r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 76d5eb597558e3dee0d99719d17e71e0
f3a0f3932fa8059f27dc9422d523b938fa9a7d09
d16de6cc9eb0e1297f53dc1137bb764bf5c21a7727be32ad05afebd1fe9501ed
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D16DE6CC9EB0E1297F53DC1137BB764BF5C21A7727BE32AD05AFEBD1FE9501ED"
Last-Modified: Sat, 10 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17420
Expires: Sun, 11 Sep 2022 10:59:32 GMT
Date: Sun, 11 Sep 2022 06:09:12 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 99b7d23c1748d0526782b9ff9ea45f09
eadd801a3ba2aa00632c6fb52e1f9125bd6d5b4f
48f81668f76955320480b484138aebdad5d03c471036b4449c737aca1ecab08e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Content-Length, Backoff, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 11 Sep 2022 06:07:22 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: IOMEVfcPTclhzzP92dj29pHZ3MrqI5cRM9b5WaEy3Nnp8u16lsnwCw==
Age: 110
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 10 Sep 2022 07:17:13 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 f66e3db0f0449307dba3fbf72bbf3bac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: CdvYihqbgc6Y81Q_fXCODDQed-dWZCOLJdVc9GpTRzfp5aA-lGuU7A==
age: 82320
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 11 Sep 2022 06:09:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
crescentmall99.com/
104.21.74.37200 OK 1.7 kB IP 104.21.74.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash 8ad81e471ddacdabec2c8d771b7e154d
457157e50fbe0f1971615dbc0daa2b35c39a7059
f8ec84dee901be94c433bb7b6dd7ed3d40d58b43ee1135ee8e2a4025d665b976
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:12 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Sun, 20 Mar 2022 12:50:46 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bvhu1Mwfa84fBO0o9KRCYMmBXgIaPA0ZxMYPzLxo6McbkB1qsteT3ubjIa2eGaIPJth104IoVvtVIglza5L%2BFA728NFE8Fsp4XPZKMrFimLFqyr36cTNGFCSkcZdnHFUJUc0dfg%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bb289c11bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/logo.png
104.21.74.37200 OK 127 kB URL HTTP/1.1 crescentmall99.com/h5/static/logo.png
IP 104.21.74.37:0
File type PNG image data, 2028 x 2048, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (127205 bytes)
Hash 2bde87df246332d29107de143c1a3302
96b4a76029adf4773030e5f801cade88a04ae0bf
2a6026ab9a1c41f4bf548cd80609af3c6c7ed1195b642dbd052c1d9469b20260
GET /h5/static/logo.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:12 GMT
Content-Type: image/png
Content-Length: 127205
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:09:27 GMT
ETag: "62f1ec07-1f0e5"
Expires: Tue, 11 Oct 2022 00:08:40 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 21632
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UL5MqMf%2FedUxaBDNA8LYva4aQuUOgz4H9NEYWpZ03KBJt%2FTiWDws2N6XuaIvUPAJoeYY7eJrTlRxVP0N9pbKrblhGkS3u%2FyH02XAeFBzp3CDtj2Wo55OAPWHL7u5uFg9MuzG3aE%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bb61c481bfa-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/images/iPhoneX_model.png
104.21.74.37200 OK 22 kB URL HTTP/1.1 crescentmall99.com/images/iPhoneX_model.png
IP 104.21.74.37:0
File type PNG image data, 740 x 1500, 8-bit/color RGBA, non-interlaced\012- data
Hash 91bb725c106e9d559813ebe320f84562
ee113ab28b7949d23b87f04ee10f17e0591219e8
c6ade241d8c3ed0caca73083845745fd82faa9c953570465796097b29888c613
GET /images/iPhoneX_model.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:12 GMT
Content-Type: image/png
Content-Length: 22459
Connection: keep-alive
Last-Modified: Sun, 20 Mar 2022 12:50:46 GMT
ETag: "62372326-57bb"
Expires: Tue, 11 Oct 2022 05:44:45 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1466
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cJ6TbAv49ttW0KS82%2BWTub%2F0ZjrXmZ6hcd8y2ypdV8l4%2F6m2RvbivvLYra4RhYjmz8hbXJrMdnq9xz9Ck23XjukiLmIixsktDQtfQrm0DSI5p1zEVcOidh6rscGoi0YB5DcD10w%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bb64c571bfa-OSL
alt-svc: h2=":443"; ma=60
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 36fe04277220227ba5ecfe7d2ff1d9d9
2eb9f6560336248cc45c1cd66d87505b5ebdf5d4
94f8f2f8f3b67db18825ea48740ff0ce218d7156fe851d6b023ef43b6bee4f7f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6277
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 11 Sep 2022 06:09:12 GMT
Last-Modified: Sun, 11 Sep 2022 04:24:35 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Sun, 11 Sep 2022 05:56:07 GMT
Expires: Sun, 11 Sep 2022 06:17:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CDRmZczz_VyQlief_FldsYovMDZlXR8emNdfsiymZIXI3wyXeHAqFA==
Age: 785
crescentmall99.com/h5/index.html
104.21.74.37200 OK 1.2 kB URL HTTP/1.1 crescentmall99.com/h5/index.html
IP 104.21.74.37:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (324)
Hash adde509e3119897c6b14710ff5e58377
d15677bf08cb469ce568cad1fb9d536ea0359b35
95c6e83d79f4f4f417bbc0478942529b69135bdafdce6ba13879f3df74150e62
Analyzer Verdict Alert fortinet Phishing
GET /h5/index.html HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:21 GMT
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cm9IhHj4jUpOzemt6F5zHiifOWimTYkqeEhUaNk1EjrTXZvou3Nf0JhJ6eUbCKQcI8TEvlQ7vu3l0k0lB4fqrtcuFrGk%2FFZworaqbqDnd9aPYw10m7EaSAEqwMBx61%2F4NFFMSAY%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bb72d081bfa-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/index.css
104.21.74.37200 OK 29 kB URL HTTP/1.1 crescentmall99.com/h5/static/index.css
IP 104.21.74.37:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 4f73e8c70d3d1fd54f6011dd5b8787c6
a7ca3aec29de53f34477b667fb7d7412de6c2f68
ffd9b2457faf328be5c5370d6483c85c28336a033b36b24e4a32690842d17eee
GET /h5/static/index.css HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:09:22 GMT
Vary: Accept-Encoding
ETag: W/"62f1ec02-17031"
Expires: Sun, 11 Sep 2022 17:44:46 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1467
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l2J0g96GwIrVATNlhOtUNtgJZvcJ0B1VRIrvs9CpPcunfqhVDqpZ6fVItHkEVPtuXzsvfwZbEi4U3Rt%2FRRXQx9b%2FH649rrx5y7O6F0XKHezwsUkPv885nE4f%2Fy23m6WAtema548%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bb8ce1c1bfa-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/chunk-vendors.58a19218.js
104.21.74.37200 OK 308 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/chunk-vendors.58a19218.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (64721), with no line terminators
Size 308 kB (307501 bytes)
Hash 1fd02e85baefaf220d1e7198f2a510c2
414497107aa8d56f915ec3d7764f62cbda1dab8b
157a37ad4908cc1c1cf85cc85cb516a42353bdd5d2282e5264da18e73f2665f8
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/chunk-vendors.58a19218.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-d474f"
Expires: Sun, 11 Sep 2022 17:44:46 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1467
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kMUGQgg3%2Fj4Dr7UQ1HHZmb6QBFymmDRZindPEhWNfiSDNoeqqXhflJCNLrECUBCa3i2GHtNFetCTj6Uji4d1XhE%2BKc4yElVEOnhjclC5M%2FaL0SYcdeRAy3kqCmww074eUl4MGWU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bb8cbb80b3d-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/index.8968d55e.js
104.21.74.37200 OK 59 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/index.8968d55e.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (48762), with no line terminators
Hash ebcd45f01d8b064e6b8e0f19316d753e
e4a9288ae83580c011a34927b040f3e643837059
4cc0a73d6654c8183c0c27988f250fc09d29f41fdd5142a3b0ef8b16ec398030
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/index.8968d55e.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-369b2"
Expires: Sun, 11 Sep 2022 17:44:46 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1467
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s3LsO%2F%2F6mo1C%2B%2F%2B0COPYbE9VvXKHDuNKBsfeKgHSGBCMU7iQtkdn8%2B85n6oCEgT15Tnx44ObOYLt%2FQsY2qn0VbSRr5wk7w32v%2BUt%2BKS6979fazJQWMk753V3GdA8jV88GGmmHTA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bb8cc821c12-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/pages-forget-index~pages-login-index~pages-register-index.1d9d3298.js
104.21.74.37200 OK 6.7 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/pages-forget-index~pages-login-index~pages-register-index.1d9d3298.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (12460), with no line terminators
Hash b275aa92a8d3fa005f8d50b437076e06
32534e8fabecb5fa47acada1503c71a199c37fbc
066485f0edad8fa7bc69dd1810ccfaf3e6eb9915a88a1632500b7a7a55e933aa
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/pages-forget-index~pages-login-index~pages-register-index.1d9d3298.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-32a4"
Expires: Sun, 11 Sep 2022 17:44:48 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1465
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pz99YiN4Gd0Ak8X%2FoCkLeWS3VZ8joOXtGi7wSpZHSccnmaS9U2PAOoPIfSw9R4sJ5fcmV9SpUYoaVPI8KrBaru%2B4rZYS5d2lMt2lSEr8FZlK5WqzvIpTEvCOGXqXi2WEyAKhMd4%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bbb5fd61bfa-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/pages-index-index~pages-index-record~pages-index-shop~pages-index-yuEBao~pages-login-index~pages-mak~b0479776.6f17a04c.js
104.21.74.37200 OK 3.9 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/pages-index-index~pages-index-record~pages-index-shop~pages-index-yuEBao~pages-login-index~pages-mak~b0479776.6f17a04c.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (11743), with no line terminators
Hash 6bd528ecd9486507f309638700e0e7a9
72e9e9f0509836c551d59f249ac3fbb92d6df4e6
6bb8db8737e4be7340c28273028569ce4fecbf652a92200dcb80194603af7182
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/pages-index-index~pages-index-record~pages-index-shop~pages-index-yuEBao~pages-login-index~pages-mak~b0479776.6f17a04c.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-31bb"
Expires: Sun, 11 Sep 2022 17:44:48 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1465
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mPf1Xp1kbIZ2pmlDNe6F7yJaLXgx%2FtMeW2acH54EEPuD2CjdtWpomtCgIknXD%2BDv6TD%2F6iG7jB6%2FmOBqPbwjpxSmbZe07yIQjZ99dHwcPqA1u8Spn%2FiLLKNDYWw3ubgTg5TTTGw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bbb5e011c12-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/pages-forget-index~pages-index-detail~pages-index-help~pages-index-index~pages-index-record~pages-in~94c08f88.2f2650b4.js
104.21.74.37200 OK 32 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/pages-forget-index~pages-index-detail~pages-index-help~pages-index-index~pages-index-record~pages-in~94c08f88.2f2650b4.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (54515), with no line terminators
Hash f5795cdeb4d20b41a3378d467fe10ac5
c5983e0260dd3ced3310adf2baa41c7dd4abd9db
22875180186c04c952c9c7032b6980fe4ca6b2a8c1a0e16a573b85a101d6aa44
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/pages-forget-index~pages-index-detail~pages-index-help~pages-index-index~pages-index-record~pages-in~94c08f88.2f2650b4.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-d737"
Expires: Sun, 11 Sep 2022 17:44:48 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1465
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GBh1%2BHEjdF%2FDCRftDH%2BtRO29V5ki7GZE3LoYcBC%2B2qCxuxbAlRvfmJP%2BfQDdRE%2FY2RqTfUBE2QyPPrAKpkaOmhBa0Bg%2FOP3p%2FvaVa06bGTaJmcbca93BT8J3KET7v4RkK%2BXgWVI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bbb5d3b0b3d-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/tab/icon_task_0.png
104.21.74.37200 OK 1.7 kB URL HTTP/1.1 crescentmall99.com/h5/static/tab/icon_task_0.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 584679e3c59acdaf3d0ecd2f4062ee76
bda8aeb03b13eb9d605c2d274ed1ca24ed97e00a
ce0995020218512de7ae7987bae9edb494e9a59ee47e3f768f8ff4557e420dec
GET /h5/static/tab/icon_task_0.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 1714
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:50 GMT
ETag: "6297525e-6b2"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=trwCkMIES0FPDHC4Y8E%2BB1guvQgJdr7Nuug5pGLK02O8Jx33oPYqewVsyBNMtv2mjXye3xKBxxL4Dy73w4e28%2B3HSXyAVSsuM9GOWhkTMbYflSjyDWkGGz6xZlxQZrRbEHEnkdo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbb6fda1bfa-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/tab/icon_record_0.png
104.21.74.37200 OK 446 B URL HTTP/1.1 crescentmall99.com/h5/static/tab/icon_record_0.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash cdcdf11ce01f8b2807f2db2213e37c9f
d5393901dcc3ad481d531f85f698a0c7e1a1a40a
e553abacccd6e91d6901dceb544c830fda52c305c2cc0d6745aa36f1d4429ae3
GET /h5/static/tab/icon_record_0.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 446
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:49 GMT
ETag: "6297525d-1be"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oouDrWJaCfeTPmtiwKlzcNLx3zejE75LrI0TXki0biVNZx%2F%2FOF8zhM4B63lHZ4n4Psp4ilUWr24CC7tdFTjLn1scs3RalXlu6vX%2BllBUiT71xlE5izDTbLX%2BvDitPIDwXBqtl7g%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbb6e071c12-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/js/pages-login-index.b9d4a2aa.js
104.21.74.37200 OK 11 kB URL HTTP/1.1 crescentmall99.com/h5/static/js/pages-login-index.b9d4a2aa.js
IP 104.21.74.37:0
File type Unicode text, UTF-8 text, with very long lines (26550), with no line terminators
Hash ed0071469cf808c8106910c02e63e351
7df25f777efa1eba4bea46f7531130ece44579e8
a3661b2f58545b9ed7078d1c9a47b4f0961eaaff4ec79ffcf5718fca8aa215bb
Analyzer Verdict Alert fortinet Phishing
GET /h5/static/js/pages-login-index.b9d4a2aa.js HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:39 GMT
Vary: Accept-Encoding
ETag: W/"62f1ebd7-6b9a"
Expires: Sun, 11 Sep 2022 17:44:48 GMT
Cache-Control: max-age=43200
Strict-Transport-Security: max-age=31536000
Content-Encoding: gzip
CF-Cache-Status: HIT
Age: 1465
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gbPQLZz7%2Bqz8cxTPKbiiBZNiO3ZnF1g8o%2BtvY6caIJcG3KGogkkgGqeliSHo5AkFCsd063rg1fLtZFSOozB0lYfnuV%2FqXOQInO57J6hquxh5tvycqoJsioEHTW7W%2BkIaLqJEV0M%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 748e3bbb59dab51b-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/tab/icon_my_0.png
104.21.74.37200 OK 1.7 kB URL HTTP/1.1 crescentmall99.com/h5/static/tab/icon_my_0.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash 8fcd2a2360d1db880c547446cd0b5a14
ae5a1582b3642262f8f65d62d2f95aa4d31284e9
99d0973d5955b8dffd7ba82140064e617e678ef6654e55d0ed4012969751740c
GET /h5/static/tab/icon_my_0.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 1724
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:49 GMT
ETag: "6297525d-6bc"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2NnrPPKFHqsE3kyAFOtcuidEjtcZKVOe%2FZspbBhjNrK%2BXJxoiuvH9JaBtZq9CBr%2F%2FRg5lTzBjTHISJ26J3UKFhCIt0i%2BjZ6WIfALbzIk1OFYMyrivxE7dhNzkSEIUs%2Fr9kPT%2Fjo%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbb6d420b3d-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/tab/icon_home_1.png
104.21.74.37200 OK 599 B URL HTTP/1.1 crescentmall99.com/h5/static/tab/icon_home_1.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash ba150e9a017c0d75feedcdc7564baf93
a5ddc44a7d8da704165b3e370f6953be28f62e16
414efc8bc42de21a182a2b14f558608f256e17e41fa5891b58b679545a09c89a
GET /h5/static/tab/icon_home_1.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 599
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:49 GMT
ETag: "6297525d-257"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EDsOaoad3IZY%2BBBOwsqRfDWUEhXRWtso1hKP7yJ2ivfzB3GWsy0IkFUomGIE%2FPE7AbtCjKoTmWc6nig6Ic285l2M5xzEIQGnO9HOs5V7HkA%2Fef03XAxW4KaiColReHq%2FNrK8PXc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbb5e25b4eb-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/tab/icon_vip_0.png
104.21.74.37200 OK 1.7 kB URL HTTP/1.1 crescentmall99.com/h5/static/tab/icon_vip_0.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash d668ce09330319606fd7856c7157aef5
d8686b66e667d73d8d6606e853255a0880a412ee
9baafbda031bd3fc01cdaa758be830607857efd9e8a75370f15a05b71e3588d8
GET /h5/static/tab/icon_vip_0.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 1650
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:50 GMT
ETag: "6297525e-672"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3o9H6z9tVOgO4YjUI5Cik7lDh0Bn7y8NG1AgkAbOeGoHRB9U340wIgD%2F2AyBA5THoZ%2FR5CY3GAR4u2w0qFZTdzdXJDZMgKvPDAMxhwYa0w2CAGDEEpenzlg7qh8tEuctWHIXMFw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbb6cb5fac4-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/img/logo.2bde87df.png
104.21.74.37200 OK 127 kB URL HTTP/1.1 crescentmall99.com/h5/static/img/logo.2bde87df.png
IP 104.21.74.37:0
File type PNG image data, 2028 x 2048, 8-bit/color RGBA, non-interlaced\012- data
Size 127 kB (127205 bytes)
Hash 2bde87df246332d29107de143c1a3302
96b4a76029adf4773030e5f801cade88a04ae0bf
2a6026ab9a1c41f4bf548cd80609af3c6c7ed1195b642dbd052c1d9469b20260
GET /h5/static/img/logo.2bde87df.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 127205
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:51 GMT
ETag: "62f1ebe3-1f0e5"
Expires: Tue, 11 Oct 2022 05:44:48 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1464
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bHSyZl3xmAqqdVdrJGl6b7Vk20Fbqv34rC%2BS6Y0i4nHYzDP7cFJ2GPNeK5YBCrzQ6PRDxQsQbt%2BF%2FgK8JTrcv8NgTBTYQQNbFYlG6GZIY58ytQEbwdzrYF%2BN68LQM0b4kQFQ2bw%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbc1e751c12-OSL
alt-svc: h2=":443"; ma=60
crescentmall99.com/h5/static/img/bg.5c94fcb3.png
104.21.74.37200 OK 125 kB URL HTTP/1.1 crescentmall99.com/h5/static/img/bg.5c94fcb3.png
IP 104.21.74.37:0
File type PNG image data, 375 x 824, 8-bit/color RGB, non-interlaced\012- data
Size 125 kB (124724 bytes)
Hash 5c94fcb30fc76e1f47c82907c372010d
83b5c46d7baf4e769042ed55d6e41ff43d242c91
f7278d647bcdaaa34492abe66e494b78203c9836598c06512933f4feb137bec8
GET /h5/static/img/bg.5c94fcb3.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:13 GMT
Content-Type: image/png
Content-Length: 124724
Connection: keep-alive
Last-Modified: Tue, 09 Aug 2022 05:08:51 GMT
ETag: "62f1ebe3-1e734"
Expires: Tue, 11 Oct 2022 05:44:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1464
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JP1c10n%2FJRwL5HDXiCODPll33B5RyojgzoNbEztVAUlEcRG3et76sQ8ebHGpfI12mZp5ipY0ohrbS5d8fHAn%2B86ptXFhTex%2BxdpFv8RKo7xhRuhK6G5vpu6bP0E5Mb28oIjigPU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbc2a83b51b-OSL
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 817585debb0e27badd0c351ab4ca1d8c
e04e372214f4444b330eda5bda2bf1c9f4f9e24c
71fe1eb240fde68556fadbeb90f3e21eea88d8f7e0e2bff03cf47b46faa14411
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "71FE1EB240FDE68556FADBEB90F3E21EEA88D8F7E0E2BFF03CF47B46FAA14411"
Last-Modified: Fri, 09 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 11 Sep 2022 12:09:13 GMT
Date: Sun, 11 Sep 2022 06:09:13 GMT
Connection: keep-alive
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 817585debb0e27badd0c351ab4ca1d8c
e04e372214f4444b330eda5bda2bf1c9f4f9e24c
71fe1eb240fde68556fadbeb90f3e21eea88d8f7e0e2bff03cf47b46faa14411
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "71FE1EB240FDE68556FADBEB90F3E21EEA88D8F7E0E2BFF03CF47B46FAA14411"
Last-Modified: Fri, 09 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20135
Expires: Sun, 11 Sep 2022 11:44:48 GMT
Date: Sun, 11 Sep 2022 06:09:13 GMT
Connection: keep-alive
crescentmall99.com/h5/static/login/.png
104.21.74.37404 Not Found 109 B URL HTTP/1.1 crescentmall99.com/h5/static/login/.png
IP 104.21.74.37:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3bf8e5b194e806e33f65dfafeb99b824
e47321a5ce2bd7d63c3981c10dff614b0a449ba7
10dbaa1586440560d323e0d6aae3dd0d915e3be05b4975518b61190657827a3d
GET /h5/static/login/.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 404 Not Found
Date: Sun, 11 Sep 2022 06:09:14 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=14400
CF-Cache-Status: MISS
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HMeKLlLpM13cE7hAw8UcK75NdcRParid%2BXlqrkIxRUqimv4hdsBCv3%2BNSh5gI3lOj792W%2B15aC6q0eQpUIAh%2F076YxbwbWq8gKguCpxIVl%2BKhSCF1kFYOHBh2DNJpJyCEUEoQmA%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bbc0d8c0b3d-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
e1.o.lencr.org/
23.33.119.27200 OK 346 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 817585debb0e27badd0c351ab4ca1d8c
e04e372214f4444b330eda5bda2bf1c9f4f9e24c
71fe1eb240fde68556fadbeb90f3e21eea88d8f7e0e2bff03cf47b46faa14411
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "71FE1EB240FDE68556FADBEB90F3E21EEA88D8F7E0E2BFF03CF47B46FAA14411"
Last-Modified: Fri, 09 Sep 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20134
Expires: Sun, 11 Sep 2022 11:44:48 GMT
Date: Sun, 11 Sep 2022 06:09:14 GMT
Connection: keep-alive
crescentmall99.com/h5/static/login/vi-VN.png
104.21.74.37200 OK 1.3 kB URL HTTP/1.1 crescentmall99.com/h5/static/login/vi-VN.png
IP 104.21.74.37:0
File type PNG image data, 46 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash d28c0572c3214b6d90aa0df96b27eead
0b9190c286f8d2d10ccc284a00152d92eeb2a738
e67dd95039447eac00bed112765581b68f4e3dd50dc2f532f7361fd5f07ed5bd
GET /h5/static/login/vi-VN.png HTTP/1.1
Host: crescentmall99.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://crescentmall99.com/h5/index.html
HTTP/1.1 200 OK
Date: Sun, 11 Sep 2022 06:09:14 GMT
Content-Type: image/png
Content-Length: 1314
Connection: keep-alive
Last-Modified: Wed, 01 Jun 2022 11:49:45 GMT
ETag: "62975259-522"
Expires: Tue, 11 Oct 2022 05:44:49 GMT
Cache-Control: max-age=2592000
Strict-Transport-Security: max-age=31536000
CF-Cache-Status: HIT
Age: 1465
Accept-Ranges: bytes
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TZed5vxFS%2BM9wO3%2BMSrs%2BkVmpSwV0haKeJ2%2F8FNnpAvtarT5ds67IsLCTP5P4iveQGKGY6h3xaAuI%2FatUxLpfsLNr%2BaULNZ0vyCPGhbPSiH7PgRaH%2Bw1SFQNyvX%2BWb80jJLugzU%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 748e3bc00fc40b3d-OSL
alt-svc: h2=":443"; ma=60
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14700
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 06:09:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 477fd76de0b69553430d504fe527cc06
88fe80a099e610212f27427ae6fd5b4e03b3df16
f27bc8051a23fbe811318b8d49f5d27e3e992962a0e72f5d30a4790fe4f42748
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F27BC8051A23FBE811318B8D49F5D27E3E992962A0E72F5D30A4790FE4F42748"
Last-Modified: Sat, 10 Sep 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14700
Expires: Sun, 11 Sep 2022 10:14:14 GMT
Date: Sun, 11 Sep 2022 06:09:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 47ae5cf125ce99bad80c283de8a85cec
0c0c1f84d8693d0c150c97faed21204622d48132
95f5b8cddbfcdb2b6105ed5a0d5ff0dd86390839e5df7416d4f879d69fcf20c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0dd9e47f-6214-4e20-b9ff-3e738ad551e3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6269
x-amzn-requestid: 8f3cabdd-78c3-47d2-841b-02b674a79123
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_FSCoAMFywQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-4b44c935456026ba700a5759;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3lrbjYxWvd1Cm5rO-XAy1tCULAXdaeVZJAPCImd9GqQC7uZ3r3TxeA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:46:28 GMT
age: 30166
etag: "0c0c1f84d8693d0c150c97faed21204622d48132"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57d797a1c3f6589746a1135bdb19f54f
7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97
ff8855ca951f53ed5f3886cc81a7f28384d41288edeca4fdc621250e4d01c6fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66c0f84d-aba2-4ce6-9e03-ee51e1c347be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6889
x-amzn-requestid: c82ac543-90cd-4aeb-a65b-7e1bbbacc407
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ2UEE-3IAMFYBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d0419-427a29067c9c92ec0db6567f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:39:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BPWrjstB3xKeYzHK9eQoJL8ORgRFsqjmNxu0j10epBANBtZCRU-m2g==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:43:06 GMT
age: 30368
etag: "7aa14fcd982a5cee38d58fc3c89edc4a8daf4c97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
34.120.237.76200 OK 7.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fea5dfc4a6a5093fd81899ee4a79d446
c893d7475856809a59486e0bcebd6d662d1fc56f
915fb97690be97d97cb298fc60ceb4cf7c3ed8fb437836beb2d590a8e238363c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3e82f3ab-3fe6-43bc-932c-936ec582e5cf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7017
x-amzn-requestid: df5e57d7-e54c-4b5a-aa1b-a9aee889842e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YQ1k_Et0oAMFSjQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d02ec-50d15bba03579a935342e22f;Sampled=0
x-amzn-remapped-date: Sat, 10 Sep 2022 21:34:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: YRgmbTGaMvU9Kf47U90cPYhgpXaYgoNVA8ut6LOUStK4UfWahpSqVA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:08 GMT
age: 30486
etag: "c893d7475856809a59486e0bcebd6d662d1fc56f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash de6622cfd812509b317913e1a5e9cfc8
84e4a39c92ab111cc1072f898990cea6b05da6cf
6d41b564c2e15215d05ba74ba2ae08abf74f6aef9e58e808d31afc6d1ba123af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F234d0658-5bd0-4cc9-a828-3300a0005951.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9319
x-amzn-requestid: 44d731e9-1da0-4ad0-9fbb-1b170fac3bf0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XnTxaFtpIAMFWAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630c666f-2e155359546dae806f6dbfe2;Sampled=0
x-amzn-remapped-date: Mon, 29 Aug 2022 07:10:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: cZslQ5Qc4PPIlpAtmGVbfr3NaPybUWZMJBz_pCrXkCSSq6hUztXVjA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 10 Sep 2022 21:41:01 GMT
age: 30493
etag: "84e4a39c92ab111cc1072f898990cea6b05da6cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
34.120.237.76200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c65d6ae04a64d9d01439fb4fca3f017
5ce0bc5b075b97639453d67d4f3cea61289b7698
eb48687a5974542d11882f854a86ff083528957b0fbc61c797167d8f04e0ffa9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff7a9494e-0e8b-451b-806d-72da68860cab.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16983
x-amzn-requestid: ed588125-de1d-47ae-a5d5-81ab8c2a8105
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YRTpmH69oAMFYAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631d330a-46ea16040beedf3903d87ec3;Sampled=0
x-amzn-remapped-date: Sun, 11 Sep 2022 00:59:54 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: iBwfZ5Vm2pbcO9zLGNtT2c0n6oZ9u-JjgIvbG47d4s6049ehYmXZ4w==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sun, 11 Sep 2022 04:26:46 GMT
age: 6148
etag: "5ce0bc5b075b97639453d67d4f3cea61289b7698"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.crescentmall77.com/index.php/Api/Public/init
104.21.68.116200 OK 6.0 kB URL HTTP/2 api.crescentmall77.com/index.php/Api/Public/init
IP 104.21.68.116:0
File type JSON data\012- , ASCII text, with very long lines (369), with no line terminators
Hash e68f3576191a8502eedeabfcdef5f7a5
8c17b346f12a9af3023912be19971c81d0807203
3f28fdc053e4000f4c38ed558486904af4ae20d4a8e2dc231bee8c089cea690a
Analyzer Verdict Alert fortinet Phishing
POST /index.php/Api/Public/init HTTP/1.1
Host: api.crescentmall77.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 23
Origin: http://crescentmall99.com
Connection: keep-alive
Referer: http://crescentmall99.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:09:14 GMT
content-type: application/json; charset=utf-8
set-cookie: BJYADMIN=8gktkle7il4hgv1h5tc0ljuoqr; expires=Mon, 26-Sep-2022 06:09:14 GMT; Max-Age=1296000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sUyMo94Pe0yM6LHkv3yT4FSUpV%2FFFrTL7GiYhny8qyXyLvL6K757icuMuSet2bIQhwE%2FxztBjCw6JbHtSBtRfmWDRvDnbZOeQ%2FqCzApRjCtVggPHLgrbVf3SmrES2z54exxBUamcBHX1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748e3bbccfadb4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
95.101.10.193200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 95.101.10.193:0
ASN #20940 Akamai International B.V.
Hash c9a8ff9f9d2e6ef2551065e99ee45950
f7391b99a0db56e756e934dce3b20b70e02af654
ffd37e13ec2ccd856eb7b1ef55309c22970ce445d28a91122dca503ec77ded8b
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: STALE
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=851
Date: Sun, 11 Sep 2022 06:09:16 GMT
Connection: keep-alive
X-N: S
cdn.dcloud.net.cn/img/shadow-grey.png
47.98.164.159200 OK 136 B URL HTTP/1.1 cdn.dcloud.net.cn/img/shadow-grey.png
IP 47.98.164.159:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 1 x 6, 4-bit colormap, non-interlaced\012- data
Hash 5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f
GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://crescentmall99.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 11 Sep 2022 06:09:17 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Sun, 11 Sep 2022 08:09:17 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=CgEB82Mde4058kF3a4WrAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes
api.crescentmall77.com/index.php/Api/Public/init
104.21.68.116200 OK 0 B URL HTTP/2 api.crescentmall77.com/index.php/Api/Public/init
IP 104.21.68.116:0
Analyzer Verdict Alert fortinet Phishing
POST /index.php/Api/Public/init HTTP/1.1
Host: api.crescentmall77.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 23
Origin: http://crescentmall99.com
Connection: keep-alive
Referer: http://crescentmall99.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 11 Sep 2022 06:09:14 GMT
content-type: application/json; charset=utf-8
set-cookie: BJYADMIN=dd2a5k737374gbtt7k1bo9qjnm; expires=Mon, 26-Sep-2022 06:09:14 GMT; Max-Age=1296000; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: x-requested-with,Content-Type,X-CSRF-Token
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FPAEWu23SiFWvvRuyINdBvuvPIYo%2BZnhJ7VIfkJRZwuw2IOXdtoYLFpSHi6VTjg1XAzIkTU9slaXqy%2FQnINIeZeu9E%2Fla0XbbROg6T88Mt9pg0DR2KR5rCiqO4%2FHigii0qJEvUcUzZSX"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 748e3bbd0fd3b4fd-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2