urlquery - report: marially-watears.icu/0fa72e58-556d-41d6-8a9f-b3779d3cad0e

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-12-08 15:50:00 UTC	34.120.237.76
marially-watears.icu (1)	0	2019-11-11 08:42:34 UTC	2022-12-08 09:41:43 UTC	18.194.134.212	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-12-08 17:21:04 UTC	34.160.144.191
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-12-08 17:14:01 UTC	34.117.237.239
push.services.mozilla.com (1)	2140	2014-10-24 08:27:06 UTC	2022-12-08 17:20:00 UTC	54.200.107.47
metfonegw.dailytv.asia (1)	0	2022-06-03 13:49:00 UTC	2022-12-09 08:15:31 UTC	192.82.57.207	Unknown ranking
paymentgateway.metfone.com.kh (1)	0	2015-12-27 12:26:52 UTC	2022-12-09 08:15:39 UTC	36.37.242.74	Domain (metfone.com.kh) ranked at: 326418
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-12-08 17:12:06 UTC	23.36.76.226
firefox.settings.services.mozilla.com (2)	867	2020-05-25 20:06:39 UTC	2022-12-08 17:12:32 UTC	35.241.9.150
ad.dailytv.asia (1)	0	2019-04-20 05:22:02 UTC	2022-12-09 08:15:42 UTC	43.228.245.137	Unknown ranking
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-12-08 17:15:52 UTC	93.184.220.29
khmf.dailytv.asia (2)	0	2022-06-03 13:49:00 UTC	2022-12-09 08:15:33 UTC	43.228.245.36	Unknown ranking

Scan Date	Severity	Indicator	Comment
2022-12-09	2	marially-watears.icu/0fa72e58-556d-41d6-8a9f-b3779d3cad0e	Phishing

Date	UQ / IDS / BL	URL	IP
2023-02-05 20:57:27 +0000	0 - 1 - 0	www.webdozormobile.com/7c18d8e7-0cfd-47f2-86c (...)	18.194.134.212
2023-02-05 20:16:01 +0000	0 - 1 - 0	visors-airminal.com/71e2139e-a5b1-45ee-be9e-f (...)	18.194.134.212
2023-02-05 06:55:50 +0000	0 - 1 - 0	destoxic-aposted.icu/633d1f0a-034f-4193-bfe5- (...)	18.194.134.212
2023-02-05 03:44:55 +0000	0 - 0 - 1	go.rbitrax.com/2d1a8b1c-9eca-4e54-87e9-04ed01 (...)	18.194.134.212
2023-02-04 23:19:17 +0000	0 - 0 - 3	click.vtracker.live/621c1882-aafc-4cbd-8633-e (...)	18.194.134.212

Date	UQ / IDS / BL	URL	IP
2023-02-06 06:14:38 +0000	0 - 0 - 1	www.icrjournal.com/articles/cto-complications	3.8.105.200
2023-02-06 06:13:03 +0000	0 - 0 - 1	www.khaituanstore-vn.online/	3.0.76.150
2023-02-06 06:11:55 +0000	0 - 4 - 0	go-evnt91.duckdns.org/8fda3455ea0db62503d1a76 (...)	13.212.238.131
2023-02-06 06:04:20 +0000	0 - 0 - 2	cryptocoinfolio.com/	15.197.142.173
2023-02-06 06:03:56 +0000	0 - 0 - 2	www1.outllok.com/	75.2.73.197

Date	UQ / IDS / BL	URL	IP
2023-01-29 00:15:01 +0000	0 - 1 - 1	marially-watears.icu/88122290-6613-41c1-b183- (...)	18.194.134.212
2023-01-27 11:23:04 +0000	0 - 1 - 1	marially-watears.icu/7f572c43-ac40-4bcf-932a- (...)	18.194.134.212
2023-01-15 12:12:46 +0000	0 - 1 - 0	marially-watears.icu/90fd218e-b9dc-4372-af20- (...)	18.194.134.212
2023-01-12 15:01:40 +0000	0 - 1 - 1	marially-watears.icu/67786c45-9595-44f4-9c3a- (...)	18.194.134.212
2022-12-09 16:15:49 +0000	0 - 0 - 1	marially-watears.icu/77d31b0e-1485-4eed-945b- (...)	18.194.134.212

Date	UQ / IDS / BL	URL	IP
2023-02-06 06:18:43 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2005437d (...)	188.93.63.73
2023-02-06 06:18:32 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2005437d (...)	188.93.63.73
2023-02-06 06:18:30 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2005437d (...)	188.93.63.73
2023-02-06 06:18:25 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2005437d (...)	188.93.63.73
2023-02-06 06:17:42 +0000	0 - 1 - 0	pkg-store.dl.mail.ru/packages/shop/0_2005437d (...)	188.93.63.73

Request	Response
GET /0fa72e58-556d-41d6-8a9f-b3779d3cad0e HTTP/1.1 Host: marially-watears.icu User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: marially-watears.icu/0fa72e58-556d-41d6-8a9f-b3779d3cad0e FQDN: marially-watears.icu IP: 18.194.134.212 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 18.194.134.212 HTTP/1.1 302 Server: nginx Date: Fri, 09 Dec 2022 12:17:07 GMT Content-Length: 0 Connection: keep-alive Cache-Control: no-store, no-cache, pre-check=0, post-check=0 Expires: Thu, 01 Jan 1970 00:00:00 GMT Location: http://ad.dailytv.asia/ado/index/?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ Pragma: no-cache Set-Cookie: 0fa72e58-556d-41d6-8a9f-b3779d3cad0e-v4=YFVlRgCAzsc1YNIh5jsSdG-kqTCM5vVbSU3jA3vJkh8; Max-Age=86400; Expires=Sat, 10-Dec-2022 12:17:07 GMT; Domain=marially-watears.icu; Path=/; HttpOnly cc-v4=U%2BzUnoDka5Kv4mgbnnNrDNveTL3%2FmC%2FOrk0uOdrpm1XdqR%2BiN4CZaK0l6rEvaBPX%2BvW9QbymbOhpZMTaUsK0HgDwBmIWi3zc2bdKD7iUeZDX1joe6ybCamveDm2QZ8XHQL%2FWtDmDI38kLNj7vuMqdw%3D%3D; Max-Age=31536000; Expires=Sat, 09-Dec-2023 12:17:07 GMT; Domain=marially-watears.icu; Path=/; HttpOnly --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3724 Expires: Fri, 09 Dec 2022 13:19:12 GMT Date: Fri, 09 Dec 2022 12:17:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f2acd891dc6eb1f09f57a2b086791781 Sha1: 1e2088306501a61edcca1ade62c4d54f23b3b083 Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10246 Expires: Fri, 09 Dec 2022 15:07:54 GMT Date: Fri, 09 Dec 2022 12:17:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: aea93551fa9deb76ae49a3b4019d64fe Sha1: e3b8862057ebe839959228e42246d7b1807fc90c Sha256: 7e210f03b140418085e94ec20c1d27d6ecf7a404cbd323e16476ae5ae95d6dac
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Fri, 09 Dec 2022 12:08:18 GMT age: 530 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 14cd9a0afb6ba9a763651d5112760d1e Sha1: 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA" Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=13557 Expires: Fri, 09 Dec 2022 16:03:05 GMT Date: Fri, 09 Dec 2022 12:17:08 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 4ee537977be9c03702f8ffe0025bf1fe Sha1: 21637881c4aa34c4add703f8bff4eff573159f45 Sha256: 4819229fd8f502a0c68c80bd7409e104c1b4d1a98ca8a6cd9deba629b1511aea
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: tYJkZUvRUb0iRmsVB7AQ6OAimqGL6rNY0JfalbnQBWj+KPd9HLvDBYeDJ3cmPXLxYcQ5TQZQRA/syNLA3mL67A== x-amz-request-id: S12000ZME92HEFM7 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Fri, 09 Dec 2022 11:48:19 GMT age: 1729 last-modified: Wed, 30 Nov 2022 10:06:34 GMT etag: "53341dea33f4f3d9b4966f80589f429a" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 53341dea33f4f3d9b4966f80589f429a Sha1: 20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Fri, 09 Dec 2022 12:17:08 GMT content-length: 12 vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type access-control-allow-credentials: true strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /ado/index/?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ HTTP/1.1 Host: ad.dailytv.asia User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: ad.dailytv.asia/ado/index/?aid=bts&transaction_id=APAZ0 (...) FQDN: ad.dailytv.asia IP: 43.228.245.137 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 43.228.245.137 HTTP/1.1 307 Temporary Redirect Content-Type: text/html; charset=UTF-8 Server: nginx/1.10.3 (Ubuntu) Date: Fri, 09 Dec 2022 12:17:08 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: ci_session=7109dr3ffe9lt3notlnhmg9bpm4j0vgh; expires=Fri, 09-Dec-2022 14:17:08 GMT; Max-Age=7200; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache Location: http://khmf.dailytv.asia/ado/index?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 35.241.9.150 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 35.241.9.150 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Expires, Last-Modified, ETag, Cache-Control, Alert, Content-Length, Pragma, Content-Type, Retry-After, Backoff content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Fri, 09 Dec 2022 12:07:55 GMT age: 553 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 877 Cache-Control: max-age=162264 Date: Fri, 09 Dec 2022 12:17:08 GMT Etag: "6392faaf-1d7" Expires: Sun, 11 Dec 2022 09:21:32 GMT Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT Server: ECS (ska/F70B) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: e6be4d2155028ffff5d01ab6e7edf6da Sha1: 07172071b5cf43c4cd7d7930b4ad8518ec1e32e9 Sha256: 4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38
GET /ado/index?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ HTTP/1.1 Host: khmf.dailytv.asia User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: khmf.dailytv.asia/ado/index?aid=bts&transaction_id=APAZ (...) FQDN: khmf.dailytv.asia IP: 43.228.245.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 43.228.245.36 HTTP/1.1 307 Temporary Redirect Content-Type: text/html; charset=UTF-8 Server: nginx/1.14.0 (Ubuntu) Date: Fri, 09 Dec 2022 12:17:08 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: ci_session=gtj31349jvio67o2ajtobc3eia6ocpss; expires=Fri, 09-Dec-2022 14:17:08 GMT; Max-Age=7200; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://khmf.dailytv.asia/auth/he?callback_url=http%253A%252F%252Fkhmf.dailytv.asia%252Fado%252Findex%253Faid%253Dbts%2526transaction_id%253DAPAZ02_wvkdml1ohp0vj42li0cr3u9e%2526affiliate_id%253D0fa72e58-556d-41d6-8a9f-b3779d3cad0e_%2526iamback%253D1 Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: 6TEqjgn9zDfFYbgj3+7enQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 54.200.107.47 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.200.107.47 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: BxlZy2vOdi7nasmEk0N6HCo9p9E= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /auth/he?callback_url=http%253A%252F%252Fkhmf.dailytv.asia%252Fado%252Findex%253Faid%253Dbts%2526transaction_id%253DAPAZ02_wvkdml1ohp0vj42li0cr3u9e%2526affiliate_id%253D0fa72e58-556d-41d6-8a9f-b3779d3cad0e_%2526iamback%253D1 HTTP/1.1 Host: khmf.dailytv.asia User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: ci_session=gtj31349jvio67o2ajtobc3eia6ocpss Upgrade-Insecure-Requests: 1	URL: khmf.dailytv.asia/auth/he?callback_url=http%253A%252F%2 (...) FQDN: khmf.dailytv.asia IP: 43.228.245.36 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 43.228.245.36 HTTP/1.1 307 Temporary Redirect Content-Type: text/html; charset=UTF-8 Server: nginx/1.14.0 (Ubuntu) Date: Fri, 09 Dec 2022 12:17:09 GMT Transfer-Encoding: chunked Connection: keep-alive Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://metfonegw.dailytv.asia/metfone/bmg/index.php?m=bill&c=ReqHE&serviceId=4101&price=0&phoneNum=&operator=MF&operation_ref=he_16705882291486&aKeyword=SUB&sKeyword=SM&url=http%3A%2F%2Fkhmf.dailytv.asia%2Fauth%2Fhe%3Fcallback_url%3Dhttp%253A%252F%252Fkhmf.dailytv.asia%252Fado%252Findex%253Faid%253Dbts%2526transaction_id%253DAPAZ02_wvkdml1ohp0vj42li0cr3u9e%2526affiliate_id%253D0fa72e58-556d-41d6-8a9f-b3779d3cad0e_%2526iamback%253D1&sTEnvironment=production Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET, POST, OPTIONS Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range Access-Control-Expose-Headers: Content-Length,Content-Range --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /metfone/bmg/index.php?m=bill&c=ReqHE&serviceId=4101&price=0&phoneNum=&operator=MF&operation_ref=he_16705882291486&aKeyword=SUB&sKeyword=SM&url=http%3A%2F%2Fkhmf.dailytv.asia%2Fauth%2Fhe%3Fcallback_url%3Dhttp%253A%252F%252Fkhmf.dailytv.asia%252Fado%252Findex%253Faid%253Dbts%2526transaction_id%253DAPAZ02_wvkdml1ohp0vj42li0cr3u9e%2526affiliate_id%253D0fa72e58-556d-41d6-8a9f-b3779d3cad0e_%2526iamback%253D1&sTEnvironment=production HTTP/1.1 Host: metfonegw.dailytv.asia User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: metfonegw.dailytv.asia/metfone/bmg/index.php?m=bill&c=R (...) FQDN: metfonegw.dailytv.asia IP: 192.82.57.207 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 192.82.57.207 HTTP/1.1 302 Moved Temporarily Content-Type: text/html; charset=UTF-8 Server: nginx/1.10.3 (Ubuntu) Date: Fri, 09 Dec 2022 12:17:09 GMT Transfer-Encoding: chunked Connection: keep-alive Set-Cookie: PHPSESSID=pmn3fd7grfvhj0esnkbgg1tf86; path=/ Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://paymentgateway.metfone.com.kh/MPS/mobile.html?PRO=Cam3boss&SUB=Cam3boss_DailyTV_Supermodel&SER=Cam3boss_DailyTV&DATA=XdVduc54iEomeXkVjwh1Dbh2VOaCnyaLvehPJq5Mf6OVrMHeVcyGduBb1APbFOcBgmmKC0vfGhgR4z1hsh4m7QkNMlFijSdT%2F7XHIHoLrXH53UvcJNiGqFzPnQ4jEJdWVgCuqYkuAYhyPuDyweyDognHeaIXMsvXH9LGX8jL9zGjPB6uLbLjOppHFIEF5dCqtn3qITiHO7AYqSQSr%2Fo4gOL4m%2FdZPrnGckLkfew6SQCGn1meGjQcrxqiw0Yx9B7TVQaR5%2Fb1O7GQ8JLLFRWqZDYnuVJPDaDwVpsFtmbXgEWW6Kocd8ov0RZXIrKLs%2Fyr8x55ghUJpKxgVcYIi4bd2Dr6VfrSCHJ2%2B3cFLdIN45yQdScxvDh%2FW7yFDJ73AEcEpPROUNI0QJLHnmEroVbVvHx9wnrReFR0WHoU9DilypoU5t4D8Mqb3NgAwjmFtD%2Fzy%2FOwbO%2B33yOzsMDoimBtFgFD5ffEvUaPudOngxuq%2BU9RNYfV9YX0SBW6KQqC8GdvQCiUnCygJHvVhQ8FsGDHRluykQDt%2B8PHO5S%2BxMsJeU46Rhb2jmI9%2B3IPHFMp3aLRKeeKfWm%2Bmj6bgahZdp4LXbiy%2B2Rh0tBvZJ%2BvonkYvbUDPZSzjYD0l%2BXviA%2BhC%2B4GHXDirtzpJ%2BD0MEPAGlT%2FWHXrN%2B5WXU6OHlAfMIhxess%3D&SIG=TMW72NE46dQtHkND7Cfie17N%2FtdIvoCPGxXJ84%2FztSmBSUtqrsALfcJ8qdj4t8tkLAYA0qyRkDFq7m8W7N5CdOs5Iwpo7rU%2BoWjNXZMBnFnjTDqTRADfW%2BzaV1P%2FLAtX%2Faq5eW2qSUXVmgiHPnVG1hcPN6JWqr%2FFtErhMwG2laB%2BSaekOaYTuYspbDejMnHqOm81CR52x1YdiAeZKwc8LjYCucXFl2AjVo1PPgkz2TTdqezRClMVqcGObxSmWbph3D5n9vd6VzyUZH1wonBiQSDXJqphg1Xfyw%2F%2FnIg055nCyhB%2B6Q%2FZo%2BCYBUKKzk7al4C7kkuei4Xt%2BCXjFcncIwJH5lizKhy%2FbVASx7wBXBv0luaw%2F6NQcEFWDs6NQU2S13PmlAwa758sYocO%2BFmmkfAvL62p30pgcJUhRLo%2BjCocfNPtZTlrppT%2FJ73xClqiMH24P1XnApITOKpubN1e%2FOWs%2BtsBTYgV5nJwsbShEylb9wTe2MThEFzBWEDcB68hxJinPYmZBxSOgd3vc%2B%2BGtMw%2BAb2zUa36ag3afSDv%2BQoIZNm2T%2FLatCIDK%2FYzYD9CLnzQdvO2%2FJE%2BDsFDBrLrzcc11QRlKfiv4GzpZbKjTMyE6kyFCvlBRGReLdnLI3qJpSGG%2BeCfB9PBdg0he9MRywm2o1D2xRGYhCoxoiSZUkM%3D --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6151 Expires: Fri, 09 Dec 2022 13:59:41 GMT Date: Fri, 09 Dec 2022 12:17:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6151 Expires: Fri, 09 Dec 2022 13:59:41 GMT Date: Fri, 09 Dec 2022 12:17:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=6151 Expires: Fri, 09 Dec 2022 13:59:41 GMT Date: Fri, 09 Dec 2022 12:17:10 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 48c90992f0837a58e0a36118a27dae6a Sha1: 3d238fed35e6d247bddbba92864e6b92e6aed9b6 Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5188 x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ck2-5G9joAMFlPA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0 x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ== via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Thu, 08 Dec 2022 21:51:24 GMT age: 51946 etag: "8fbff7725c842d70e047c635a725723a9dc9c55a" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5188 Md5: fba9a3854df65740512f96efe7442e58 Sha1: 8fbff7725c842d70e047c635a725723a9dc9c55a Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7557 x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctlz5EISoAMFdWw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 07:13:15 GMT age: 18235 etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7557 Md5: 5de5d319f43d9c9c641419d96655541f Sha1: cde4c7fa0145d3645af17e34c83c63c08f76a076 Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6578 x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cw4beGG7oAMF8hA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT x-amz-cf-pop: SEA19-C2 x-cache: Miss from cloudfront x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw== via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 07:13:59 GMT age: 18191 etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6578 Md5: 8546542f00ea29ef4df6ab8d3c7c2164 Sha1: 5c8ffe91490006a9890188b53f875568c2b6bd8f Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7897 x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cwVM_F51IAMFunw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0 x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg== via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 03:38:26 GMT age: 31124 etag: "7558222788f06623ddae6e883413e38e1146281e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7897 Md5: 8c3214044657f3b876d1f1848bca5684 Sha1: 7558222788f06623ddae6e883413e38e1146281e Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 7960 x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEd8HC0oAMFUag= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 06:08:38 GMT age: 22112 etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 7960 Md5: eb00a2a503a690cee3e4dd729b5bc9bd Sha1: cfb1e5bcab2148a777889680e6e36b9d7e8917ec Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 5169 x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ctEdkFGrIAMFvHg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0 x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA== via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google date: Fri, 09 Dec 2022 04:46:15 GMT age: 27055 etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 5169 Md5: 06514ce96ae21cb01f526a5febdcbeb4 Sha1: ebb97e5b97f394e8c67098f55581d5329ce819a2 Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
GET /MPS/mobile.html?PRO=Cam3boss&SUB=Cam3boss_DailyTV_Supermodel&SER=Cam3boss_DailyTV&DATA=XdVduc54iEomeXkVjwh1Dbh2VOaCnyaLvehPJq5Mf6OVrMHeVcyGduBb1APbFOcBgmmKC0vfGhgR4z1hsh4m7QkNMlFijSdT%2F7XHIHoLrXH53UvcJNiGqFzPnQ4jEJdWVgCuqYkuAYhyPuDyweyDognHeaIXMsvXH9LGX8jL9zGjPB6uLbLjOppHFIEF5dCqtn3qITiHO7AYqSQSr%2Fo4gOL4m%2FdZPrnGckLkfew6SQCGn1meGjQcrxqiw0Yx9B7TVQaR5%2Fb1O7GQ8JLLFRWqZDYnuVJPDaDwVpsFtmbXgEWW6Kocd8ov0RZXIrKLs%2Fyr8x55ghUJpKxgVcYIi4bd2Dr6VfrSCHJ2%2B3cFLdIN45yQdScxvDh%2FW7yFDJ73AEcEpPROUNI0QJLHnmEroVbVvHx9wnrReFR0WHoU9DilypoU5t4D8Mqb3NgAwjmFtD%2Fzy%2FOwbO%2B33yOzsMDoimBtFgFD5ffEvUaPudOngxuq%2BU9RNYfV9YX0SBW6KQqC8GdvQCiUnCygJHvVhQ8FsGDHRluykQDt%2B8PHO5S%2BxMsJeU46Rhb2jmI9%2B3IPHFMp3aLRKeeKfWm%2Bmj6bgahZdp4LXbiy%2B2Rh0tBvZJ%2BvonkYvbUDPZSzjYD0l%2BXviA%2BhC%2B4GHXDirtzpJ%2BD0MEPAGlT%2FWHXrN%2B5WXU6OHlAfMIhxess%3D&SIG=TMW72NE46dQtHkND7Cfie17N%2FtdIvoCPGxXJ84%2FztSmBSUtqrsALfcJ8qdj4t8tkLAYA0qyRkDFq7m8W7N5CdOs5Iwpo7rU%2BoWjNXZMBnFnjTDqTRADfW%2BzaV1P%2FLAtX%2Faq5eW2qSUXVmgiHPnVG1hcPN6JWqr%2FFtErhMwG2laB%2BSaekOaYTuYspbDejMnHqOm81CR52x1YdiAeZKwc8LjYCucXFl2AjVo1PPgkz2TTdqezRClMVqcGObxSmWbph3D5n9vd6VzyUZH1wonBiQSDXJqphg1Xfyw%2F%2FnIg055nCyhB%2B6Q%2FZo%2BCYBUKKzk7al4C7kkuei4Xt%2BCXjFcncIwJH5lizKhy%2FbVASx7wBXBv0luaw%2F6NQcEFWDs6NQU2S13PmlAwa758sYocO%2BFmmkfAvL62p30pgcJUhRLo%2BjCocfNPtZTlrppT%2FJ73xClqiMH24P1XnApITOKpubN1e%2FOWs%2BtsBTYgV5nJwsbShEylb9wTe2MThEFzBWEDcB68hxJinPYmZBxSOgd3vc%2B%2BGtMw%2BAb2zUa36ag3afSDv%2BQoIZNm2T%2FLatCIDK%2FYzYD9CLnzQdvO2%2FJE%2BDsFDBrLrzcc11QRlKfiv4GzpZbKjTMyE6kyFCvlBRGReLdnLI3qJpSGG%2BeCfB9PBdg0he9MRywm2o1D2xRGYhCoxoiSZUkM%3D HTTP/1.1 Host: paymentgateway.metfone.com.kh User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Upgrade-Insecure-Requests: 1	URL: paymentgateway.metfone.com.kh/MPS/mobile.html?PRO=Cam3b (...) FQDN: paymentgateway.metfone.com.kh IP: 36.37.242.74 HASH: 53e727de84ac1d89ae6adbe778e51f7da51a9d1e73908027c4727ba79b39e341 36.37.242.74 HTTP/1.1 302 Found Content-Type: text/html; charset=utf-8 Date: Fri, 09 Dec 2022 12:17:10 GMT Server: Apache Vary: Host X-Powered-By: PHP/5.5.10 Set-Cookie: symfony=62ksjjfpot7kdjredpgjv088p6; expires=Fri, 09-Dec-2022 13:57:10 GMT; Max-Age=6000; path=/; HttpOnly Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Location: http://metfonegw.dailytv.asia:8001/metfone/ecpa/server_aoc.php?DATA=tCaYGdIPP35Ys1Q2HZbTVoejSOPtaZGSf08kOKBVDFnI+sPNoRqmTyJgJ0vG2JilaAK0x8hXgW2Gac5D9fV2Hdsq4D4boWe6dBq3z8GEGqU33JkxI2/CZ8dvzM7nkkXP1vW4IIwsRGFF6YVGep3cb4SeRs8aEJWJ7IekDhtco6EukxgVGFrPe22H20CQ/IZJGU4zBCA1K+TqkTIAHwldJ3PWYR4VD8DchSqMsArMoH44CHD5BXlUUnU6X2D2LXcPEQcWkAML1nMyYhw1NaUF9QTNOnVMNN+GVvmX/8MnAS3Dmi9N6WFKSn9LM2yo8SIdqwUOWQA94W0eokmWrBl4JCstjxbwzHoS2rTyz2MM1l17i60ZPSTWBFo9Ab+PrG6+UyTObbO3/ydfa6/JGrVwBqff/NngO8NW49sk0z3FoF5XeVSaIfo2T2+eO88PiM6JSddyd55qRSoMlMpxz1IDKCuzenizfVsoXoHFF56xOkRmVRW1Naad+dcMRWwcLrCZ3kX4UEjupDF86zU7nZlGBe5kzVADa4A28WCvV4PWZJ2M78c170hH0zAxwcYDgS3iA5z00ojuz94yxjwvu7Yj4Osvxwfj1QGIH5Tx9xDXUxMJiOFQgQI3Qx92rvK4mGP/mJQd2pdUiEkee8QPtEOOS3fJX0RaFY6paUX+CHs07cw=&SIG=hvHHT%2FEnyUP6r46jFmMfCs0Eoz9207rqYquXYPUuXa519qOp3zOQ6oJxdfkFs7wVIS8y0IbgayKaSWWxblsadloC%2BqlRRmd71%2B54q6PvnDCbuWOmgVluqMYBsuoPbOrUf4CKecgvZKAbWnFoUFBUcf%2FR%2BhEH9mKYPVYu4U79cOhdNkk%2FS7O6IokgUGE6QUcrMbhkZ23cdA2glSpqZ6Qg5LnQyN7V9EOuTC0ryOnATCX9Dc7CreKMTP%2BNaiput%2Fy8GwCm9VlFDsvh14e4xvx7bmHJH%2FhwUzzfH0%2FAhqV6HFwTuXPH6wLL%2FNUOq8dhQ%2BwAQOHHM6lZq1LD2IyQ99r4G4ylvBhvt%2Bl1fsaLU6jkjAwaysCRR57EozQ3Td4kwOJIMOjaExZ0HuDhkpiVAChmxv4d1Z4rF6hVKCBLamo%2BFfaDKUli5GmVinmAMT1gRTuwWgdAZzfwGQKN2hcA9Cq%2BBl0APsPpnyqSlP3QEoE%2BrMEXojqUV2bKOrL483X6bV%2B3uutdr4GgeTUZtHk6WpYZdfKfLDhxJE4Qw5Zu4sVEmxSydlyXRPFRs1RNf4oJ9GbFLuytdX1bSJ4qQSN6n%2FzEXEI9niHQ9pHJ8JkoL2dkuwcZFka5j%2BLtlvOliwjFTd%2BmDpzfFa3g4yVlGF0SmEzj4PVsVQsHZYrU9DOo8TQf0to%3D Access-Control-Allow-Origin: * Content-Length: 1558 Connection: close --- Additional Info --- Magic: HTML document text\012- HTML document, ASCII text, with very long lines (1558), with no line terminators Size: 1558 Md5: ebb9e1708e74ca1dd514472cdfaf5ca1 Sha1: 5453ab36f3dc40fe5b28081c97a9108c1d46db15 Sha256: 53e727de84ac1d89ae6adbe778e51f7da51a9d1e73908027c4727ba79b39e341

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=3724 

                                        
                                            
Expires: Fri, 09 Dec 2022 13:19:12 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:08 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f2acd891dc6eb1f09f57a2b086791781

                                                Sha1:   1e2088306501a61edcca1ade62c4d54f23b3b083

                                                Sha256: 51148fed95cc00d60dc3640350f135b1b2763ff0e3cfbffc40f0948317894be9

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         35.241.9.150

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/json

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type 

                                        
                                            
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
strict-transport-security: max-age=31536000 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
content-length: 939 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 12:08:18 GMT 

                                        
                                            
age: 530 

                                        
                                            
cache-control: max-age=3600,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    14cd9a0afb6ba9a763651d5112760d1e

                                                Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa

                                                Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.160.144.191

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
x-amz-id-2: tYJkZUvRUb0iRmsVB7AQ6OAimqGL6rNY0JfalbnQBWj+KPd9HLvDBYeDJ3cmPXLxYcQ5TQZQRA/syNLA3mL67A== 

                                        
                                            
x-amz-request-id: S12000ZME92HEFM7 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
content-length: 5348 

                                        
                                            
via: 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 11:48:19 GMT 

                                        
                                            
age: 1729 

                                        
                                            
last-modified: Wed, 30 Nov 2022 10:06:34 GMT 

                                        
                                            
etag: "53341dea33f4f3d9b4966f80589f429a" 

                                        
                                            
cache-control: public,max-age=3600 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    53341dea33f4f3d9b4966f80589f429a

                                                Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d

                                                Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0

                                        
                                            GET /ado/index/?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ HTTP/1.1 

                                        
                                            
Host: ad.dailytv.asia

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         43.228.245.137

                                        
                                            HTTP/1.1 307 Temporary Redirect 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx/1.10.3 (Ubuntu) 

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:08 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: ci_session=7109dr3ffe9lt3notlnhmg9bpm4j0vgh; expires=Fri, 09-Dec-2022 14:17:08 GMT; Max-Age=7200; path=/; HttpOnly 

                                        
                                            
Expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
Cache-Control: no-store, no-cache, must-revalidate 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Location: http://khmf.dailytv.asia/ado/index?aid=bts&transaction_id=APAZ02_wvkdml1ohp0vj42li0cr3u9e&affiliate_id=0fa72e58-556d-41d6-8a9f-b3779d3cad0e_ 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 877 

                                        
                                            
Cache-Control: max-age=162264 

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:08 GMT 

                                        
                                            
Etag: "6392faaf-1d7" 

                                        
                                            
Expires: Sun, 11 Dec 2022 09:21:32 GMT 

                                        
                                            
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT 

                                        
                                            
Server: ECS (ska/F70B) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    e6be4d2155028ffff5d01ab6e7edf6da

                                                Sha1:   07172071b5cf43c4cd7d7930b4ad8518ec1e32e9

                                                Sha256: 4d8a5fa2362fd0910babd6d128d850d4460829468eb23d34ee5ee6eaa42d5a38

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: 6TEqjgn9zDfFYbgj3+7enQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         54.200.107.47

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: BxlZy2vOdi7nasmEk0N6HCo9p9E= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            GET /metfone/bmg/index.php?m=bill&c=ReqHE&serviceId=4101&price=0&phoneNum=&operator=MF&operation_ref=he_16705882291486&aKeyword=SUB&sKeyword=SM&url=http%3A%2F%2Fkhmf.dailytv.asia%2Fauth%2Fhe%3Fcallback_url%3Dhttp%253A%252F%252Fkhmf.dailytv.asia%252Fado%252Findex%253Faid%253Dbts%2526transaction_id%253DAPAZ02_wvkdml1ohp0vj42li0cr3u9e%2526affiliate_id%253D0fa72e58-556d-41d6-8a9f-b3779d3cad0e_%2526iamback%253D1&sTEnvironment=production HTTP/1.1 

                                        
                                            
Host: metfonegw.dailytv.asia

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         192.82.57.207

                                        
                                            HTTP/1.1 302 Moved Temporarily 

                                        
                                            
Content-Type: text/html; charset=UTF-8

                                        

                                        
                                            
Server: nginx/1.10.3 (Ubuntu) 

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:09 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Set-Cookie: PHPSESSID=pmn3fd7grfvhj0esnkbgg1tf86; path=/ 

                                        
                                            
Expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Location: http://paymentgateway.metfone.com.kh/MPS/mobile.html?PRO=Cam3boss&SUB=Cam3boss_DailyTV_Supermodel&SER=Cam3boss_DailyTV&DATA=XdVduc54iEomeXkVjwh1Dbh2VOaCnyaLvehPJq5Mf6OVrMHeVcyGduBb1APbFOcBgmmKC0vfGhgR4z1hsh4m7QkNMlFijSdT%2F7XHIHoLrXH53UvcJNiGqFzPnQ4jEJdWVgCuqYkuAYhyPuDyweyDognHeaIXMsvXH9LGX8jL9zGjPB6uLbLjOppHFIEF5dCqtn3qITiHO7AYqSQSr%2Fo4gOL4m%2FdZPrnGckLkfew6SQCGn1meGjQcrxqiw0Yx9B7TVQaR5%2Fb1O7GQ8JLLFRWqZDYnuVJPDaDwVpsFtmbXgEWW6Kocd8ov0RZXIrKLs%2Fyr8x55ghUJpKxgVcYIi4bd2Dr6VfrSCHJ2%2B3cFLdIN45yQdScxvDh%2FW7yFDJ73AEcEpPROUNI0QJLHnmEroVbVvHx9wnrReFR0WHoU9DilypoU5t4D8Mqb3NgAwjmFtD%2Fzy%2FOwbO%2B33yOzsMDoimBtFgFD5ffEvUaPudOngxuq%2BU9RNYfV9YX0SBW6KQqC8GdvQCiUnCygJHvVhQ8FsGDHRluykQDt%2B8PHO5S%2BxMsJeU46Rhb2jmI9%2B3IPHFMp3aLRKeeKfWm%2Bmj6bgahZdp4LXbiy%2B2Rh0tBvZJ%2BvonkYvbUDPZSzjYD0l%2BXviA%2BhC%2B4GHXDirtzpJ%2BD0MEPAGlT%2FWHXrN%2B5WXU6OHlAfMIhxess%3D&SIG=TMW72NE46dQtHkND7Cfie17N%2FtdIvoCPGxXJ84%2FztSmBSUtqrsALfcJ8qdj4t8tkLAYA0qyRkDFq7m8W7N5CdOs5Iwpo7rU%2BoWjNXZMBnFnjTDqTRADfW%2BzaV1P%2FLAtX%2Faq5eW2qSUXVmgiHPnVG1hcPN6JWqr%2FFtErhMwG2laB%2BSaekOaYTuYspbDejMnHqOm81CR52x1YdiAeZKwc8LjYCucXFl2AjVo1PPgkz2TTdqezRClMVqcGObxSmWbph3D5n9vd6VzyUZH1wonBiQSDXJqphg1Xfyw%2F%2FnIg055nCyhB%2B6Q%2FZo%2BCYBUKKzk7al4C7kkuei4Xt%2BCXjFcncIwJH5lizKhy%2FbVASx7wBXBv0luaw%2F6NQcEFWDs6NQU2S13PmlAwa758sYocO%2BFmmkfAvL62p30pgcJUhRLo%2BjCocfNPtZTlrppT%2FJ73xClqiMH24P1XnApITOKpubN1e%2FOWs%2BtsBTYgV5nJwsbShEylb9wTe2MThEFzBWEDcB68hxJinPYmZBxSOgd3vc%2B%2BGtMw%2BAb2zUa36ag3afSDv%2BQoIZNm2T%2FLatCIDK%2FYzYD9CLnzQdvO2%2FJE%2BDsFDBrLrzcc11QRlKfiv4GzpZbKjTMyE6kyFCvlBRGReLdnLI3qJpSGG%2BeCfB9PBdg0he9MRywm2o1D2xRGYhCoxoiSZUkM%3D 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.76.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC" 

                                        
                                            
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=6151 

                                        
                                            
Expires: Fri, 09 Dec 2022 13:59:41 GMT 

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:10 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    48c90992f0837a58e0a36118a27dae6a

                                                Sha1:   3d238fed35e6d247bddbba92864e6b92e6aed9b6

                                                Sha256: cacc53ed285e96dcd5ba7609823922a253bc0623999b8716f430632d2c0e7dac

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 5188 

                                        
                                            
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ck2-5G9joAMFlPA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ== 

                                        
                                            
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Thu, 08 Dec 2022 21:51:24 GMT 

                                        
                                            
age: 51946 

                                        
                                            
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   5188

                                                Md5:    fba9a3854df65740512f96efe7442e58

                                                Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a

                                                Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6578 

                                        
                                            
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: cw4beGG7oAMF8hA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw== 

                                        
                                            
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 07:13:59 GMT 

                                        
                                            
age: 18191 

                                        
                                            
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6578

                                                Md5:    8546542f00ea29ef4df6ab8d3c7c2164

                                                Sha1:   5c8ffe91490006a9890188b53f875568c2b6bd8f

                                                Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 7960 

                                        
                                            
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ctEd8HC0oAMFUag= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ== 

                                        
                                            
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Fri, 09 Dec 2022 06:08:38 GMT 

                                        
                                            
age: 22112 

                                        
                                            
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   7960

                                                Md5:    eb00a2a503a690cee3e4dd729b5bc9bd

                                                Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec

                                                Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116

                                        
                                            GET /MPS/mobile.html?PRO=Cam3boss&SUB=Cam3boss_DailyTV_Supermodel&SER=Cam3boss_DailyTV&DATA=XdVduc54iEomeXkVjwh1Dbh2VOaCnyaLvehPJq5Mf6OVrMHeVcyGduBb1APbFOcBgmmKC0vfGhgR4z1hsh4m7QkNMlFijSdT%2F7XHIHoLrXH53UvcJNiGqFzPnQ4jEJdWVgCuqYkuAYhyPuDyweyDognHeaIXMsvXH9LGX8jL9zGjPB6uLbLjOppHFIEF5dCqtn3qITiHO7AYqSQSr%2Fo4gOL4m%2FdZPrnGckLkfew6SQCGn1meGjQcrxqiw0Yx9B7TVQaR5%2Fb1O7GQ8JLLFRWqZDYnuVJPDaDwVpsFtmbXgEWW6Kocd8ov0RZXIrKLs%2Fyr8x55ghUJpKxgVcYIi4bd2Dr6VfrSCHJ2%2B3cFLdIN45yQdScxvDh%2FW7yFDJ73AEcEpPROUNI0QJLHnmEroVbVvHx9wnrReFR0WHoU9DilypoU5t4D8Mqb3NgAwjmFtD%2Fzy%2FOwbO%2B33yOzsMDoimBtFgFD5ffEvUaPudOngxuq%2BU9RNYfV9YX0SBW6KQqC8GdvQCiUnCygJHvVhQ8FsGDHRluykQDt%2B8PHO5S%2BxMsJeU46Rhb2jmI9%2B3IPHFMp3aLRKeeKfWm%2Bmj6bgahZdp4LXbiy%2B2Rh0tBvZJ%2BvonkYvbUDPZSzjYD0l%2BXviA%2BhC%2B4GHXDirtzpJ%2BD0MEPAGlT%2FWHXrN%2B5WXU6OHlAfMIhxess%3D&SIG=TMW72NE46dQtHkND7Cfie17N%2FtdIvoCPGxXJ84%2FztSmBSUtqrsALfcJ8qdj4t8tkLAYA0qyRkDFq7m8W7N5CdOs5Iwpo7rU%2BoWjNXZMBnFnjTDqTRADfW%2BzaV1P%2FLAtX%2Faq5eW2qSUXVmgiHPnVG1hcPN6JWqr%2FFtErhMwG2laB%2BSaekOaYTuYspbDejMnHqOm81CR52x1YdiAeZKwc8LjYCucXFl2AjVo1PPgkz2TTdqezRClMVqcGObxSmWbph3D5n9vd6VzyUZH1wonBiQSDXJqphg1Xfyw%2F%2FnIg055nCyhB%2B6Q%2FZo%2BCYBUKKzk7al4C7kkuei4Xt%2BCXjFcncIwJH5lizKhy%2FbVASx7wBXBv0luaw%2F6NQcEFWDs6NQU2S13PmlAwa758sYocO%2BFmmkfAvL62p30pgcJUhRLo%2BjCocfNPtZTlrppT%2FJ73xClqiMH24P1XnApITOKpubN1e%2FOWs%2BtsBTYgV5nJwsbShEylb9wTe2MThEFzBWEDcB68hxJinPYmZBxSOgd3vc%2B%2BGtMw%2BAb2zUa36ag3afSDv%2BQoIZNm2T%2FLatCIDK%2FYzYD9CLnzQdvO2%2FJE%2BDsFDBrLrzcc11QRlKfiv4GzpZbKjTMyE6kyFCvlBRGReLdnLI3qJpSGG%2BeCfB9PBdg0he9MRywm2o1D2xRGYhCoxoiSZUkM%3D HTTP/1.1 

                                        
                                            
Host: paymentgateway.metfone.com.kh

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 

                                        
                                            
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Upgrade-Insecure-Requests: 1

                                         36.37.242.74

                                        
                                            HTTP/1.1 302 Found 

                                        
                                            
Content-Type: text/html; charset=utf-8

                                        

                                        
                                            
Date: Fri, 09 Dec 2022 12:17:10 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Vary: Host 

                                        
                                            
X-Powered-By: PHP/5.5.10 

                                        
                                            
Set-Cookie: symfony=62ksjjfpot7kdjredpgjv088p6; expires=Fri, 09-Dec-2022 13:57:10 GMT; Max-Age=6000; path=/; HttpOnly 

                                        
                                            
Expires: Thu, 19 Nov 1981 08:52:00 GMT 

                                        
                                            
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Location: http://metfonegw.dailytv.asia:8001/metfone/ecpa/server_aoc.php?DATA=tCaYGdIPP35Ys1Q2HZbTVoejSOPtaZGSf08kOKBVDFnI+sPNoRqmTyJgJ0vG2JilaAK0x8hXgW2Gac5D9fV2Hdsq4D4boWe6dBq3z8GEGqU33JkxI2/CZ8dvzM7nkkXP1vW4IIwsRGFF6YVGep3cb4SeRs8aEJWJ7IekDhtco6EukxgVGFrPe22H20CQ/IZJGU4zBCA1K+TqkTIAHwldJ3PWYR4VD8DchSqMsArMoH44CHD5BXlUUnU6X2D2LXcPEQcWkAML1nMyYhw1NaUF9QTNOnVMNN+GVvmX/8MnAS3Dmi9N6WFKSn9LM2yo8SIdqwUOWQA94W0eokmWrBl4JCstjxbwzHoS2rTyz2MM1l17i60ZPSTWBFo9Ab+PrG6+UyTObbO3/ydfa6/JGrVwBqff/NngO8NW49sk0z3FoF5XeVSaIfo2T2+eO88PiM6JSddyd55qRSoMlMpxz1IDKCuzenizfVsoXoHFF56xOkRmVRW1Naad+dcMRWwcLrCZ3kX4UEjupDF86zU7nZlGBe5kzVADa4A28WCvV4PWZJ2M78c170hH0zAxwcYDgS3iA5z00ojuz94yxjwvu7Yj4Osvxwfj1QGIH5Tx9xDXUxMJiOFQgQI3Qx92rvK4mGP/mJQd2pdUiEkee8QPtEOOS3fJX0RaFY6paUX+CHs07cw=&SIG=hvHHT%2FEnyUP6r46jFmMfCs0Eoz9207rqYquXYPUuXa519qOp3zOQ6oJxdfkFs7wVIS8y0IbgayKaSWWxblsadloC%2BqlRRmd71%2B54q6PvnDCbuWOmgVluqMYBsuoPbOrUf4CKecgvZKAbWnFoUFBUcf%2FR%2BhEH9mKYPVYu4U79cOhdNkk%2FS7O6IokgUGE6QUcrMbhkZ23cdA2glSpqZ6Qg5LnQyN7V9EOuTC0ryOnATCX9Dc7CreKMTP%2BNaiput%2Fy8GwCm9VlFDsvh14e4xvx7bmHJH%2FhwUzzfH0%2FAhqV6HFwTuXPH6wLL%2FNUOq8dhQ%2BwAQOHHM6lZq1LD2IyQ99r4G4ylvBhvt%2Bl1fsaLU6jkjAwaysCRR57EozQ3Td4kwOJIMOjaExZ0HuDhkpiVAChmxv4d1Z4rF6hVKCBLamo%2BFfaDKUli5GmVinmAMT1gRTuwWgdAZzfwGQKN2hcA9Cq%2BBl0APsPpnyqSlP3QEoE%2BrMEXojqUV2bKOrL483X6bV%2B3uutdr4GgeTUZtHk6WpYZdfKfLDhxJE4Qw5Zu4sVEmxSydlyXRPFRs1RNf4oJ9GbFLuytdX1bSJ4qQSN6n%2FzEXEI9niHQ9pHJ8JkoL2dkuwcZFka5j%2BLtlvOliwjFTd%2BmDpzfFa3g4yVlGF0SmEzj4PVsVQsHZYrU9DOo8TQf0to%3D 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Content-Length: 1558 

                                        
                                            
Connection: close 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  HTML document text\012- HTML document, ASCII text, with very long lines (1558), with no line terminators

                                                Size:   1558

                                                Md5:    ebb9e1708e74ca1dd514472cdfaf5ca1

                                                Sha1:   5453ab36f3dc40fe5b28081c97a9108c1d46db15

                                                Sha256: 53e727de84ac1d89ae6adbe778e51f7da51a9d1e73908027c4727ba79b39e341

URL	marially-watears.icu/0fa72e58-556d-41d6-8a9f-b3779d3cad0e
IP	18.194.134.212 (Germany)
ASN	#16509 AMAZON-02
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-12-09 12:17:18 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	1
urlquery alerts	No alerts detected
Tags	None

Overview

Domain Summary (12)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.194.134.212

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: marially-watears.icu

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (24)

Overview

Domain Summary (12)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 18.194.134.212

Last 5 reports on ASN: AMAZON-02

Last 5 reports on domain: marially-watears.icu

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (0)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (24)

Network Intrusion Detection Systems