r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4153
Expires: Sun, 18 Sep 2022 18:56:59 GMT
Date: Sun, 18 Sep 2022 17:47:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 17:12:20 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hiMH18AiJnJ2LLW8mhqBn9W5eNPIFcgZnn7QvcSMMlOM-n7KXNuTGQ==
Age: 2126
lgnaogaon.com/mylccu.com/review/
54.36.167.15301 Moved Permanently 248 B URL HTTP/1.1 lgnaogaon.com/mylccu.com/review/
IP 54.36.167.15:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 176b248c4530d7dfc2b6eb03559dae31
769f6c1f0728e6cde295dc30ff10ffcf89b8cdf5
c9fc64dc2b892f0c5883059d88ba1e6d9cf24ff8b11fd246d2dd1f80ead87508
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/ HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 18 Sep 2022 17:47:46 GMT
Server: Apache
X-Xss-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: none
Expect-CT: max-age=86400, enforce
Public-Key-Pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
Location: https://lgnaogaon.com/mylccu.com/review/
Cache-Control: max-age=31536000
Expires: Mon, 18 Sep 2023 17:47:46 GMT
Content-Length: 248
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.110200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.110:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: BhWdsv0uc-NGyyXt1KCYkOqm8cMl92kQiLb9jU4epOChI5os9j6UlA==
age: 47553
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 17:47:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 17:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 17:07:13 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RWTiksQC-XWuoY_zn5WRZkDP7d171pqHXWEDiZe1qrA4kh85IEbw9Q==
Age: 2665
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5631
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:47:47 GMT
Last-Modified: Sun, 18 Sep 2022 16:13:57 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pedxiPCd4tP5VAP9oHIQGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 3VKPjhg5Uf1whbOj34VaLliztEk=
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11449
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 17:47:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11449
Expires: Sun, 18 Sep 2022 20:58:37 GMT
Date: Sun, 18 Sep 2022 17:47:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 72277
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 37893
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 71927
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f2e5759fd404a039955868b121bbd075
04fb3179255ba5ec897ffc4581966945cc9fe2ca
42623d1a0f52682db915b075a894d8cd18f2b53efc7815304b0304841536cf35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fa6db45-871c-41e1-be1d-bc188fa9419b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8005
x-amzn-requestid: 2ce67f7f-9a03-4f4d-b06c-ec0de59c2854
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KhH9PoAMFh2w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d76-6aeeee3217540c5863913912;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:46 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hHE8PD-PBif2YjztVe4A08wILChFqRvVUrJD-XScWKENd8X0_jornw==
via: 1.1 ca66331b52971370c4e54619e8a952cc.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:11:46 GMT
age: 70562
etag: "04fb3179255ba5ec897ffc4581966945cc9fe2ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 36575
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 43123
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/
54.36.167.15200 OK 30 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/
IP 54.36.167.15:0
File type HTML document, ASCII text, with very long lines (65524), with CRLF line terminators
Hash 589e182e9363f51f71d92eb690fc7c75
937d5e1bc337285038efba69b6832822dbb67bb4
6e426009a384ae4d3efa299ced7f7f27146d2276969312a569bd89ef4fee2f47
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/ HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 10 Aug 2022 05:01:12 GMT
accept-ranges: bytes
cache-control: max-age=0, no-cache, must-revalidate
expires: Mon, 18 Sep 2023 17:47:46 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 29611
content-type: text/html
date: Sun, 18 Sep 2022 17:47:46 GMT
server: Apache
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
104.17.24.14200 OK 6.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.0/umd/popper.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (20322)
Hash df9fe6d48e380554eb0ec9687bed3246
207263d754220200c1916edfbda262f62223ecf5
91d57502b7260e6752c2b5f1636d77707929fa9f09da28589691e61816a448f9
GET /ajax/libs/popper.js/1.14.0/umd/popper.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 6458
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03fa9-500f"
last-modified: Mon, 04 May 2020 16:15:37 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 6566516
expires: Fri, 08 Sep 2023 17:47:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sWBQXbmLh4oTcwMJkhlG6cnvRLqf1cg2bALuTC1y%2FYFeGQ909zhkb4HpP7M3%2FEgb8PhiW4JbLxzDYTRVcpFLNqiIdLmEt%2FqdzfuNTTcg%2FtpLgGv%2BCbdHfsOExCcBUBlb06VIJmSD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cbe8b54d4eb506-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4722
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:47:49 GMT
Last-Modified: Sun, 18 Sep 2022 16:29:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
104.17.24.14200 OK 4.5 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery.mask/1.14.10/jquery.mask.js
IP 104.17.24.14:0
Hash e40e054c5726f042bad463e3774a2777
5c9413b72837a440b327444104830c35ae3b052c
fcc8a86d2e89e8fbe9815d50c23bf205191ab8a6c0bec67358cd975d94283ff8
GET /ajax/libs/jquery.mask/1.14.10/jquery.mask.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:49 GMT
content-type: application/javascript; charset=utf-8
content-length: 4517
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec3-4e98"
last-modified: Mon, 04 May 2020 16:11:47 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 2238455
expires: Fri, 08 Sep 2023 17:47:49 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KZ344BSj0lm5NY51rZ2k48vGBMr3eMHIxGhDgBpuwpvak6JXYPmKRZ8iKXt99jvVSSx%2BanHzdRxv0x%2Fm1%2FqEQQIe896zKFqllBALgWuKb%2BAI2R73UInlNP7Larokg6XCLeeq5DG8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74cbe8b559c60b39-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.3.1.slim.min.js
69.16.175.10200 OK 24 kB URL HTTP/2 code.jquery.com/jquery-3.3.1.slim.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (65247)
Hash 0f2e7d37e730fdbb1d8a1e8638529ecb
c21d16978a858baa75be15cb7e799ff000929429
cc938c08b93e67c94c68995709f52133c62cac78991f42058503b9c3d9e4b0b0
GET /jquery-3.3.1.slim.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:49 GMT
content-encoding: gzip
content-length: 24038
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-1111d"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663523269.dop222.sk1.t,1663523269.cds250.sk1.hn,1663523269.cds230.sk1.c
X-Firefox-Spdy: h2
code.jquery.com/jquery-3.2.1.min.js
69.16.175.10200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-3.2.1.min.js
IP 69.16.175.10:0
File type ASCII text, with very long lines (32058)
Hash 148f8d3ffd9cc02048c5f4d1cc83c407
9f2b89cfd151be6a29b4d43ad64d164fb8471046
4dc681da48ba2b417e613e8e027ff5322963c3a3697a8ba97973cfefb48def5e
GET /jquery-3.2.1.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:49 GMT
content-encoding: gzip
content-length: 30125
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-15283"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1663523269.dop206.sk1.t,1663523269.cds067.sk1.hn,1663523269.cds222.sk1.c
X-Firefox-Spdy: h2
ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
152.199.19.160200 OK 30 kB URL HTTP/2 ajax.aspnetcdn.com/ajax/jQuery/jquery-3.3.1.min.js
IP 152.199.19.160:0
File type ASCII text, with very long lines (65451)
Hash a263be51483c81a54aa8c85104a93e55
555a54a73531c553bd2aede6abc25c128b63312e
b2f13ad730928958c09d89e6e32bb6a227c0260d032a39ca464d998a59e57a66
GET /ajax/jQuery/jquery-3.3.1.min.js HTTP/1.1
Host: ajax.aspnetcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
age: 16524765
cache-control: public,max-age=31536000
content-type: application/javascript
date: Sun, 18 Sep 2022 17:47:50 GMT
etag: "80288516b793d31:0"
last-modified: Mon, 22 Jan 2018 19:27:49 GMT
server: ECAcc (ska/F7A8)
timing-allow-origin: *
vary: Accept-Encoding
x-cache: HIT
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 30394
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 79da12dae749265939e664deb99ade07
351fb2db4580538199435a25f35d05391a1d099e
497f79ac28fb06eb6893906347eab650379a06a2c3a1855c6196f5e8d2b36498
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "497F79AC28FB06EB6893906347EAB650379A06A2C3A1855C6196F5E8D2B36498"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Content-Length: 1586
Cache-Control: public, no-transform, must-revalidate, max-age=2348
Expires: Sun, 18 Sep 2022 18:26:58 GMT
Date: Sun, 18 Sep 2022 17:47:50 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4723
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 17:47:50 GMT
Last-Modified: Sun, 18 Sep 2022 16:29:07 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 279
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/css.css
54.36.167.15200 OK 527 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/css.css
IP 54.36.167.15:0
File type ASCII text, with CRLF line terminators
Hash 215d4e8577a9ab5aee8aa086c72c284e
e406feaa8d7e14725b0e2ea227a3fdffc44fdb52
e036e147b255ff9de1569c8cf164d5afc600a3598160ec39b6edf7cfe347c61e
GET /mylccu.com/review/Construction/Important/Security/Information/css.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:12 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 527
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-components.shim.mobile.min.css
54.36.167.15200 OK 494 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-components.shim.mobile.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (687)
Hash 28bfa06c6a390a973902cc8bb11b20d6
5020355d68009f138934eb4a93519f4d5d36d51d
c499e2b9c76be6c09b51e24cf76a69f7f59675df0d2798b0a7f4f7dab5245efc
GET /mylccu.com/review/Construction/Important/Security/Information/iris-components.shim.mobile.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 494
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/jquery-ui.min.css
54.36.167.15200 OK 5.6 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/jquery-ui.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (27086), with CRLF line terminators
Hash 4f89377a9d16b5f8c023d580cc9f6121
d0ba806f0f48eff3d9e623f921e3a681ca77a9b7
318e5d31345ac79bb87fce082a935676545ded3214b90ab773bf57e1b65fa4c9
GET /mylccu.com/review/Construction/Important/Security/Information/jquery-ui.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:26 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 5626
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min.css
54.36.167.15200 OK 6.9 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (50964)
Hash 5ab74e84a7c106307a6ba805eed419a5
22585e41bce2d3cd35b1735af4e2df158bce453f
35668ed14b9da800050255a70109f7eb8611d57eff01a7455dd8181ce0ae7bd5
GET /mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:18 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6891
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/base.min.css
54.36.167.15200 OK 715 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/base.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (2160), with CRLF line terminators
Hash 6eacca7882b9c0249de983ce346034f4
2afeab8ca45eeaef55c27fcdfd1fb488a19385c6
cc29e9c05b5c7dbac095cf74f0f281a9965035725998628931235f6f2f856af0
GET /mylccu.com/review/Construction/Important/Security/Information/base.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:10 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 715
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/isotope.min.css
54.36.167.15200 OK 2.7 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/isotope.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (5685), with CRLF line terminators
Hash 0a2fa2b2d9f806918527ad9fa6032d9d
def942b34f12324b850f8a9686d725d7513ba5c5
1d275bfabc51cca107f61dd367a22962a58b0f02abb807edd613c1536a9330e7
GET /mylccu.com/review/Construction/Important/Security/Information/isotope.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 2672
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min-1.css
54.36.167.15200 OK 6.9 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min-1.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (50964)
Hash 5eb572151ab479be4da31182165f5728
a46fdde453464974c6bc23a083aaf34284184c6c
6abe1a7209b6d19e67b313308fdfc46207082da1898aba03e625e43716402953
GET /mylccu.com/review/Construction/Important/Security/Information/iris-foundation.min-1.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 6887
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-components.min.css
54.36.167.15200 OK 18 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris-components.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (65309)
Hash bb87c34915398060faa71a6c5a9ff541
53602fe71c3b278561795048fa1c8d1669bd2a96
9a81f6a95c12196c340f74f9fcb889ef00a3c1e54b7973164da9f257a6f1a391
GET /mylccu.com/review/Construction/Important/Security/Information/iris-components.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:22 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 18515
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris.shim.mobile.min.css
54.36.167.15200 OK 295 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris.shim.mobile.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (557)
Hash 9f7f099786e6d33fca0425406516467f
a9e12ef8c450ee96c6429d0189ec1645d3fa3073
16c09e22c4052d26724b6ce6e998344e03d77b0ef8c98d11c18b3923a11721f3
GET /mylccu.com/review/Construction/Important/Security/Information/iris.shim.mobile.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:20 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 295
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris.android.min.css
54.36.167.15200 OK 14 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/iris.android.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash a5d3117e13bfdf675ce1ce0200a4ce52
a3e48b79632ff3b4121732f12d9d3f1ec9bddeb2
b20a122a443d378f01eb7847405a01e55e73fc0fb7bf914dce367859c17d2a2a
GET /mylccu.com/review/Construction/Important/Security/Information/iris.android.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:24 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 13503
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/style.css
54.36.167.15200 OK 219 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/style.css
IP 54.36.167.15:0
File type ASCII text, with CRLF line terminators
Hash 7240cd696e83764a97dce3dfd188ddf3
f7c916322f2bc305163bccf9f7664c9ce55eae1b
481b1416b7b3e0e6a47254c071096cdf146275781a53151b4f86f606ea4164a9
GET /mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/style.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Tue, 16 Nov 2021 08:01:14 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 219
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/theme.mobile.min.css
54.36.167.15200 OK 21 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/theme.mobile.min.css
IP 54.36.167.15:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 2ed0df8201b8cf49c125c7fc4f747d2d
3d8fa031b3509c25355667324319ebb7a77a2b25
666de63bfc7214304c7b786e4d5f55dddc173d0593b11051785c2466c7f168c7
GET /mylccu.com/review/Construction/Important/Security/Information/theme.mobile.min.css HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Wed, 27 Jul 2022 11:01:40 GMT
accept-ranges: bytes
cache-control: max-age=31536000, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 20935
content-type: text/css
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/loading.gif
54.36.167.15200 OK 22 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/loading.gif
IP 54.36.167.15:0
File type GIF image data, version 89a, 200 x 200\012- data
Hash 718ca95fba9980e208f4457955fcc10d
9e5632b0e3309b4f48582641cc3c33e00bd9e58f
8ccb75da2bdf013e539250c1763fbd75c567844791759dbac11833cc3809d689
GET /mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/loading.gif HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sat, 11 Aug 2018 07:03:52 GMT
accept-ranges: bytes
cache-control: max-age=2592000, public
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 22188
content-type: image/gif
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/actions.js
54.36.167.15200 OK 504 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/actions.js
IP 54.36.167.15:0
File type ASCII text, with CRLF line terminators
Hash a929d6eebf69eaec9a46285c50f74994
2e42a8ba54ef0fdd2c59252cb9912516d6de1d7c
9d670b99192b4af1f0e339ab729d0a4700055d254f3d18f6f2b44ef76dca3eea
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/DreamHomes/BuildIt/BuyIt/BetterIt/actions.js HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Tue, 16 Nov 2021 07:48:10 GMT
accept-ranges: bytes
cache-control: max-age=1209600, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 504
content-type: application/javascript
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/app-store-badge.svg
54.36.167.15200 OK 4.1 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/app-store-badge.svg
IP 54.36.167.15:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1356), with CRLF line terminators
Hash 3bf79417fce64c0ffe13a4c1d2bac544
b755471d3e203c266b44951691de719ca79ede59
1e51df9dc27cfc47ed90c7f2132f9955f512afd9e20398a713c6ed19aa2d778d
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/Construction/Important/Security/Information/app-store-badge.svg HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:18 GMT
accept-ranges: bytes
cache-control: max-age=2592000, public
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 4086
content-type: image/svg+xml
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
assets.orb.alkamitech.com/production/icons/IdahoCentral/font/font-icons.css
143.204.55.110200 OK 8.5 kB URL HTTP/2 assets.orb.alkamitech.com/production/icons/IdahoCentral/font/font-icons.css
IP 143.204.55.110:0
File type ASCII text, with CRLF line terminators
Hash 1c28ae91d114e3499306cbb73a0cf082
3e7a2e878baa1e097a9699708b2e74ad4da4cdf1
5e48db38fa71a9041dc0a2bf689c6a52e4040f19673a8ec5eb68b9213b81e07a
GET /production/icons/IdahoCentral/font/font-icons.css HTTP/1.1
Host: assets.orb.alkamitech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
content-length: 8497
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:54:34 GMT
x-amz-server-side-encryption: AES256
content-encoding: gzip
x-amz-version-id: qv4zgBGFP50K.A4MByiQXfVJR_oFy3ck
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 17:47:51 GMT
cache-control: max-age=630720000, no-cache, no-transform, public
expires: Mon, 25 Aug 2042 21:53:41 GMT
etag: "1c28ae91d114e3499306cbb73a0cf082"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: F4G6DfWXFwFcv3u6zlKilejQwfELIEw7jCDuh0_0XScEMknAnqBQSQ==
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/google-play-badge.svg
54.36.167.15200 OK 3.6 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/google-play-badge.svg
IP 54.36.167.15:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 7680cc0dce33171a9e3888fb5dcf1674
a79b6b935d30d4549c1f4323fae5169d536fe139
4b4b64ed89b543a0d4d35722f70d83a75dd24b960f4814eb291edf2504f5bc89
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/Construction/Important/Security/Information/google-play-badge.svg HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:18 GMT
accept-ranges: bytes
cache-control: max-age=2592000, public
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 3600
content-type: image/svg+xml
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash 7d015d8c9ace1eb906f2dbe576779c4d
da7f15563997965a0b30d7e0f9921eeb3bf447a7
c5dd448d40645982e32fe76761e34bbc0f71218c38a9c97f4930fc02700dc153
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "C5DD448D40645982E32FE76761E34BBC0F71218C38A9C97F4930FC02700DC153"
Last-Modified: Sun, 18 Sep 2022 11:00:00 UTC
Content-Length: 1588
Cache-Control: public, no-transform, must-revalidate, max-age=2076
Expires: Sun, 18 Sep 2022 18:22:26 GMT
Date: Sun, 18 Sep 2022 17:47:50 GMT
Connection: keep-alive
ocsp.entrust.net/
104.110.10.32200 OK 1.6 kB IP 104.110.10.32:0
Hash b8900a21031d4944985e543a503027fd
9cc680ec4e3a06693d4c61df58142131c37ab607
f754b2c72d17f804f9dc88884a10ebab075f130ffb47afd3899620c659d2b653
POST / HTTP/1.1
Host: ocsp.entrust.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
ETag: "F754B2C72D17F804F9DC88884A10EBAB075F130FFB47AFD3899620C659D2B653"
Last-Modified: Sun, 18 Sep 2022 09:00:00 UTC
Content-Length: 1585
Cache-Control: public, no-transform, must-revalidate, max-age=3547
Expires: Sun, 18 Sep 2022 18:46:57 GMT
Date: Sun, 18 Sep 2022 17:47:50 GMT
Connection: keep-alive
assets.orb.alkamitech.com/production/icons/IdahoCentral/font/Alkami.woff2
143.204.55.110200 OK 42 kB URL HTTP/2 assets.orb.alkamitech.com/production/icons/IdahoCentral/font/Alkami.woff2
IP 143.204.55.110:0
File type Web Open Font Format (Version 2), TrueType, length 42192, version 1.0\012- data
Hash 68a1c6b8524583dc37cdc2a6a8698a99
6c4c2bc1f57f2e7a09a941f8c49eeeac461192c9
129e2475b6e501d5d3b00edffc78aca22aaf0342132e84687a8e7e9c2861ae9f
GET /production/icons/IdahoCentral/font/Alkami.woff2 HTTP/1.1
Host: assets.orb.alkamitech.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://assets.orb.alkamitech.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: font/woff2
content-length: 42225
date: Sun, 18 Sep 2022 17:47:52 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Tue, 30 Aug 2022 21:54:34 GMT
etag: "68a1c6b8524583dc37cdc2a6a8698a99"
x-amz-server-side-encryption: AES256
cache-control: max-age=630720000, no-cache, no-transform, public
content-encoding: gzip
expires: Mon, 25 Aug 2042 21:53:41 GMT
x-amz-version-id: 4.XeR2ogf8OnI8RmBceTwl32vowVdzIZ
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: HZedr0K1eHrTOHqj2myQjPrYW476dtA0o5Rbufwf7KstYuty7gpJMQ==
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash a397bd4ccc31a5f9a3a103f550706fdf
ce59cca864a6801676ec9137bbf2dfc2399c61e1
26891e4d57a89044512be6d0a00f0558a0ce6f25ac85c67b001933896a04fb52
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 18 Sep 2022 17:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 17 Sep 2022 21:17:23 GMT
Expires: Sun, 18 Sep 2022 21:17:23 GMT
ETag: "ce59cca864a6801676ec9137bbf2dfc2399c61e1"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
myebranch.iccu.com/Image/MobileLogo
104.18.218.35200 OK 6.9 kB URL HTTP/2 myebranch.iccu.com/Image/MobileLogo
IP 104.18.218.35:0
File type PNG image data, 285 x 132, 8-bit/color RGBA, non-interlaced\012- data
Hash 793de00c2e5c94dfe4d879e33f78ef40
1fbca0c5c7261136ba2dcbf11b98c975d442e8f0
2dc417c13f956f7a5f91634d4629bcc1492ac237ba8839f8513227ae02b510d2
GET /Image/MobileLogo HTTP/1.1
Host: myebranch.iccu.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:51 GMT
content-type: image/png
content-length: 6884
cache-control: private, max-age=604800, s-maxage=0
expires: Sun, 25 Sep 2022 17:47:51 GMT
last-modified: Sun, 18 Sep 2022 17:47:51 GMT
x-content-type-options: nosniff
x-robots-tag: none
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-svr: WEB1650215
x-frame-options: SAMEORIGIN
cf-cache-status: DYNAMIC
cf-request-id: 13f34fc8a90000b509c000b000000001
set-cookie: PackageAssignment=; path=/; secure; HttpOnly; SameSite=Strict
PackageAssignment=; path=/; secure; HttpOnly; SameSite=Strict
ob_sess=RDBGRjUxQkFFRTg2QjJCMkU3MTRDRkE3ODg1MTQxNzUwYjFjZGY3ZjNmYTBmZDNjYjVkM2JlNjU=; path=/; secure; HttpOnly; SameSite=Strict
__cf_bm=W4KqubYMDYF7wVLWPb1YNCOM89aLSCWhPDFUTX3HNTE-1663523271-0-ASAZC6l6fCqzfpGBpkToTpZX8qr6SAxo5MXgy9fObOufpxJNC/RvWQzNME4shwPXr9tBI6CAMX/HkorLTZRTh1s=; path=/; expires=Sun, 18-Sep-22 18:17:51 GMT; domain=.iccu.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 74cbe8ba9c76b509-OSL
X-Firefox-Spdy: h2
wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
52.141.217.134200 OK 898 B URL HTTP/2 wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (898), with no line terminators
Hash bd345d9dbd40a67f89e0e9a96895db88
7246553a905d8fd5c75705ed2a9fc862b117bc69
d9f14bb3fc9cc26f7f026b2823d4db1311c587095db86c35313c9182758d310f
POST /client/v3.1/web/wup?cid=attina HTTP/1.1
Host: wup-1ca8ebd0.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 172
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 898
date: Sun, 18 Sep 2022 17:47:51 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: cca15622-3a49-4fae-94c9-f4a4c4719bcd
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
54.230.111.46200 OK 221 B URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
IP 54.230.111.46:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sat, 17 Sep 2022 18:39:10 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K2ksM2cxUQRWtBIX3Op52I7YtUSWEfwDgSvgCK0ct2U1dHwyGERqxg==
age: 83322
X-Firefox-Spdy: h2
1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.46200 OK 3.2 kB URL HTTP/2 1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.46:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.b406929acabac9b095f124c81bdfcf57f.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.b406929acabac9b095f124c81bdfcf57f.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 11:57:34 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PJe2wNAhVXEPDI1NNNstIkxMGv2kgLsbVPeP4Tj1ZcWk_qg8KtI8QA==
age: 21018
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash c35cca83e0d2911f4dda1a2ff29e30d5
f1e0e98e9e0ceca3d4cbdec3229cb641c37de3f5
403545575ecce1b49859c8d91e460fd10695d04dcc98ac4293b5e578db0de881
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 17:47:51 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 00:17:22 GMT
Expires: Sun, 25 Sep 2022 00:17:21 GMT
Etag: "f1e0e98e9e0ceca3d4cbdec3229cb641c37de3f5"
Cache-Control: max-age=541169,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74cbe8bf8ce4b506-OSL
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
54.230.111.22200 OK 221 B URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
IP 54.230.111.22:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 06:43:55 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0R-awzQkyq_KJHVBwQW67n6MUP_vR2P3tPyE92i-7dG4TbDCkW7JbA==
age: 39837
X-Firefox-Spdy: h2
stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
104.18.11.207200 OK 15 kB URL HTTP/2 stackpath.bootstrapcdn.com/bootstrap/4.1.0/js/bootstrap.min.js
IP 104.18.11.207:0
File type ASCII text, with very long lines (50395)
Hash dbedfd453dde49fa0c27577d7a89e2be
f4769b1d47b031f518633e6ef5882d0f156185c2
064495f830fbb3d1fbb7a044e2387a9bb76ac149066f4d529f85183344a4b961
GET /bootstrap/4.1.0/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 17:47:50 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
etag: W/"ce6e785579ae4cb555c9de311d1b9271"
last-modified: Mon, 25 Jan 2021 22:04:05 GMT
cdn-cachedat: 08/20/2022 03:07:07
cdn-proxyver: 1.02
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 601
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: 11731bf562ecb898eb9a6c9fc449f146
cdn-cache: HIT
cf-cache-status: HIT
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74cbe8b57c4e0b65-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
54.230.111.64200 OK 221 B URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
IP 54.230.111.64:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 21e34cf6a03f570df49e212018a567d0
f0be4058936850ae0163f5137600d14b6632bbb3
0a23512ea579554af1f2614d6dea6120d38660028fc7624c71a978478fae0eb6
GET /scripts/prod/crossdomain.html HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 221
date: Sat, 17 Sep 2022 21:30:31 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "21e34cf6a03f570df49e212018a567d0"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UwdBa2bCOyTx_A2I5ZsXVuP3IHyvReUnYzY2hzmPoNwpg60rhgDe1Q==
age: 73041
X-Firefox-Spdy: h2
1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.22200 OK 3.2 kB URL HTTP/2 1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.22:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.a79ab95c1589a13f8a4cab612bc71f9f7.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.a79ab95c1589a13f8a4cab612bc71f9f7.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
date: Sat, 17 Sep 2022 23:11:59 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: guQFWjFaNKyGmZvyUBSmfc_dZT1P7HCOstB5DQ0MXDIpPls343YOhg==
age: 66953
X-Firefox-Spdy: h2
1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
54.230.111.64200 OK 3.2 kB URL HTTP/2 1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js
IP 54.230.111.64:0
File type ASCII text, with very long lines (3227), with no line terminators
Hash 9ee48a4da9c402e8a23ad085fb71f28f
f0c59306d6313f9bee02b53ca8903991bd24bfd7
9cdad69a4b967c882c3d8e9cb054e7334b7f8870e96427a5d20ae2d17eff2622
GET /scripts/prod/crossdomain2.12.0.5273.b96c35cc.min.js HTTP/1.1
Host: 1.c81358859121583b7adf2ace89cb39f44.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://1.c81358859121583b7adf2ace89cb39f44.com/scripts/prod/crossdomain.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3227
date: Sun, 18 Sep 2022 11:57:34 GMT
last-modified: Tue, 13 Oct 2020 12:04:25 GMT
etag: "9ee48a4da9c402e8a23ad085fb71f28f"
x-amz-version-id: null
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QA5vQ3b7-lT8_sDvXg9VfnkeHla4CbreZR8jdFf2h6Y5PT2bISljfw==
age: 21018
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/android-chrome-192x192.png
54.36.167.15200 OK 1.4 kB URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/android-chrome-192x192.png
IP 54.36.167.15:0
File type PNG image data, 192 x 192, 8-bit colormap, non-interlaced\012- data
Hash fd0ba9a3401d026da85268012712288b
aeb95b2cdd764eff2888bb46dd0b1f6806f07db9
512eb0eee261a78079935e2e37dfd9f6b4d1198652806fb6251b74b9845b1f27
GET /mylccu.com/review/Construction/Important/Security/Information/android-chrome-192x192.png HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Cookie: cdContextId=1; bmuid=1663523252040-BDC56C1B-9D50-43FA-A28A-9B504355182C; cdSNum=1663523271334-sjn0000582-f8d58dd2-cb0b-4204-801a-d95bfe48db2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:20 GMT
accept-ranges: bytes
cache-control: max-age=1209600, public
expires: Mon, 18 Sep 2023 17:47:51 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 1396
content-type: image/png
date: Sun, 18 Sep 2022 17:47:51 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/favicon-16x16.png
54.36.167.15200 OK 407 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/favicon-16x16.png
IP 54.36.167.15:0
File type PNG image data, 16 x 16, 8-bit colormap, non-interlaced\012- data
Hash 9f02762db52b9552b117c9fe575a895f
f4a260c7f6ce9b831841c468c4b1a4d466360de5
aec2deed2e9c377f5f6c80a57b1a9f0212c7ea443ded25a262be61ff492acf0f
GET /mylccu.com/review/Construction/Important/Security/Information/favicon-16x16.png HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Cookie: cdContextId=1; bmuid=1663523252040-BDC56C1B-9D50-43FA-A28A-9B504355182C; cdSNum=1663523271334-sjn0000582-f8d58dd2-cb0b-4204-801a-d95bfe48db2d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:20 GMT
accept-ranges: bytes
cache-control: max-age=1209600, public
expires: Mon, 18 Sep 2023 17:47:51 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 407
content-type: image/png
date: Sun, 18 Sep 2022 17:47:51 GMT
server: Apache
X-Firefox-Spdy: h2
wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
52.141.217.134200 OK 557 B URL HTTP/2 wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (557), with no line terminators
Hash 50cfa95f947392643c5d4c76576fae90
175a971082b48ee8512cd063587c6619fdc06380
7362fc86b89de6920d77c05c53cfe9590a9e06f588e63b9dd6cd68f6fd165b1b
POST /client/v3.1/web/wup?cid=attina HTTP/1.1
Host: wup-1ca8ebd0.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 2118
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 557
date: Sun, 18 Sep 2022 17:47:52 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: b96e52c2-edef-4866-be03-998976f119ce
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
52.141.217.134200 OK 557 B URL HTTP/2 wup-1ca8ebd0.us.v2.we-stats.com/client/v3.1/web/wup?cid=attina
IP 52.141.217.134:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
File type JSON data\012- , ASCII text, with very long lines (557), with no line terminators
Hash f3256ffa904b7326440564318a22528d
604dff3708e84c66c132f96c31b736b08a373f20
996fcb6b4b6a5045c66b366c3372e017cacd5ab58c3fc2c291e34e1c2d4e7a92
POST /client/v3.1/web/wup?cid=attina HTTP/1.1
Host: wup-1ca8ebd0.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1190
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json
content-length: 557
date: Sun, 18 Sep 2022 17:47:52 GMT
server: uvicorn
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: no-cache, no-store
pragma: no-cache
tail-id: a3930a78-5dfd-4b2b-8ff0-9c5876e059f5
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
log-1ca8ebd0.us.v2.we-stats.com/api/v1/sendLogs?cid=attina&cdsnum=1663523271334-sjn0000582-f8d58dd2-cb0b-4204-801a-d95bfe48db2d&csid=null&ds=js&sdkVer=2.21.1.702.b35a966
52.238.253.184204 No Content 0 B URL HTTP/2 log-1ca8ebd0.us.v2.we-stats.com/api/v1/sendLogs?cid=attina&cdsnum=1663523271334-sjn0000582-f8d58dd2-cb0b-4204-801a-d95bfe48db2d&csid=null&ds=js&sdkVer=2.21.1.702.b35a966
IP 52.238.253.184:0
ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /api/v1/sendLogs?cid=attina&cdsnum=1663523271334-sjn0000582-f8d58dd2-cb0b-4204-801a-d95bfe48db2d&csid=null&ds=js&sdkVer=2.21.1.702.b35a966 HTTP/1.1
Host: log-1ca8ebd0.us.v2.we-stats.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1264
Origin: https://lgnaogaon.com
Connection: keep-alive
Referer: https://lgnaogaon.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 18 Sep 2022 17:47:54 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/1ca8ebd0.js
54.36.167.15200 OK 0 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/1ca8ebd0.js
IP 54.36.167.15:0
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/Construction/Important/Security/Information/1ca8ebd0.js HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
last-modified: Sun, 24 Jul 2022 14:40:26 GMT
accept-ranges: bytes
cache-control: max-age=1209600, private
expires: Mon, 18 Sep 2023 17:47:49 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-type: application/javascript
date: Sun, 18 Sep 2022 17:47:49 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/MobileLogo.png
54.36.167.15200 OK 0 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/MobileLogo.png
IP 54.36.167.15:0
GET /mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/MobileLogo.png HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/isotope.min.css
Cookie: cdContextId=1; bmuid=1663523252040-BDC56C1B-9D50-43FA-A28A-9B504355182C
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
cache-control: max-age=0, no-cache, must-revalidate
expires: Mon, 18 Sep 2023 17:47:50 GMT
vary: Accept-Encoding,User-Agent
content-encoding: gzip
content-length: 14931
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 17:47:50 GMT
server: Apache
X-Firefox-Spdy: h2
lgnaogaon.com/mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/KFOmCnqEu92Fr1Mu4mxK.woff2
54.36.167.15404 Not Found 0 B URL HTTP/2 lgnaogaon.com/mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 54.36.167.15:0
Analyzer Verdict Alert fortinet Phishing
GET /mylccu.com/review/About/ContactUs/BecomeAMember/CompanyProfile/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: lgnaogaon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://lgnaogaon.com/mylccu.com/review/Construction/Important/Security/Information/css.css
Cookie: cdContextId=1; bmuid=1663523252040-BDC56C1B-9D50-43FA-A28A-9B504355182C
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
expires: Wed, 11 Jan 1984 05:00:00 GMT
link: <https://lgnaogaon.com/wp-json/>; rel="https://api.w.org/"
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-permitted-cross-domain-policies: none
expect-ct: max-age=86400, enforce
public-key-pins: pin-sha256="base64+primary=="; pin-sha256="base64+backup=="; max-age=5184000; includeSubDomains
vary: Accept-Encoding,User-Agent
cache-control: no-cache, must-revalidate, max-age=0, max-age=0, no-cache, must-revalidate
content-type: text/html; charset=UTF-8
date: Sun, 18 Sep 2022 17:47:50 GMT
server: Apache
X-Firefox-Spdy: h2