r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 507011ccb9124dcd57e84a90a0965cc4
1a6575d0ac979c7184490cc9836ac4812ad2afd1
01626c18e1e68507aa33ef7448dbc3311901ab6f29adc2f51d449409b0680dce
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01626C18E1E68507AA33EF7448DBC3311901AB6F29ADC2F51D449409B0680DCE"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9408
Expires: Wed, 08 Feb 2023 02:16:17 GMT
Date: Tue, 07 Feb 2023 23:39:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 565c1bbc5c1c40be1988b3bf6fd9dc1a
cfdba5bc597130461dd67bf6cda53183be592493
60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3476
Expires: Wed, 08 Feb 2023 00:37:25 GMT
Date: Tue, 07 Feb 2023 23:39:29 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Backoff, Alert, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 07 Feb 2023 23:34:10 GMT
content-type: application/json
age: 319
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cc14b0d2f7c451f6431dc87ba54d1d60
bab8bfda6fa3e2f17125353f5147211787dc25d0
b58fe18a5cc8fe5aaf49ba7eadd0ef34692892e68e9c52eb5bb56ea27e1300ad
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B58FE18A5CC8FE5AAF49BA7EADD0EF34692892E68E9C52EB5BB56EA27E1300AD"
Last-Modified: Mon, 06 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9335
Expires: Wed, 08 Feb 2023 02:15:04 GMT
Date: Tue, 07 Feb 2023 23:39:29 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e76071a28ee566dababb3834f46d68ed
aebb4e68c1ba2de0f90025283e8ed8470944fde0
78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Tqeml28bwMMErV/DUDyKeshjFogxjzWsaq77C9AVLiSxNpO2LzuYlj3xW1nsLaER/3WpXLLZB4o=
x-amz-request-id: Q81P1J213HEC3NKD
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 07 Feb 2023 22:45:44 GMT
age: 3225
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 07 Feb 2023 23:39:29 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
dev.weblogies.tech/
184.154.88.243200 OK 38 kB IP 184.154.88.243:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (18298)
Hash e33548ccb5fe5f9e93754b5fe064f0e6
cb736a5812be0accda467c838d6b2c7e148e5629
779884e87189a0ebbb2b50be13bbd4f99bbce0e7f5c9f67be4dd7c8f45dbcd48
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
NIDS Severity Alert suricata medium ET PHISHING Possible Phish - Saved Website Comment Observed
GET / HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:30 GMT
Server: Apache
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
dev.weblogies.tech/index_files/eMakBH12nEv.css
184.154.88.243200 OK 7.1 kB URL HTTP/1.1 dev.weblogies.tech/index_files/eMakBH12nEv.css
IP 184.154.88.243:0
File type ASCII text, with very long lines (2475)
Hash 5f87b1bd9bd1278a606f036a0ccaa0be
4f71c2af831f778d66b456ef914e7159cd412ca4
f22f1c67774f6b533abd564e7b3ac4f1d977cc04c17f4718b552887e166f16f3
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/eMakBH12nEv.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 7102
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 07 Feb 2023 22:51:19 GMT
age: 2890
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
dev.weblogies.tech/index_files/fZD6ZbaBAGQ.js
184.154.88.243200 OK 6.4 kB URL HTTP/1.1 dev.weblogies.tech/index_files/fZD6ZbaBAGQ.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (1361)
Hash 97e386a28db02db8fba9cf104e1f857c
f62ea61d470a0a97010b5bf371cd33af91bffb72
311277be250c681c82a65a1fa81afc1a07863e632845bd392b1b2e7443ee999b
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/fZD6ZbaBAGQ.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 6399
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/CWdxV14s6aP.css
184.154.88.243200 OK 2.2 kB URL HTTP/1.1 dev.weblogies.tech/index_files/CWdxV14s6aP.css
IP 184.154.88.243:0
File type ASCII text, with very long lines (2061)
Hash b24463ec309730baf26250bae2615dab
9a2dc8a09da94e55cbaaa2aeeafc8ade4f55ee93
2dce5145f9ce3d3853b5afe7209805df4a2ef04986e5523802fcb43087d07aac
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/CWdxV14s6aP.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 2182
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dev.weblogies.tech/index_files/SJiTkiYhsLZ.css
184.154.88.243200 OK 47 kB URL HTTP/1.1 dev.weblogies.tech/index_files/SJiTkiYhsLZ.css
IP 184.154.88.243:0
File type ASCII text, with very long lines (5063)
Hash 9b3f13ca8b2c54fcf0d0a5f95b777906
ae4079afb4a060502f1ed1b9d48beaf8bf65fff2
9576171a309cee7a13c91bc8bd88718faa14af78e122367ef8323950761783a1
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/SJiTkiYhsLZ.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 47058
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dev.weblogies.tech/index_files/Bv5YpAkS6vh.js
184.154.88.243200 OK 726 B URL HTTP/1.1 dev.weblogies.tech/index_files/Bv5YpAkS6vh.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (356)
Hash 567a5291a1ff9ac4e231533bd5f5f777
dd2f27e9675b35ec5478dfc20d0cc4d9da824962
abe1e934f2641d49398ac83bf3feb3ef523f0887a01d5be5b794ea81a39fb2b7
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/Bv5YpAkS6vh.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 726
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/jgj2cD-I9kr.js
184.154.88.243200 OK 19 kB URL HTTP/1.1 dev.weblogies.tech/index_files/jgj2cD-I9kr.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (4254)
Hash 1a3b6811539e0ef2bc58e8fc74dbe702
7267d8ac190b40bb1dc4faaab2fff8dbe566efdf
ee5b008edcf883ccc35a5da1b4d8b6c89e9097495773f9bcc2a4c4a24f0f3eb1
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/jgj2cD-I9kr.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 18655
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/zKpbP_4bu9D.js
184.154.88.243200 OK 16 kB URL HTTP/1.1 dev.weblogies.tech/index_files/zKpbP_4bu9D.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (3341)
Hash 87ff1b31c41bf6fde6afc05bbde635d3
7a503bc20d11d2bd01cc386261b863bce63a9dd2
97ced37862652a755304d996c7fc394ab10b49ab3f18477e237e36e60d99fab7
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/zKpbP_4bu9D.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 15701
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/Xt5ISlLp2jg.js
184.154.88.243200 OK 32 kB URL HTTP/1.1 dev.weblogies.tech/index_files/Xt5ISlLp2jg.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (6247)
Hash dae2644731229543e9c2ab8d4c079b9d
7ee3b6d2a1a3cbf34f9322ca33e5a1bdd6e11c58
8f6b2c5f0de491e1ba063b7cc9747e61d544bc4b86be7f3c27926acfc1b091af
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/Xt5ISlLp2jg.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 32217
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/lgK20pPv2cl.js
184.154.88.243200 OK 12 kB URL HTTP/1.1 dev.weblogies.tech/index_files/lgK20pPv2cl.js
IP 184.154.88.243:0
File type C source, ASCII text, with very long lines (3532)
Hash 1d363a5e32ff30ab238c72ba21f6a7fd
b15041a0eae251b1050bdebec6d226f5f6324a2b
1d8cfd8a8b9326ea54022ec78d88f843bc5b9d79e9ff18a6db916b2504969f66
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/lgK20pPv2cl.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 11945
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9b88bae61bca33aba8aa99f6128db8d9
a07b61fb2458917699613fcae68710941b595416
54915c2f79822732e06a592d027da421ad1e7a6458c545f98333db25612b3dea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "54915C2F79822732E06A592D027DA421AD1E7A6458C545F98333DB25612B3DEA"
Last-Modified: Mon, 06 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7001
Expires: Wed, 08 Feb 2023 01:36:11 GMT
Date: Tue, 07 Feb 2023 23:39:30 GMT
Connection: keep-alive
dev.weblogies.tech/index_files/hiWQlvAyz5m.js
184.154.88.243200 OK 924 B URL HTTP/1.1 dev.weblogies.tech/index_files/hiWQlvAyz5m.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (823)
Hash c2ea014abc5c19be27ba2fd7f3a8cc1d
69988ee548798adf187bb46a6af2f0121a25684d
da9c3123c136417b12228e61457bebeafbbe5caafed10204b3675c0a00dc4590
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/hiWQlvAyz5m.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 924
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/jxIrdtJvQ8O.js
184.154.88.243200 OK 120 kB URL HTTP/1.1 dev.weblogies.tech/index_files/jxIrdtJvQ8O.js
IP 184.154.88.243:0
File type Unicode text, UTF-8 text, with very long lines (9223)
Size 120 kB (120166 bytes)
Hash 169d00e1776ec7cdd85bd85995fd7158
4aff03bb63d01398723714d7dc39fa0d12c0c307
fe250f04259400ee5cd5f3725c0a669b4f6179816743269335989d2d943e6968
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/jxIrdtJvQ8O.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 120166
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/QHoAKxP9ze2.js
184.154.88.243200 OK 126 kB URL HTTP/1.1 dev.weblogies.tech/index_files/QHoAKxP9ze2.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (6795)
Size 126 kB (125481 bytes)
Hash 20bfccc011cc55fa7723abfe9ca9afe2
3be2206a610ce00209e4a3ffa8c717b7de0cf40f
919eb3922954fb23a76b4927fae47211dfc9d8ac65c3b6ce4875f3a850159b54
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/QHoAKxP9ze2.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 125481
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/2ZVH9pehXv8.js
184.154.88.243200 OK 309 B URL HTTP/1.1 dev.weblogies.tech/index_files/2ZVH9pehXv8.js
IP 184.154.88.243:0
Hash dc02ded7a7e3f575f469933474ff9dbb
6768e6715e0cab045fb0870e399dda7e82de28cb
2b0114ce3931e8615e3a98352b0f01c497415b5f28a13200b1559113508790c9
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/2ZVH9pehXv8.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 309
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/LQbeenWMCKu.css
184.154.88.243200 OK 240 kB URL HTTP/1.1 dev.weblogies.tech/index_files/LQbeenWMCKu.css
IP 184.154.88.243:0
File type assembler source, ASCII text, with very long lines (13132)
Size 240 kB (240211 bytes)
Hash 3d7cff477c9171368b38c145fb82ae5d
5a362ba4ec1a0ce595cbf77e83947b1fc6f190ce
28f4301e471bd6494d4746d7bbe54973e4c51f469bdc98f7cdb712f9d638b365
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/LQbeenWMCKu.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 240211
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
dev.weblogies.tech/index_files/UPWqolLfcie.js
184.154.88.243200 OK 8.0 kB URL HTTP/1.1 dev.weblogies.tech/index_files/UPWqolLfcie.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (7813)
Hash 568e26f254aa6cdc34200b2bfe0999f4
4d5a762a72a1df28c3d80f2c0508bd1cb01c2e2e
329ef44e415441cc5b763432c157aa8fd6d4be1ff58c051795b50a67e8a5f312
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/UPWqolLfcie.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 7987
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/A0qdgknEnD5.js
184.154.88.243200 OK 5.7 kB URL HTTP/1.1 dev.weblogies.tech/index_files/A0qdgknEnD5.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (3510)
Hash 66c9a8da7ce548854a41c8f875d096f0
9d0aa12ab7294fbecb474ffa72179070d4f4cbf8
55caa6b111fb4654c0a7dd287c66dea3fec76bda870668e39fbe731c8be3aa63
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/A0qdgknEnD5.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 5681
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/ZDQXrINXZRK.js
184.154.88.243200 OK 3.6 kB URL HTTP/1.1 dev.weblogies.tech/index_files/ZDQXrINXZRK.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (963)
Hash 5705214c2f014d5fbbf3f294f54f73e6
d45686161848aea6b9a3cf4042bc59807c9eb826
1f5242afd7b1e9280b127ecc4da4f0d40efcebda8fcbdc74db077794239d4e60
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/ZDQXrINXZRK.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:48 GMT
Accept-Ranges: bytes
Content-Length: 3564
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/bGtNvVqCgeG.js
184.154.88.243200 OK 16 kB URL HTTP/1.1 dev.weblogies.tech/index_files/bGtNvVqCgeG.js
IP 184.154.88.243:0
File type ASCII text, with very long lines (6914)
Hash 81e850fa17969b1a3f5e0a85b0f95b5f
10d6abaed9881177bd80cdf289cf514ff3a59685
964ec0671341078e2698129313638b3c329f45501033296cca441e29724c1f06
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/bGtNvVqCgeG.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:48 GMT
Accept-Ranges: bytes
Content-Length: 15538
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/index_files/KaNp_DvU8Qu.css
184.154.88.243200 OK 58 kB URL HTTP/1.1 dev.weblogies.tech/index_files/KaNp_DvU8Qu.css
IP 184.154.88.243:0
File type ASCII text, with very long lines (10527)
Hash 184ec53900901ccbbbd0de7119197bd0
f77558dadf157dfac7ebe7f2a6554ced4abcc7be
807e1c376adf8b744fdba64911b91249f438e2e9819e55bc680f391bb53f7613
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/KaNp_DvU8Qu.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 58302
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
dev.weblogies.tech/index_files/7NIOkaSLHQW.css
184.154.88.243200 OK 19 kB URL HTTP/1.1 dev.weblogies.tech/index_files/7NIOkaSLHQW.css
IP 184.154.88.243:0
File type ASCII text, with very long lines (2565)
Hash 5203c0f4dd2f9da1f6d2c9c671d7ae3d
a6ba16800819c73992880ed5ed03933eb93effda
1e6fb7e7eef656d57c83e318f2afb6ce5c8546e6d0b23a08210ff1183a73bcea
Analyzer Verdict Alert openphish Facebook, Inc.
GET /index_files/7NIOkaSLHQW.css HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 18945
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
44.238.212.181101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.238.212.181:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BnyRst91muTtsW1OonmjEA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hOpy5GxJMRD6IRu4B/lwFSMNa8A=
dev.weblogies.tech/index_files/rez1JGOQ3ty.js
184.154.88.243200 OK 168 kB URL HTTP/1.1 dev.weblogies.tech/index_files/rez1JGOQ3ty.js
IP 184.154.88.243:0
File type C source, ASCII text, with very long lines (10603)
Size 168 kB (167779 bytes)
Hash ae725db9194ff53418fd5a40cda18e1d
7c55bd6f04abe9689aa86c997183aee5a93bc686
a860562aa8d4677437553d2a6a4ec60efce84780b6df012aa5c11043cc2f0c85
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/rez1JGOQ3ty.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 167779
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:39:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:39:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3b4ea902c3e097daaa31810cb66d585a
97dfbd81d31b43196d8a4bd2fa3ff8a5cc115049
0291ed72c3115d6b6cf8c001b13bbc4ad517d76242b6cbed9db5ee1162572d3f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0291ED72C3115D6B6CF8C001B13BBC4AD517D76242B6CBED9DB5EE1162572D3F"
Last-Modified: Sun, 05 Feb 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4903
Expires: Wed, 08 Feb 2023 01:01:14 GMT
Date: Tue, 07 Feb 2023 23:39:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8f31c82179856e39ee5fc43d7f0b685
5b37f807a19ffc80c0b9334e6d24d5bb717496ce
c099c91c6f2125a8a89ee6e9dc0e37e2c2c9914adadb2c8b77795063baa62037
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7f728fd1-646b-418a-ab1a-194a7bf42969.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6805
x-amzn-requestid: 9f067f0c-2991-41ae-8dd0-5719a5438abc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PHwEn4IAMFvFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c564-730d01807c13643373d64897;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:52 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: eSU1CSydRTodwnN5DNTXbYD3d3kYFCHiCvPRq5DZTTDSTH2L-GV_1g==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 22:19:17 GMT
age: 4814
etag: "5b37f807a19ffc80c0b9334e6d24d5bb717496ce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5de2fe3c9a2b091689a7213c4f781446
385fa88a857ba301f37ab56d72d11fb49abd8c6b
b64b11a68493fa304aa6102bf9b9ff11fab5e1536ecf768e4b0fa51470ae2293
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a39697d-4bed-4ebe-970d-d9950958f814.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13714
x-amzn-requestid: 8f776dba-4e5d-46e5-a3ac-459d86852375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_PFjGNHIAMFrMA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c556-74429dc755cc37672c68b58b;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:40:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Cf-MbK2WIFs3foM-_Ou5OUg7IS8ovfw-dHJnIpVUvpeAbMi-TeC5SA==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:54:34 GMT
etag: "385fa88a857ba301f37ab56d72d11fb49abd8c6b"
content-type: image/jpeg
age: 6297
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe800d6af728cd622a6192ad5e7dda6a
3a301dd894fc428c7d1863c9d5eaf2652f5c2083
f4923c211ef24e933bbe73bd8d2033d6b6da4a9fa0c9d4699a1041a7bd8bf5a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5416f10c-2a0c-46e5-a76b-853a2be4c374.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12216
x-amzn-requestid: cc61a63b-35fe-4bfa-ad20-1db3f4165446
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f_O7LFrCIAMFoYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e2c514-2b5e27c62218510b74ea0989;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 21:39:32 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: C1EXSLUCdc9GzSKxUzv9_uWK4ZTqggdr03uVW5SWuZwVVSn2wc4k7w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 21:44:01 GMT
age: 6930
etag: "3a301dd894fc428c7d1863c9d5eaf2652f5c2083"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dev.weblogies.tech/rsrc.php/v2/yi/r/Bbike7BBtVp.png
184.154.88.243403 Forbidden 26 kB URL HTTP/1.1 dev.weblogies.tech/rsrc.php/v2/yi/r/Bbike7BBtVp.png
IP 184.154.88.243:0
Hash 70ea3c65f9d750a056ee07242c5eb28f
7022a02513242bd996741bfe6700f772dd6a9780
c0edfbfbdf9b2ad1c6d71b29e9fd1c169e21deb3659039b5de4d112e8a268e54
Analyzer Verdict Alert openphish Facebook, Inc.
GET /rsrc.php/v2/yi/r/Bbike7BBtVp.png HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.weblogies.tech/index_files/7NIOkaSLHQW.css
Cookie: reg_ext_ref=; _js_reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1%26lwv%3D110
HTTP/1.1 403 Forbidden
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
dev.weblogies.tech/rsrc.php/v2/yU/r/O7nelmd9XSI.png
184.154.88.243403 Forbidden 36 kB URL HTTP/1.1 dev.weblogies.tech/rsrc.php/v2/yU/r/O7nelmd9XSI.png
IP 184.154.88.243:0
Hash b4f43ab21de6a2d236bcd0b9c36347bc
f57bc3025fbd8893d2cc832c49bc70dab69fa35c
6bc12e7079b1fc9d35c855e563338bf2ff9a92cf6de6f636936ae8bdfdf14213
Analyzer Verdict Alert openphish Facebook, Inc.
GET /rsrc.php/v2/yU/r/O7nelmd9XSI.png HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.weblogies.tech/index_files/KaNp_DvU8Qu.css
Cookie: reg_ext_ref=; _js_reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1%26lwv%3D110
HTTP/1.1 403 Forbidden
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 003fc35e140a75a12b7795c3986426ec
da002b22e2a01f48a545b369d4403eabb17a10d5
bb0754411aa7d0a5036b86b282d0e93d13227765ca9ccaf3a34e8e486cb413d1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6de3153-62d2-494b-8acf-6d3ac8adba7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13160
x-amzn-requestid: 34aa6dfe-7f14-48d0-89b2-90548621be79
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzVxSHh7IAMFjAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de033b-49587fff75aebe96136137be;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:03:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qwSN-ztVJgRfu3bFIjYaVYV8Cnx77j1ugkRjqhRtRXdPju7AhEMg-A==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 07 Feb 2023 07:15:46 GMT
age: 59025
etag: "da002b22e2a01f48a545b369d4403eabb17a10d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
dev.weblogies.tech/index_files/SwcFtQEEPjk.js
184.154.88.243200 OK 0 B URL HTTP/1.1 dev.weblogies.tech/index_files/SwcFtQEEPjk.js
IP 184.154.88.243:0
Analyzer Verdict Alert openphish Facebook, Inc.
fortinet Phishing
GET /index_files/SwcFtQEEPjk.js HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dev.weblogies.tech/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Last-Modified: Sun, 11 Oct 2015 05:01:46 GMT
Accept-Ranges: bytes
Content-Length: 1907559
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
dev.weblogies.tech/rsrc.php/v2/ym/r/jNbDbGOuYNI.png
184.154.88.243403 Forbidden 0 B URL HTTP/1.1 dev.weblogies.tech/rsrc.php/v2/ym/r/jNbDbGOuYNI.png
IP 184.154.88.243:0
Analyzer Verdict Alert openphish Facebook, Inc.
GET /rsrc.php/v2/ym/r/jNbDbGOuYNI.png HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.weblogies.tech/index_files/LQbeenWMCKu.css
Cookie: reg_ext_ref=; _js_reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1%26lwv%3D110
HTTP/1.1 403 Forbidden
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
dev.weblogies.tech/rsrc.php/v2/yx/r/uJwK0Kf1dnA.png
184.154.88.243403 Forbidden 0 B URL HTTP/1.1 dev.weblogies.tech/rsrc.php/v2/yx/r/uJwK0Kf1dnA.png
IP 184.154.88.243:0
Analyzer Verdict Alert openphish Facebook, Inc.
GET /rsrc.php/v2/yx/r/uJwK0Kf1dnA.png HTTP/1.1
Host: dev.weblogies.tech
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dev.weblogies.tech/index_files/LQbeenWMCKu.css
Cookie: reg_ext_ref=; _js_reg_fb_ref=https%3A%2F%2Fwww.facebook.com%2Flogin.php%3Flogin_attempt%3D1%26lwv%3D110
HTTP/1.1 403 Forbidden
Date: Tue, 07 Feb 2023 23:39:31 GMT
Server: Apache
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8