200 OK 4.0 kB URL HTTP/1.1 kdmh.live/web/index_files/cpc-main-logo.svg
IP 192.151.157.182:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (730)
Hash b0c4d26b838add68cd2eb856446dc241
8029c5ec43100bc67b086d0dd3ee470a8b027482
17e48609b70a51e7919b9e58d59512b3e77011417e6c3f70783d280c8ab53542
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cpc-main-logo.svg HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/img/MasterCard.png
192.151.157.182200 OK 2.1 kB URL HTTP/1.1 kdmh.live/web/img/MasterCard.png
IP 192.151.157.182:0
File type PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash b2702b4b6944f05e00e7a9065c9d071b
a40d684e4e7e4cb085c37bd942874a3d60f719b5
8c4f22dc313ee84b9c84d4295b3593584159ab23c8a1f095b366aff8ca05f196
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/img/MasterCard.png HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/png
Content-Length: 2077
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 04:41:40 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/img/VISA.png
192.151.157.182200 OK 2.6 kB URL HTTP/1.1 kdmh.live/web/img/VISA.png
IP 192.151.157.182:0
File type PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 725caa991a29101f5da78da2fc1e1e63
cf4f10dfd71289c43273496120b79ef01a437d19
ef844111dee838dc5c8d388a96108379b2c97ced776fc95b2fa32b28f7ef6bde
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/img/VISA.png HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/png
Content-Length: 2600
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 04:41:34 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/lib/js/txt-crypt.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/lib/js/txt-crypt.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/lib/js/txt-crypt.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/img/AmEx.png
192.151.157.182200 OK 1.3 kB URL HTTP/1.1 kdmh.live/web/img/AmEx.png
IP 192.151.157.182:0
File type PNG image data, 76 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 801b445314b9ff68a391c117d99619ed
7fa0bdd998a1edae990a6797cc023a304f05088d
be9293395bb536020f4052e431a51639c3c9256ddb3e16f2820f0ad90d43fb9e
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/img/AmEx.png HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/png
Content-Length: 1261
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 04:41:46 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/img/CVV_icon.png
192.151.157.182200 OK 4.6 kB URL HTTP/1.1 kdmh.live/web/img/CVV_icon.png
IP 192.151.157.182:0
File type PNG image data, 125 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 6c1a7798f28815cbb8c4c8918e36080a
c475698985de9dbd65b56f389dce8eac58b4b000
107c0d3bba74e80c13517241c8c0dc093459f0c56a7f998eb53feaa0aa811200
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/img/CVV_icon.png HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/png
Content-Length: 4637
Connection: keep-alive
Last-Modified: Sat, 10 Apr 2021 04:49:54 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/gov-canada-logo.svg
192.151.157.182200 OK 5.4 kB URL HTTP/1.1 kdmh.live/web/index_files/gov-canada-logo.svg
IP 192.151.157.182:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2441)
Hash 01962c4f21efb2281020afae6cd29bf8
a1feea5e443f3e1546c69eac25f3ee42c7d4e5fd
2aee3e51d10a29bf075616dcd2ce4f0f1ecfa6e58879f9f5015d7896a9687fb6
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/gov-canada-logo.svg HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/svg+xml
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/remove_screen_capture.png
192.151.157.182200 OK 857 B URL HTTP/1.1 kdmh.live/web/index_files/remove_screen_capture.png
IP 192.151.157.182:0
File type PNG image data, 128 x 128, 8-bit gray+alpha, non-interlaced\012- data
Hash e4387ea5cc65d51d08a60765f46cbbcb
f8314def36b28e99c28cda0f4369e4786bf18ca4
37f7e4cae3c3a409193078169c5731a142552e04ca3bbb19c85e87432ce58afb
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/index_files/remove_screen_capture.png HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/png
Content-Length: 857
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/building_preview.gif
192.151.157.182200 OK 12 kB URL HTTP/1.1 kdmh.live/web/index_files/building_preview.gif
IP 192.151.157.182:0
File type GIF image data, version 89a, 113 x 108\012- data
Hash 3c3ba37130de5fe15faf97c18908283e
c15b49cb09745a9939315132e18f2e40fa2ccf22
9096646da2177d5db92f79352509450582a376913bb5387557c1efd28d0c377b
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /web/index_files/building_preview.gif HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: image/gif
Content-Length: 12336
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
Expires: Thu, 02 Feb 2023 12:17:17 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/modernizr.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/modernizr.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/modernizr.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:17 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/css
192.151.157.182200 OK 15 kB URL HTTP/1.1 kdmh.live/web/index_files/css
IP 192.151.157.182:0
Hash 10fb9aef4d121f570b7c588fdb834df6
866db05e29ab5c29a202d09af8eb390f3c82399f
e7d31ecce08514c9377b6a541714993655035bfe61a1df7535c93c24aeefedb8
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Length: 24218
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/saved_resource
192.151.157.182200 OK 18 kB URL HTTP/1.1 kdmh.live/web/index_files/saved_resource
IP 192.151.157.182:0
Hash ac57cf7b810c08a259e9f0e220783e09
a5bbd3ba9ed8f320eeca35cc1a60a17a6addf0d8
e836a59bf94e2f631f855fef04b6909e8680fb479ed9e7b0d62c49f775b085af
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/saved_resource HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Length: 61477
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2865
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:17:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2865
Expires: Sun, 04 Dec 2022 13:05:03 GMT
Date: Sun, 04 Dec 2022 12:17:18 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2382
Expires: Sun, 04 Dec 2022 12:57:00 GMT
Date: Sun, 04 Dec 2022 12:17:18 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43309032a892c486f9985ef520df696e
36f4682ca6a33ff80ee02129c77e6f27e996ede0
24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vNP2rQwmWTntetjJyjonO8N_YOBqvQuZUm42BWX7c1GoX7jASOIpCg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:49:42 GMT
age: 52056
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db1701b7b9d161a0c935bb6e10b17893
22a8c4bd58c729c1abcf794466e8f3231dfb034b
b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JuY0xcLDiERwrVhq33d4PP64liDqFfk9bc9xX1H62o0tOwrt1ek7Pg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:42:39 GMT
age: 52479
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 05:55:20 GMT
age: 22918
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 52397
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 52037
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 52212
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
kdmh.live/web/index_files/jquery-ui.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery-ui.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery-ui.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/selector.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/selector.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/selector.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery-cookie.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery-cookie.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery-cookie.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/function.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/function.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/function.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/search_autocomplete.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/search_autocomplete.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/search_autocomplete.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/f(1).txt
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/f(1).txt
IP 192.151.157.182:0
File type ASCII text, with very long lines (2584), with no line terminators
Hash 42efed92920ae65e31de8f8f25278fc8
845ae800ac734fbd54bde41999361132b88c22ad
8b16295dbfb3676fbfbe8cb9eace8df47ba8e6c4985be20e47a21837c9765a2b
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/f(1).txt HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:12 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: HIT
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/f(2).txt
192.151.157.182200 OK 1.2 kB URL HTTP/1.1 kdmh.live/web/index_files/f(2).txt
IP 192.151.157.182:0
File type ASCII text, with very long lines (2858), with no line terminators
Hash 99ebd46f8aa935b50e7dc76a7abaa186
23085b76709963128c9b639d5fbba391c25535b6
ed4b4bc7ea8892971451c45e42be3978369b5ace11fd7d8ab594dc3dd42f2ad4
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/f(2).txt HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:12 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jCarousel.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jCarousel.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jCarousel.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/google-dfp.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/google-dfp.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/google-dfp.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/app.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/app.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/app.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cpo.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/cpo.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cpo.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/cpo.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/cpo.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cpo.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/chat-common.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/chat-common.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/chat-common.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/jquery.smartbanner.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/jquery.smartbanner.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jquery.smartbanner.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:19 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:19 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/pubads_impl_2021040101.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/pubads_impl_2021040101.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/pubads_impl_2021040101.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/RCf1b64ddc47d04c2ba552708d0de25b3b-source.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/14.8f875927fce05bedfe11.chunk.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/14.8f875927fce05bedfe11.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kdmh.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:33:54 GMT
expires: Thu, 30 Nov 2023 19:33:54 GMT
cache-control: public, max-age=31536000
age: 319406
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15740, version 1.0\012- data
Hash b9c29351c46f3e8c8631c4002457f48a
e57e59c5780995ff2937ab2b511a769212974a87
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
GET /s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kdmh.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15740
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 319385
last-modified: Wed, 11 May 2022 19:24:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
192.151.157.182200 OK 2.1 kB URL HTTP/1.1 kdmh.live/web/index_files/1.5159a7a0ba1fcaed8917.chunk.js
IP 192.151.157.182:0
Hash 7908b4f6acde8d59dc8f47d624897cba
1a4235a832e76d95b2a2f69e2dd9965b14a4b109
9d287eb4e89203973c2ee7280ac8a394672d979c8951aeb6f798137c41748ba5
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/1.5159a7a0ba1fcaed8917.chunk.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash da9700d928847bca71f73dc9ca89bd1c
2f156a1557a7504da776ed9a82dc52563662be6f
428ed39905a42b1fc7aaf84f2144caf58ddcb53ac2fbda9af61784ca7394a344
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
kdmh.live/shop/mc/assets/images/app/ecomm/structure/chevron-right.svg
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/shop/mc/assets/images/app/ecomm/structure/chevron-right.svg
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /shop/mc/assets/images/app/ecomm/structure/chevron-right.svg HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/2012_eCommerce.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 02 Feb 2023 12:17:20 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/cpotools/mc/assets/images/structure/blue_question_icon.gif
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/cpotools/mc/assets/images/structure/blue_question_icon.gif
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
GET /cpotools/mc/assets/images/structure/blue_question_icon.gif HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/extendstyles.css
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Thu, 02 Feb 2023 12:17:20 GMT
Cache-Control: max-age=5184000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.227200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.227:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://kdmh.live
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 30 Nov 2022 19:34:15 GMT
expires: Thu, 30 Nov 2023 19:34:15 GMT
cache-control: public, max-age=31536000
age: 319385
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
104.88.13.190301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
IP 104.88.13.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpc/assets/cpc/img/icons/global-alert/cancel.svg HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
Date: Sun, 04 Dec 2022 12:17:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg
104.88.13.190301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpc/assets/cpc/img/icons/search.svg
IP 104.88.13.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
Date: Sun, 04 Dec 2022 12:17:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
kdmh.live/web/index_files/cwc.js
192.151.157.182200 OK 1.0 kB URL HTTP/1.1 kdmh.live/web/index_files/cwc.js
IP 192.151.157.182:0
Hash 34e62985ae873d645093d306f2d5f319
d620606c55099f41c041ce317e93e13b9c0e0eb1
0122549cfb3d2e0dc75a1915f1102f9ffe175124edeaa82c7fdc0e84859bf13b
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/cwc.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:18 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:18 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
www.canadapost.ca/cpc/assets/cpc/img/icons/arrow-down.svg
104.88.13.190301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpc/assets/cpc/img/icons/arrow-down.svg
IP 104.88.13.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpc/assets/cpc/img/icons/arrow-down.svg HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/arrow-down.svg
Date: Sun, 04 Dec 2022 12:17:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
104.88.13.190301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
IP 104.88.13.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpc/assets/cpc/img/icons/global-alert/alert.svg HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
Date: Sun, 04 Dec 2022 12:17:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
104.88.13.190301 Moved Permanently 0 B URL HTTP/1.1 www.canadapost.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 104.88.13.190:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Server: AkamaiGHost
Content-Length: 0
Location: https://www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
Date: Sun, 04 Dec 2022 12:17:20 GMT
Connection: keep-alive
strict-transport-security: max-age=31536000; includeSubdomains; preload
kdmh.live/web/index_files/foundation.equalizer.js
192.151.157.182200 OK 2.1 kB URL HTTP/1.1 kdmh.live/web/index_files/foundation.equalizer.js
IP 192.151.157.182:0
Hash 7908b4f6acde8d59dc8f47d624897cba
1a4235a832e76d95b2a2f69e2dd9965b14a4b109
9d287eb4e89203973c2ee7280ac8a394672d979c8951aeb6f798137c41748ba5
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/foundation.equalizer.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
192.151.157.182200 OK 26 kB URL HTTP/1.1 kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (30486)
Hash be666aec53c9ca262e40e22c0d680df5
1082178933b40692e6396d89ac08fbbea47587fc
fbf88f5ea57b90b8a81228c90c0fca5c0434647cf1c78f10d265aa5dadf1922f
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/SV_71iOFlig0vNugpn.html HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:18 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/pixel.html
192.151.157.182200 OK 402 B URL HTTP/1.1 kdmh.live/web/index_files/pixel.html
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b24673e97151fad3d63fb661e638672d
196af9254d428e20df095cddb244ef1f759f9f70
5cafabe87db09818cca305d44f29d7c1e4ecd816f339d064ab6f5ed07b0c113c
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/pixel.html HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:18 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/pixel(1).html
192.151.157.182200 OK 402 B URL HTTP/1.1 kdmh.live/web/index_files/pixel(1).html
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b24673e97151fad3d63fb661e638672d
196af9254d428e20df095cddb244ef1f759f9f70
5cafabe87db09818cca305d44f29d7c1e4ecd816f339d064ab6f5ed07b0c113c
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/pixel(1).html HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:18 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/db.21026c4133e1c59eaf45.js.download
192.151.157.182200 OK 707 B URL HTTP/1.1 kdmh.live/web/index_files/db.21026c4133e1c59eaf45.js.download
IP 192.151.157.182:0
File type HTML document, ASCII text, with very long lines (2653), with no line terminators
Hash a995c23343daaec7ad2fe463f69afe9e
a4be07f4cef2050c9cbc2533690e061768b5734b
16f0233b190f12de81074cd1a5633f4ae19cce17e489b9e5372a32376c45c3d7
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/db.21026c4133e1c59eaf45.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/mc.3b7764525d9f2c925e16.js.download
192.151.157.182200 OK 5.9 kB URL HTTP/1.1 kdmh.live/web/index_files/mc.3b7764525d9f2c925e16.js.download
IP 192.151.157.182:0
File type ASCII text, with very long lines (39237), with no line terminators
Hash 872fdd85f80d58deeef4584798deee3e
1b2c260fa862a987c3473ee5ba5c2a70f4ea7fe5
caf12b761b1f67079d549a17d1c9227226295a1b572be59d075d9d1262d9201b
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/mc.3b7764525d9f2c925e16.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/meta.ff17afb25384dfc7e22f.js.download
192.151.157.182200 OK 946 B URL HTTP/1.1 kdmh.live/web/index_files/meta.ff17afb25384dfc7e22f.js.download
IP 192.151.157.182:0
File type HTML document, ASCII text, with very long lines (2437), with no line terminators
Hash 6b4d3e6e359df5d1f3afc5eab9b64045
b7c104cb3516b41f566d68942f19180427f9b11d
9db3841bc70828c71ab41dc0f00cf342b0b160438eba2b94546ff4c0e3f2f3b0
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /web/index_files/meta.ff17afb25384dfc7e22f.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/foundation.min.js
192.151.157.182200 OK 2.7 kB URL HTTP/1.1 kdmh.live/web/index_files/foundation.min.js
IP 192.151.157.182:0
Hash 33298e179ca3ad942399703a12c3756b
74597912658dac1f8ae13fb000f2b31dfa501dfe
72f20457342b14bbc719d2b3343515c0db77cf4055b8137fa223e8f0a766319c
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/foundation.min.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:20 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:20 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/prototype.213678de24c47bc84650.js.download
192.151.157.182200 OK 29 kB URL HTTP/1.1 kdmh.live/web/index_files/prototype.213678de24c47bc84650.js.download
IP 192.151.157.182:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 438a6b686e9d5ae280582474f179e8d8
7093ccb3d7c6d8ca9c76d05259cea0b6e0cdf92b
375d93feec68315f90b13021238dc83135342214b0b29f274f2e16c95453c48b
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/prototype.213678de24c47bc84650.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
104.88.13.190200 OK 218 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/search.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (320), with no line terminators
Hash d3a621feba2c9afadc8e74c4f71021e1
5364a043f80e5dcbc81b81e86d406eedfc1b69a4
9616a4bbe31bf59f3ec6fd4a9f237bfb89d3424a45238b625b7f1620377d5401
GET /cpc/assets/cpc/img/icons/search.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a621-140"
Last-Modified: Mon, 05 Feb 2018 18:44:49 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 08:27:21 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 218
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
104.88.13.190200 OK 377 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/cancel.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash 3e69d3df64d1d2900137d925afc81ef4
27113030bc0a70e40c1ec28523c53118feb97454
2aaceded66a94f94d5bb275b056d4310327b9eb50004d6e985417cf7d792d251
GET /cpc/assets/cpc/img/icons/global-alert/cancel.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a6b5666-331"
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 13:51:51 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 377
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/icon-lock.svg
104.88.13.190200 OK 432 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/icon-lock.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (907), with no line terminators
Hash 2ad110b6a820845cf1b4b1d8e0585d48
6871d97125e77d9e676518742276710ec39279d9
e170143cc77d854d7bd7110f42251e13ae38c16b6f99a101b546c56d0b0ca23e
GET /cpc/assets/cpc/img/icons/icon-lock.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a622-38b"
Last-Modified: Mon, 05 Feb 2018 18:44:50 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 25 Jul 2022 13:51:51 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 432
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
104.88.13.190200 OK 455 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/global-alert/alert.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text
Hash ff8ab0bd64b81f01e5245fdcc5f86256
cb16cfd030e7f5758ff0320d3c467cc53b858d50
f36fd8c683ecf6ae26d06c171f584b955e5603ac12435b1fe0560a6e0a90d6dd
GET /cpc/assets/cpc/img/icons/global-alert/alert.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a6b5666-3ef"
Last-Modified: Fri, 26 Jan 2018 16:25:10 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 08:11:50 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 455
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
104.88.13.190200 OK 382 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (724), with no line terminators
Hash b86b3f712d7d1224f22ce80ab788d8bc
1015427d965943c5acfda2a2b96174c96a30e715
827930f77d0aee840f92563e8da302b30e9f0b196f923edd0f6305faf4ae7df0
GET /cpc/assets/cpc/img/icons/toolbar-cg/feedback.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a638-2d4"
Last-Modified: Mon, 05 Feb 2018 18:45:12 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Mon, 03 Oct 2022 07:01:32 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 382
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
kdmh.live/web/index_files/stylesheet.css
192.151.157.182200 OK 26 kB URL HTTP/1.1 kdmh.live/web/index_files/stylesheet.css
IP 192.151.157.182:0
File type Unicode text, UTF-8 text, with very long lines (559)
Hash 46cb7ec01d085abc4d74377b523e9109
bf9aa882070349281dada883d0a33ffe8643620b
4e1b1f6edda23fd5e1e53fc51ef363343c4368a22272c32093fe7fddd8ae8cc2
GET /web/index_files/stylesheet.css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
Expires: Tue, 03 Jan 2023 12:17:21 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/arrow-down.svg
104.88.13.190200 OK 167 B URL HTTP/1.1 www.canadapost-postescanada.ca/cpc/assets/cpc/img/icons/arrow-down.svg
IP 104.88.13.190:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 4ed5c36b7d9f92ed672bb1d5114b1b72
82b2a08c925663c452eb17d71d1c81dced90d334
2f598f2c792e57f0ad56a71362d58aef0b155d8eeaa139d3fd3e7c6cfdfb845e
GET /cpc/assets/cpc/img/icons/arrow-down.svg HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://kdmh.live/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: image/svg+xml
ETag: "5a78a622-b9"
Last-Modified: Mon, 05 Feb 2018 18:44:50 GMT
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
Cache-Control: max-age=86400, private
Expires: Tue, 20 Sep 2022 16:18:20 GMT
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Content-Encoding: gzip
Content-Length: 167
Date: Sun, 04 Dec 2022 12:17:21 GMT
Connection: keep-alive
Vary: Accept-Encoding
kdmh.live/web/index_files/jfe.c5d51c1772674a71d60c.js.download
192.151.157.182200 OK 67 kB URL HTTP/1.1 kdmh.live/web/index_files/jfe.c5d51c1772674a71d60c.js.download
IP 192.151.157.182:0
File type Unicode text, UTF-8 text, with very long lines (65535), with no line terminators
Hash d37a61b5ead7edce39d8e6f15044811c
d51d8abaf4194ae3f39d4a91c7ceb9ad864eb5b3
546769dcd1317de2b98be35ceadc180e4d002c810356aadcc1337a2ec84228b4
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jfe.c5d51c1772674a71d60c.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/vendor.866d3d2023e5a297a1b9.js.download
192.151.157.182200 OK 84 kB URL HTTP/1.1 kdmh.live/web/index_files/vendor.866d3d2023e5a297a1b9.js.download
IP 192.151.157.182:0
Hash a2c2e93f43f39f47d73c331d7a9fe900
10c3eaa0b7d805af535a839fb6a4918554329bfa
cfbdcbd495e2dee7fff174d21cf7ce6f0c393a21122a4511452dd1772926bb34
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/vendor.866d3d2023e5a297a1b9.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/jfe/static/dist/c/jsApi.8da1775e8131fb08b25b.js
192.151.157.182404 Not Found 0 B URL HTTP/1.1 kdmh.live/jfe/static/dist/c/jsApi.8da1775e8131fb08b25b.js
IP 192.151.157.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
GET /jfe/static/dist/c/jsApi.8da1775e8131fb08b25b.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 12:17:21 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
kdmh.live/web/index_files/jsApi.8da1775e8131fb08b25b.js.download
192.151.157.182200 OK 3.8 kB URL HTTP/1.1 kdmh.live/web/index_files/jsApi.8da1775e8131fb08b25b.js.download
IP 192.151.157.182:0
File type ASCII text, with very long lines (14066), with no line terminators
Hash a24e027d7b693def8c4c7638b9b9df44
c1ef0e18962cd3495d43404160c9a0154c1fc8c5
e0747ee4533d5a1dd71311404100867a9b1e0fe4c5e920832936c9903997a9d4
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/jsApi.8da1775e8131fb08b25b.js.download HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:16 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/CoreModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/CoreModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/CoreModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/ScreenCaptureModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/ScreenCaptureModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/ScreenCaptureModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/UserDefinedHTMLModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/UserDefinedHTMLModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/UserDefinedHTMLModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/ScreenCaptureModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/ScreenCaptureModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/ScreenCaptureModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/CoreModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/CoreModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/CoreModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/UserDefinedHTMLModule.js
192.151.157.182200 OK 1.1 kB URL HTTP/1.1 kdmh.live/web/index_files/UserDefinedHTMLModule.js
IP 192.151.157.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash efd172d4a25cddd6df3a7c037df11673
3c39faae2ef9f9aef3f0f5463273a1edc69b79bd
59d7836faeb6ceb6f1fc98f3209a8bd5eaf8aacc9f0ca961397f8f7adc8539fb
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/UserDefinedHTMLModule.js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Expires: Tue, 03 Jan 2023 12:17:22 GMT
Cache-Control: max-age=2592000
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: STALE
X-Server-Powered-By: Engintron
Content-Encoding: gzip
b.scorecardresearch.com/beacon.js
143.204.55.8200 OK 1.9 kB URL HTTP/1.1 b.scorecardresearch.com/beacon.js
IP 143.204.55.8:0
File type ASCII text, with very long lines (3936)
Hash 95ead88a8555078b6f6bb9f697a8a4ec
1fbbfb3a67372b6b034d295a717e6601344e7216
4e0f7c7a56fc7a7bfc3d73b3ea4b4981c676efaaa126b6576e2b4f21eba78a88
GET /beacon.js HTTP/1.1
Host: b.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/
HTTP/1.1 200 OK
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 28 Jun 2022 13:19:23 GMT
x-amz-server-side-encryption: AES256
Server: AmazonS3
Content-Encoding: gzip
Date: Sun, 04 Dec 2022 01:57:21 GMT
Cache-Control: max-age=86400
ETag: W/"eaf85c1c6758e84acfe134efd70e9373"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 71c98156ae29b36a903974f9dd2568f8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UUD-HkSCb8EzaDCCyEAcV-mK95I66R2QbnrgZH8NMuq0jKr_yMJQIw==
Age: 37202
static.ads-twitter.com/uwt.js
151.101.244.157200 OK 15 kB URL HTTP/1.1 static.ads-twitter.com/uwt.js
IP 151.101.244.157:0
File type ASCII text, with very long lines (57596), with no line terminators
Hash 573e6a7f86f6f3063763360ef0672c01
b12eab3b4ac8872d49ac6e15f9cd17741765c0cf
02445eb022a04139531f0ce8d8980c31083a1c670936f1477f5cfc4d252133f7
GET /uwt.js HTTP/1.1
Host: static.ads-twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 15375
Last-Modified: Thu, 27 Oct 2022 18:55:37 GMT
Cache-Control: no-cache
Content-Type: application/javascript; charset=utf-8
Content-Encoding: gzip
Etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
Accept-Ranges: bytes
Date: Sun, 04 Dec 2022 12:17:22 GMT
X-Served-By: cache-iad-kjyo7100147-IAD, cache-hel1410027-HEL
X-Cache: HIT, HIT
Vary: Accept-Encoding,Host
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5642
Cache-Control: max-age=115930
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:22 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:29:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670156240127&ns_c=UTF-8&c7=http%3A%2F%2Fkdmh.live%2Fweb%2F&c8=Canada%20Post&c9=
143.204.55.96204 No Content 0 B URL HTTP/2 sb.scorecardresearch.com/b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670156240127&ns_c=UTF-8&c7=http%3A%2F%2Fkdmh.live%2Fweb%2F&c8=Canada%20Post&c9=
IP 143.204.55.96:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /b?c1=2&c2=6035946&cs_it=b3&cv=3.8.0.210223&ns__t=1670156240127&ns_c=UTF-8&c7=http%3A%2F%2Fkdmh.live%2Fweb%2F&c8=Canada%20Post&c9= HTTP/1.1
Host: sb.scorecardresearch.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 04 Dec 2022 12:17:22 GMT
set-cookie: UID=1046400381b5aceb4fda9931670156242; domain=.scorecardresearch.com; path=/; max-age=62208000
x-cache: Miss from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ig0W3-tbxQSEnKVda_93nhKjue_QkrbiHukChRQGOGq4XLwTrPiMDQ==
X-Firefox-Spdy: h2
kdmh.live/web/index_files/saved_resource(1)
192.151.157.182200 OK 36 kB URL HTTP/1.1 kdmh.live/web/index_files/saved_resource(1)
IP 192.151.157.182:0
Hash 90b8700a503b0eaf1f0a978a02254c9f
aaf64771628fce92f5b4a22a1af979aa93a4a313
1d48ee2e76afc714327a358c7f1e372f3a546f31677e89f0813e584a0e5ff3fe
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/saved_resource(1) HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Length: 61477
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd0b48347644ddc60fb16b04140cfcb7
ef8d6c8e3c979e98c82655290150aa14fe5d44d1
f3d27c16653ed979a7cce2dc6239a48a86c7dab2fc34949b540802e50b05275a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5642
Cache-Control: max-age=115930
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:22 GMT
Etag: "638b9ba3-1d7"
Expires: Mon, 05 Dec 2022 20:29:32 GMT
Last-Modified: Sat, 03 Dec 2022 18:55:31 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 0aa4d9affe7a391bc9e050267c005f02
f5a68f47540ee51f03ed4a2082e02329eda55e9e
b8e5a8c3ea5944de508556599eef8ea20a65983e0f5ad2ac3ea142d002ab46a6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3159
Cache-Control: max-age=88197
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:22 GMT
Etag: "638b3900-139"
Expires: Mon, 05 Dec 2022 12:47:19 GMT
Last-Modified: Sat, 03 Dec 2022 11:54:40 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 313
kdmh.live/web/errors/log
192.151.157.182404 Not Found 0 B IP 192.151.157.182:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
fortinet Phishing
POST /web/errors/log HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-type: application/json
Content-Length: 499
Origin: http://kdmh.live
Connection: keep-alive
Referer: http://kdmh.live/web/index_files/SV_71iOFlig0vNugpn.html
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
t.co/i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29
104.244.42.69200 OK 43 B URL HTTP/2 t.co/i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29
IP 104.244.42.69:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29 HTTP/1.1
Host: t.co
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: muc_ads=fce7a4f6-0ae6-48ed-9129-4a5b66436f48; Max-Age=63072000; Expires=Tue, 03 Dec 2024 12:17:22 GMT; Path=/; Domain=t.co; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: b6ea9c0c576c855f
strict-transport-security: max-age=0
x-response-time: 105
x-connection-hash: 8034ec492f3f1547ebad5cc5ab21d0ac274374d26618679ccd7aed73567959b4
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 314 B IP 93.184.220.29:0
Hash 2752cb5fb329ef4efff0ca05497a1e43
656a2e4623d9dbcc2965dccb9d0f5a271660f70b
98c32ca93b27d7aae504a4be21e6fbdc6df77ee4fb8c62669cddae9a2f96a5e9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3217
Cache-Control: max-age=129298
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:22 GMT
Etag: "638bd953-13a"
Expires: Tue, 06 Dec 2022 00:12:20 GMT
Last-Modified: Sat, 03 Dec 2022 23:18:43 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 314
www.canadapost-postescanada.ca/shop/mc/assets/images/structure/cpo.ico
104.88.13.190301 Moved Permanently 134 B URL HTTP/1.1 www.canadapost-postescanada.ca/shop/mc/assets/images/structure/cpo.ico
IP 104.88.13.190:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4aa7a432bb447f094408f1bd6229c605
1965c4952cc8c082a6307ed67061a57aab6632fa
34ccdc351dc93dbf30a8630521968421091e3ed19c31a16e32c2eabb55c6a73a
GET /shop/mc/assets/images/structure/cpo.ico HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 301 Moved Permanently
Content-Length: 134
Content-Type: text/html
Location: https://www.canadapost-postescanada.ca/store-boutique/en
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Sun, 04 Dec 2022 12:17:22 GMT
Connection: keep-alive
analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29
104.244.42.131200 OK 43 B URL HTTP/2 analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29
IP 104.244.42.131:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 377d257f2d2e294916143c069141c1c5
b7cae69682cf31dd670b65088db8395acda6ed3e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
GET /i/adsct?bci=3&eci=2&event_id=f06ae7e3-fd3b-4926-b51b-435ec05a1edf&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=6a635b47-3cc6-48d7-9fef-5e7acf00db6f&tw_document_href=http%3A%2F%2Fkdmh.live%2Fweb%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ny0qm&type=javascript&version=2.3.29 HTTP/1.1
Host: analytics.twitter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:22 GMT
perf: 7626143928
server: tsa_o
set-cookie: personalization_id="v1_hVcfbdwh+YQqrOCYTW6NmQ=="; Max-Age=63072000; Expires=Tue, 03 Dec 2024 12:17:22 GMT; Path=/; Domain=.twitter.com; Secure; SameSite=None
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, max-age=0
content-length: 43
x-transaction-id: e3775ef8adf26f27
strict-transport-security: max-age=631138519
x-response-time: 105
x-connection-hash: f1a3c71f4871e3035dd21ec73d0900204898bb8afa8e5dc9b2a44df509e319f7
X-Firefox-Spdy: h2
www.canadapost-postescanada.ca/store-boutique/en
104.88.13.190307 Temporary Redirect 136 B URL HTTP/1.1 www.canadapost-postescanada.ca/store-boutique/en
IP 104.88.13.190:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ed10607782c0c178ac891c97e9aa1470
5ce456cdbdcbdaab83e380dd5dc4d7a4033eaa90
8fc58eab6a6eb86985c8b65a22e5816abedaf9e82470bc3ff93bffd2dd7e8a41
GET /store-boutique/en HTTP/1.1
Host: www.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Temporary Redirect
Content-Length: 136
Content-Type: text/html
Location: https://store.canadapost-postescanada.ca/store-boutique/en
p3p: CP="NON CUR OTPi OUR NOR UNI"
content-security-policy-report-only: object-src 'none'; connect-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.cpggpc.ca https://www.google-analytics.com https://siteintercept.qualtrics.com https://www.facebook.com https://sslstats.canadapost.ca https://*.wistia.com https://dpm.demdex.net https://csi.gstatic.com https://adservice.google.com https://*.googlesyndication.com https://*.g.doubleclick.net https://maps.googleapis.com https://vmss.boldchat.com https://www.linkedin.com https://canadapost.tt.omtrdc.net https://services.postcodeanywhere.co.uk https://embedwistia-a.akamaihd.net https://cdn.cookielaw.org https://geolocation.onetrust.com; font-src 'self' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://fonts.gstatic.com https://*.arcgis.com; form-action 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca https://*.epost.ca https://www.facebook.com https://google.com; frame-ancestors 'self' https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.canadapost.ca; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.cpggpc.ca https://www.adobetag.com https://assets.adobedtm.com https://siteintercept.qualtrics.com https://zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com https://connect.facebook.net https://snap.licdn.com https://z.moatads.com https://static.ads-twitter.com https://www.googletagmanager.com https://www.google.com https://www.googletagservices.com https://*.google-analytics.com https://*.googleadservices.com https://www.gstatic.com https://*.googlesyndication.com https://adservice.google.com https://adservice.google.ca https://maps.googleapis.com https://cdn.ampproject.org https://*.doubleclick.net https://*.twitter.com https://cdn.syndication.twimg.com https://dpm.demdex.net https://*.wistia.com https://*.frontlinesvc.com https://*.arcgis.com https://www.linkedin.com https://vmss.boldchat.com https://sb.scorecardresearch.com https://www.rnengage.com https://sjs.bizographics.com https://www.instagram.com https://secure.adnxs.com https://app.five9.com https://cdn.cookielaw.org; style-src 'self' 'unsafe-inline' https://*.frontlinesvc.com https://fonts.googleapis.com https://translate.googleapis.com https://*.twitter.com https://*.canadapost.ca https://*.canadapost-postescanada.ca https://*.postescanada-canadapost.ca https://*.epost.ca https://*.arcgis.com https://*.arcgisonline.com https://app.five9.com; report-uri https://www.canadapost-postescanada.ca/cwc/components/rs/csp-reports;
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-permitted-cross-domain-policies: master-only
Content-Security-Policy: frame-ancestors 'self'
referrer-policy: no-referrer-when-downgrade
strict-transport-security: max-age=31536000; includeSubdomains; preload
Date: Sun, 04 Dec 2022 12:17:22 GMT
Connection: keep-alive
www.facebook.com/tr/?id=614267586032718&ev=PageView&dl=http%3A%2F%2Fkdmh.live%2Fweb%2F&rl=&if=false&ts=1670156240963&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670156240962.147569287&it=1670156240254&coo=false&rqm=GET
157.240.240.35200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=614267586032718&ev=PageView&dl=http%3A%2F%2Fkdmh.live%2Fweb%2F&rl=&if=false&ts=1670156240963&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670156240962.147569287&it=1670156240254&coo=false&rqm=GET
IP 157.240.240.35:0
File type gzip compressed data, from Unix\012- data
Hash 96ae9809c80088472b1cc6e366c6bf9f
d8ccfc8bfa95bf7479c5bcaeb7a65cd427e9ef2a
8a519f7f0a6c8814ee3fda4768a9764f68c83b32728d7f39e443c3250a99f50a
GET /tr/?id=614267586032718&ev=PageView&dl=http%3A%2F%2Fkdmh.live%2Fweb%2F&rl=&if=false&ts=1670156240963&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1670156240962.147569287&it=1670156240254&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 04 Dec 2022 12:17:23 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 12cd9faa14efe008864561bdf7377a8d
f29f80ed0ac4ddfebf806cc5f24d5ad8c8bb8cb1
10c66aaf086f012a7992f34aa9197756826d7c709e6fc2d5b003a13598a8fbfa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "10C66AAF086F012A7992F34AA9197756826D7C709E6FC2D5B003A13598A8FBFA"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14129
Expires: Sun, 04 Dec 2022 16:12:52 GMT
Date: Sun, 04 Dec 2022 12:17:23 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9f0dd32ab6b93c8852071dca0bb89704
316572ea3065db04992a2c8a5ff0dce28881dc1d
2f95d3d307da9d14081c20a1d86cad9e180b8bcf4c65daf4b0119d89177e2a45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6531
Cache-Control: max-age=90176
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:23 GMT
Etag: "638b3390-1d7"
Expires: Mon, 05 Dec 2022 13:20:19 GMT
Last-Modified: Sat, 03 Dec 2022 11:31:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9f0dd32ab6b93c8852071dca0bb89704
316572ea3065db04992a2c8a5ff0dce28881dc1d
2f95d3d307da9d14081c20a1d86cad9e180b8bcf4c65daf4b0119d89177e2a45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6531
Cache-Control: max-age=90176
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 12:17:23 GMT
Etag: "638b3390-1d7"
Expires: Mon, 05 Dec 2022 13:20:19 GMT
Last-Modified: Sat, 03 Dec 2022 11:31:28 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
store.canadapost-postescanada.ca/store-boutique/en
23.36.79.8301 Moved Permanently 0 B URL HTTP/2 store.canadapost-postescanada.ca/store-boutique/en
IP 23.36.79.8:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - Canada Post
urlquery phishing Phishing - Canada Post
GET /store-boutique/en HTTP/1.1
Host: store.canadapost-postescanada.ca
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-length: 0
location: /home
access-control-allow-origin: https://store.canadapost-postescanada.ca
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-vol-canonical-url: /home
x-vol-correlation: d998c34f935a41cbb85f6aa85f92b3fe
expires: Sun, 04 Dec 2022 12:17:23 GMT
cache-control: max-age=0, no-cache
pragma: no-cache
date: Sun, 04 Dec 2022 12:17:23 GMT
set-cookie: sb-sf-at-prod-s=at=jhJDDIgsOE4ZYYa4NE0Fz9pClPUXHpJDnXbhjHnEjTdfPaHYPzBtlfCuLBZwHS9uh0pJ3bM5hnnXFW%2FoLXr%2BZeJn99eDpLMkvw5BgKehLjTnIYGDnafys3AnNn3%2FGJTWkqzuT0ZVAnSeAE6mEE4OitRxp0I4Z5kNXdjKn3Dl%2BmGsa21u9bXzm1yvNb98ujHSwOEalJANuq6TSCPAiTR8%2FP5QimXnieBvpnfrrnt5B%2FH172fVkk4rgqpi9Z4%2Bom%2Bt1dNZOFMZXyB4YyHY5J4%2B7wawV8ren3glB4n041btRbADIV8RCitjKSJFaAfPxkMgJwtwVecx9nWIDtlTyZ7ntw%3D%3D&dt=2022-12-04T12%3A17%3A23.4604688Z; path=/; httponly
sb-sf-at-prod=at=jhJDDIgsOE4ZYYa4NE0Fz9pClPUXHpJDnXbhjHnEjTdfPaHYPzBtlfCuLBZwHS9uh0pJ3bM5hnnXFW%2FoLXr%2BZeJn99eDpLMkvw5BgKehLjTnIYGDnafys3AnNn3%2FGJTWkqzuT0ZVAnSeAE6mEE4OitRxp0I4Z5kNXdjKn3Dl%2BmGsa21u9bXzm1yvNb98ujHSwOEalJANuq6TSCPAiTR8%2FP5QimXnieBvpnfrrnt5B%2FH172fVkk4rgqpi9Z4%2Bom%2Bt1dNZOFMZXyB4YyHY5J4%2B7wawV8ren3glB4n041btRbADIV8RCitjKSJFaAfPxkMgJwtwVecx9nWIDtlTyZ7ntw%3D%3D; expires=Thu, 04 Dec 2042 12:17:23 GMT; path=/; httponly
_mzvr=_gnYXBVaok6FMCc5LMSUvg; expires=Mon, 04 Dec 2023 12:17:23 GMT; path=/; httponly
_mzvs=nn; path=/; httponly
_mzvt=mEcIWslzC0y5kziSvIlgQA; expires=Sun, 04 Dec 2022 12:47:23 GMT; path=/; httponly
_mzPc=eyJjb3JyZWxhdGlvbklkIjoiZDk5OGMzNGY5MzVhNDFjYmI4NWY2YWE4NWY5MmIzZmUiLCJpcEFkZHJlc3MiOiI5MS45MC40Mi4xNTQiLCJpc0RlYnVnTW9kZSI6ZmFsc2UsImlzQ3Jhd2xlciI6ZmFsc2UsImlzTW9iaWxlIjpmYWxzZSwiaXNUYWJsZXQiOmZhbHNlLCJpc0Rlc2t0b3AiOnRydWUsInZpc2l0Ijp7InZpc2l0SWQiOiJtRWNJV3NsekMweTVremlTdklsZ1FBIiwidmlzaXRvcklkIjoiX2duWVhCVmFvazZGTUNjNUxNU1V2ZyIsImlzVHJhY2tlZCI6ZmFsc2UsImlzVXNlclRyYWNrZWQiOmZhbHNlfSwidXNlciI6eyJpc0F1dGhlbnRpY2F0ZWQiOmZhbHNlLCJ1c2VySWQiOiJlYmNiY2QxOWEyOTE0NDg3YWQxNGYzYzA2MmMxNmIwZSIsImZpcnN0TmFtZSI6IiIsImxhc3ROYW1lIjoiIiwiZW1haWwiOiIiLCJpc0Fub255bW91cyI6dHJ1ZSwiYmVoYXZpb3JzIjpbMTAxNCwyMjJdLCJpc1NhbGVzUmVwIjpmYWxzZX0sInVzZXJQcm9maWxlIjp7InVzZXJJZCI6ImViY2JjZDE5YTI5MTQ0ODdhZDE0ZjNjMDYyYzE2YjBlIiwiZmlyc3ROYW1lIjoiIiwibGFzdE5hbWUiOiIiLCJlbWFpbEFkZHJlc3MiOiIiLCJ1c2VyTmFtZSI6IiJ9LCJpc0VkaXRNb2RlIjpmYWxzZSwiaXNBZG1pbk1vZGUiOmZhbHNlLCJub3ciOiIyMDIyLTEyLTA0VDEyOjE3OjIzLjQ2MTE1NDFaIiwiY3Jhd2xlckluZm8iOnsiaXNDcmF3bGVyIjpmYWxzZX0sImN1cnJlbmN5UmF0ZUluZm8iOnt9fQ%3D%3D; path=/
strict-transport-security: max-age=31536000 ; includeSubDomains ; preload
X-Firefox-Spdy: h2
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241044
104.17.208.240200 OK 34 kB URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241044
IP 104.17.208.240:0
File type ASCII text, with very long lines (6801)
Hash 1b6a96259d992bf2dd86bdadef1c39a7
17af71c744b019e0c24227fc0159cd6effb06a2d
6f2b2496169cae90b963ac6d936b1ae52c5e5aef8d67fcd7c2731ec4160f0e0f
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241044 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:23 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77447a89bd99b50f-OSL
access-control-allow-origin: *
age: 198657
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-yCXSqeWNF3QQ5gWuVWm89QaDdXQ"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
kdmh.live/web/index_files/f(1).txt
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/f(1).txt
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/f(1).txt HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Last-Modified: Thu, 08 Apr 2021 04:06:12 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Content-Encoding: gzip
kdmh.live/web/index_files/js
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/js
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/js HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Length: 90278
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:06 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/saved_resource(1)
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/saved_resource(1)
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/saved_resource(1) HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:17 GMT
Content-Length: 61477
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: MISS
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/saved_resource
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/saved_resource
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/saved_resource HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:22 GMT
Content-Length: 61477
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:14 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241045
104.17.208.240200 OK 0 B URL HTTP/2 zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com/WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241045
IP 104.17.208.240:0
GET /WRSiteInterceptEngine/?Q_ZID=ZN_0xleIR6sWSZaNY9&Q_LOC=http%3A%2F%2Fkdmh.live%2Fweb%2F&t=1670156241045 HTTP/1.1
Host: zn0xleir6swszany9-canadapostdigital.siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:23 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77447a89cdb0b50f-OSL
access-control-allow-origin: *
age: 198657
cache-control: public, max-age=3600, s-maxage=604800
etag: W/"2127-yCXSqeWNF3QQ5gWuVWm89QaDdXQ"
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=8487
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web
IP 104.17.208.240:0
POST /WRSiteInterceptEngine/Targeting.php?Q_ZoneID=ZN_0xleIR6sWSZaNY9&Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 76
Origin: http://kdmh.live
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:23 GMT
content-type: application/json
cf-ray: 77447a8a5e3ab50f-OSL
access-control-allow-origin: http://kdmh.live
cache-control: no-store, no-cache, must-revalidate, max-age=0
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
access-control-allow-credentials: true
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
trace-id: 21983e8e52c44c30
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
kdmh.live/web/index_files/js(1)
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/js(1)
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/js(1) HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Length: 90248
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:08 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
kdmh.live/web/index_files/css
192.151.157.182200 OK 0 B URL HTTP/1.1 kdmh.live/web/index_files/css
IP 192.151.157.182:0
Analyzer Verdict Alert fortinet Phishing
GET /web/index_files/css HTTP/1.1
Host: kdmh.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://kdmh.live/web/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 12:17:16 GMT
Content-Length: 24218
Connection: keep-alive
Last-Modified: Thu, 08 Apr 2021 04:06:10 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
X-Nginx-Upstream-Cache-Status: EXPIRED
X-Server-Powered-By: Engintron
Accept-Ranges: bytes
siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
104.17.208.240200 OK 0 B URL HTTP/2 siteintercept.qualtrics.com/dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital
IP 104.17.208.240:0
GET /dxjsmodule/1.8ce69394dfc154e65174.chunk.js?Q_CLIENTVERSION=1.81.0&Q_CLIENTTYPE=web&Q_BRANDID=canadapostdigital HTTP/1.1
Host: siteintercept.qualtrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 04 Dec 2022 12:17:23 GMT
content-type: application/javascript
cf-ray: 77447a8b6f7ab50f-OSL
access-control-allow-origin: *
age: 469844
cache-control: public, max-age=604800, s-maxage=604800
etag: W/"7380-1845383cf10"
last-modified: Mon, 07 Nov 2022 19:14:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
cf-cache-status: HIT
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
cf-bgj: minify
cf-polished: origSize=29568
edge-control: max-age=604800
permissions-policy: camera=(), geolocation=(), microphone=()
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
142.250.74.74200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP 142.250.74.74:0
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://kdmh.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 12:17:16 GMT
date: Sun, 04 Dec 2022 12:17:16 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2