Report - gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

Report Overview

Submitted URL
gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9
IP
159.223.153.123
ASN
#14061 DIGITALOCEAN-ASN
Submitted
2023-01-31 02:52:18
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	2.8 kB	5.6 kB	142.250.74.131
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.161.100.71
www.gstatic.com	unknown	2016-07-26T11:37:06Z	2023-03-13T07:57:11Z	838 B	4.1 kB	142.250.74.35
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	3.0 kB	8.0 kB	23.33.119.27
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
translate.googleapis.com	1005	2012-05-31T09:21:21Z	2023-03-13T08:44:18Z	906 B	81 kB	142.250.74.42
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	66 kB	34.120.237.76
translate.google.com	1156	2012-05-30T03:30:32Z	2023-03-13T05:10:57Z	403 B	691 B	216.58.211.14
threatdetect.org	unknown	2022-01-28T15:40:10Z	2023-03-09T18:42:15Z	979 B	621 B	188.114.96.1
gabist.live	unknown	2023-01-27T11:28:28Z	2023-01-31T02:47:19Z	9.0 kB	84 kB	159.223.153.123

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-31	medium	gabist.live/5Lz/landings/209605/1618996856/css/style6b426b42.css?1618996856	Phishing
2023-01-31	medium	gabist.live/5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js	Phishing
2023-01-31	medium	gabist.live/5Lz/landings/209605/1618996856/js/translate6b42.js	Phishing
2023-01-31	medium	gabist.live/5Lz/landings/209605/1618996856/js/jquery.min6b42.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	gabist.live/5Lz/landings/209605/1618996856/js/interactive6b42.js	12 kB	2023-03-11	2023-03-29
Pretty URL gabist.live/5Lz/landings/209605/1618996856/js/interactive6b42.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:56:22 Last Seen2023-03-29 22:58:57 Times Seen2 Hash 5c510625e71872e8435d2dfa7aad9aef 1124fb3f862ef95e89127bb35c7c3d5bd2465d56 032d801c903bdb3fc9a599524d52859cddc0ddee6a05b914ad4b1d6bf5ecb821 Loading...

	gabist.live/5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js	2.2 kB	2023-03-07	2024-04-25
Pretty URL gabist.live/5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js IP 159.223.153.123 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-25 23:46:23 Times Seen671 Hash c9e9a54501fc6f6e8918b2c0f2a53981 3d530e6c830ccba6284e79c7245bb45d6f4f2197 491fdee141835401d29318ca584ac3e91a38c92d8694f26d90883bfc324ca454 Loading...

	translate.google.com/translate_a/element.js?cb=googleTranslateElementInit	80 kB	2023-03-13	2023-03-13
Pretty URL translate.google.com/translate_a/element.js?cb=googleTranslateElementInit IP 216.58.211.14 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:52:12 Last Seen2023-03-13 12:54:40 Times Seen1 Hash 87529ec0b7793b4082bd31339953b88f f1336af68c1e835bc2a8aa51c3f063608e9f880f 5d07ab9e8431765f310bb994091e318efbbfb0a36a0d41b45db0aaba28876caf Loading...

	translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main	212 kB	2023-03-13	2023-11-20
Pretty URL translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 12:49:31 Last Seen2023-11-20 19:22:46 Times Seen3 Hash 51c6544434ef8690aaad39058385a5aa bcf5889a5ead27646b433c97fdcc77d00bf8f1ff 3e6cd25df04ebc9b9101d7f131cc765c10a3f88dabc2487e1a06f48ce8a767b6 Loading...

	http:srcdoc	1.2 kB	2023-03-08	2023-04-22
Pretty URL http:srcdoc IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:21:55 Last Seen2023-04-22 02:10:05 Times Seen1280 Hash 1bdd099873761648dd3aa8aad60e2ac3 713e5a99347bd73f3d9c359acd1c885430e22060 0624e7ce1ad63657924f8ca830c5a9a16c721b527ea1b98d2ef471d04348a07d Loading...

	translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback	17 kB	2023-03-07	2024-04-26
Pretty URL translate-pa.googleapis.com/v1/supportedLanguages?client=te&display_language=no&key=AIzaSyBWDj0QJvVIx8XOhRegXX5_SrRWxhT5Hs4&callback=callback IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-26 06:17:53 Times Seen14189 Hash a3eefe14b1b4698460d992bd1673a26b a2fca6ebb00b8bdcca3eda88654d02d2c165b9c4 87514750a90cd70dd22c8673cfa80d804ef55840bd0755950af2118d8d218067 Loading...

	unknown	0 B	2023-03-07	2024-04-26
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-26 06:22:57 Times Seen37085097 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9	465 B	2023-03-11	2023-07-07
Pretty URL gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9 IP 159.223.153.123 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 13:56:22 Last Seen2023-07-07 17:39:03 Times Seen6 Hash 7e575460cc7440a092d68f037ae3e9ab a3b1e28659e1af280f1ef0250e5d865f7bf74142 6747a94f311dba5647a85aed3aa6f300810d7598d931f346da24875500776c1e Loading...

	gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9	214 B	2023-03-09	2023-07-07
Pretty URL gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9 IP 159.223.153.123 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 13:43:49 Last Seen2023-07-07 17:39:03 Times Seen7 Hash e67ca4ec114e7614d4bb9d7122df7964 dcc28e1f9f5f3cfc9397c2f6628d5ddcb624abd3 6222b320b2ef4b02ac7ad6e06fffcb9f83698984f129bb7dd91f7915cb030f57 Loading...

	gabist.live/5Lz/landings/209605/1618996856/js/translate6b42.js	1.2 kB	2023-03-07	2024-04-25
Pretty URL gabist.live/5Lz/landings/209605/1618996856/js/translate6b42.js IP 159.223.153.123 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:48 Last Seen2024-04-25 23:46:23 Times Seen724 Hash fcd546809170dd574eb37b989529f69a 2e227e144e3b4bd68064354d8a7fbc61125f624c 350baff99bbd3db6cdb8d741bc7f75fa333489ad5dcc641e2cfa0e11130e1920 Loading...

HTTP Transactions (46)

URL IP Response Size

gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

159.223.153.123

200 OK

2.1 kB

URL HTTP/1.1
gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Size
2.1 kB (2064 bytes)
Hash
09071d0e5fb7dd3e2c5d4c007258dfe8
1e71fc4495e07a99feaf8267c2cbfb8598954810
f16a6e29857818e453ffc2fe4036711a05923045819f91e95ef28a7080f7f8fe

HTTP Headers

GET /5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9 HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: text/html
Last-Modified: Mon, 31 Oct 2022 10:01:57 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f9d15-2595"
Content-Encoding: gzip

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d2e72d45afe3d391c204b5391599607c
149d68b9d00a720b6f380fa2324779dca9dbe26d
f6f1c295c68dfebadacb1fc812b44e01c7ede0e203615ef3e2cced2ce2251e7e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6F1C295C68DFEBADACB1FC812B44E01C7EDE0E203615EF3E2CCED2CE2251E7E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5235
Expires: Tue, 31 Jan 2023 04:19:22 GMT
Date: Tue, 31 Jan 2023 02:52:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7402
Expires: Tue, 31 Jan 2023 04:55:29 GMT
Date: Tue, 31 Jan 2023 02:52:07 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 31 Jan 2023 02:35:51 GMT
content-type: application/json
age: 976
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10940
Expires: Tue, 31 Jan 2023 05:54:27 GMT
Date: Tue, 31 Jan 2023 02:52:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: aYEAgTvirVGF/puutn62QmifdHGS7diAIqVEK+KUCCAuiAcGbJbPqIM5XAQkwyVKKw30lQKD3C0=
x-amz-request-id: SYBJ4S5MHGSDGJVT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 31 Jan 2023 02:51:00 GMT
age: 67
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 31 Jan 2023 02:52:07 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

gabist.live/5Lz/landings/209605/1618996856/css/style6b426b42.css?1618996856

159.223.153.123

200 OK

2.9 kB

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/css/style6b426b42.css?1618996856
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
2.9 kB (2945 bytes)
Hash
596ddeaaeb509f2810ad55bc632d7daf
20fcecf1a81d9e309961400c0e064d9f07dd5005
2d15cc627b8feba8b6dca3e2c831befde33331daabf2a9422b8cb5c3e73ed8ba

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /5Lz/landings/209605/1618996856/css/style6b426b42.css?1618996856 HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: text/css
Last-Modified: Mon, 31 Oct 2022 10:04:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f9dab-463f"
Content-Encoding: gzip

gabist.live/5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js

159.223.153.123

200 OK

912 B

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
912 B (912 bytes)
Hash
9f47639e2e2f8cf12520056fdb427504
09b5c73229615bc6b5483dfc9795770b0256a39f
648d70b51cf48543e1f53afa4ab546633c380f7a5aafd8835144e3de8c27291f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /5Lz/landings/209605/1618996856/js/js.cockie.min6b42.js HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 10:04:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f9dac-896"
Content-Encoding: gzip

gabist.live/5Lz/landings/209605/1618996856/js/translate6b42.js

159.223.153.123

200 OK

544 B

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/js/translate6b42.js
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text
Size
544 B (544 bytes)
Hash
70c6773f9266737772527accf03c1e84
04e2528f0317316f2cc6fc436580b06fa1b050c3
7109ffebc8a20b34d1d187eb5ce62cb23f61bc9e867ab8bcf99a59b913e44eb1

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /5Lz/landings/209605/1618996856/js/translate6b42.js HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 10:04:29 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f9dad-485"
Content-Encoding: gzip

gabist.live/5Lz/landings/209605/1618996856/js/jquery.min6b42.js

159.223.153.123

200 OK

30 kB

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/js/jquery.min6b42.js
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
ASCII text, with very long lines (65451)
Size
30 kB (30351 bytes)
Hash
e713186118b655f653a2076385d83dab
827db9205bbbfe60c03fdee56429e69ad24e8a95
9e4dd4a79aa648dd171a65f4b492955c47a0078c5d0b21b61a1343493a2be450

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /5Lz/landings/209605/1618996856/js/jquery.min6b42.js HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: application/javascript
Last-Modified: Mon, 31 Oct 2022 10:04:28 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635f9dac-1538f"
Content-Encoding: gzip

gabist.live/5Lz/landings/209605/1618996856/images/ico_tray1.gif

159.223.153.123

200 OK

69 B

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/images/ico_tray1.gif
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 16 x 16\012- data
Size
69 B (69 bytes)
Hash
3ae573d079dcd1d2da4086f2c0c72c45
e7c9dabec81379373476ed23168dcecb9b8c56aa
9cce08ab28e94790cf78c87e37f8690acbc6c535e4b43ae7b38506b94538e107

HTTP Headers

GET /5Lz/landings/209605/1618996856/images/ico_tray1.gif HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/gif
Content-Length: 69
Last-Modified: Mon, 31 Oct 2022 10:04:28 GMT
Connection: keep-alive
ETag: "635f9dac-45"
Accept-Ranges: bytes

gabist.live/5Lz/img/icon-red.png

159.223.153.123

200 OK

1.7 kB

URL HTTP/1.1
gabist.live/5Lz/img/icon-red.png
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 40 x 45, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1709 bytes)
Hash
f460adcdcb62bffc8961d6681d5042be
a3c4fcb71daf78ab130938480ace7588ffa16194
c60d95afdfb06b36758c44ee23b82f5c5504f0119a2c86d83c990821e8f5cae6

HTTP Headers

GET /5Lz/img/icon-red.png HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/png
Content-Length: 1709
Last-Modified: Mon, 31 Oct 2022 10:02:54 GMT
Connection: keep-alive
ETag: "635f9d4e-6ad"
Accept-Ranges: bytes

gabist.live/5Lz/landings/209605/1618996856/images/ico_tray2.gif

159.223.153.123

200 OK

377 B

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/images/ico_tray2.gif
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 16 x 16\012- data
Size
377 B (377 bytes)
Hash
c10bdec858cb0cf9e6cc5865d5925746
697c095ed5509e5a5af0c5ebf2380662aeffc531
b65b47a79e32335d9ca35ff59c6975d2b5808f84da0db88d11ce777b33e72ad9

HTTP Headers

GET /5Lz/landings/209605/1618996856/images/ico_tray2.gif HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/gif
Content-Length: 377
Last-Modified: Mon, 31 Oct 2022 10:04:28 GMT
Connection: keep-alive
ETag: "635f9dac-179"
Accept-Ranges: bytes

gabist.live/5Lz/img/check.png

159.223.153.123

200 OK

5.8 kB

URL HTTP/1.1
gabist.live/5Lz/img/check.png
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 225 x 225, 8-bit/color RGBA, non-interlaced\012- data
Size
5.8 kB (5841 bytes)
Hash
a425e7ade9fb0610d08f22a7a24c25a2
a54a54d8635a1bcc61fd560c5bba3c1d0a7d668a
a06510b7d95a3914f53202e9180adedca40609cf659745413a3ebf56656d6770

HTTP Headers

GET /5Lz/img/check.png HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/png
Content-Length: 5841
Last-Modified: Mon, 31 Oct 2022 10:02:54 GMT
Connection: keep-alive
ETag: "635f9d4e-16d1"
Accept-Ranges: bytes

gabist.live/5Lz/img/icons.png

159.223.153.123

200 OK

1.8 kB

URL HTTP/1.1
gabist.live/5Lz/img/icons.png
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
PNG image data, 133 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1803 bytes)
Hash
098ead83906b13788c3cd6049416423b
e586a40c6206cc67307fadbaf2c9a9527643fff4
a9922226d840add9e161a5a8969aa52cbffad5e4e1bd29d252270bee2aaaa3c8

HTTP Headers

GET /5Lz/img/icons.png HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/png
Content-Length: 1803
Last-Modified: Mon, 31 Oct 2022 10:02:54 GMT
Connection: keep-alive
ETag: "635f9d4e-70b"
Accept-Ranges: bytes

gabist.live/5Lz/landings/209605/1618996856/images/ico_tray3.gif

159.223.153.123

200 OK

234 B

URL HTTP/1.1
gabist.live/5Lz/landings/209605/1618996856/images/ico_tray3.gif
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 16 x 16\012- data
Size
234 B (234 bytes)
Hash
9ce99ec458daf212f9812a90f3fadd13
9e3041bc91b79a17b52e0fbb6c2d0e2f905d98a1
b0d335401c9fd5fac9991ec92edaf7865ff3a491ebe390120936c69796c3b753

HTTP Headers

GET /5Lz/landings/209605/1618996856/images/ico_tray3.gif HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/gif
Content-Length: 234
Last-Modified: Mon, 31 Oct 2022 10:04:28 GMT
Connection: keep-alive
ETag: "635f9dac-ea"
Accept-Ranges: bytes

ocsp.pki.goog/s/gts1p5/xBT_Y8klV4Y

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/xBT_Y8klV4Y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b2e39b138bcdeaa2412dd3f4c0724b7
fca7e4a8a8f6772d06f4e4e60a19775cb2b28d03
7cbe28ee46794c6f006a85eba5a65c64b13a2fdf930e13a9f7ce5e73f2723c9e

HTTP Headers

POST /s/gts1p5/xBT_Y8klV4Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:07 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 31 Jan 2023 02:41:41 GMT
age: 626
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

gabist.live/5Lz/img/loading.gif

159.223.153.123

200 OK

35 kB

URL HTTP/1.1
gabist.live/5Lz/img/loading.gif
IP
159.223.153.123:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 480 x 480\012- data
Size
35 kB (34681 bytes)
Hash
479ee3502382e102acdb60f4e0549e9b
6956c8efc907230e81629b4d6b169ae6859546a3
ceac51e89a2561897de693334c894ca96baf30bd22ec01c2d941a798dd58a2d9

HTTP Headers

GET /5Lz/img/loading.gif HTTP/1.1
Host: gabist.live
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabist.live/5Lz/9.html?cep=N3FpHb784k9zxHOTv5UnQu72t2EPrw4Odsce-ygE4GWRfoYQxXM83JA0mPyTH0Sku1j0wjNDplNY1z4p-q3KsK0-p-JMdH6gheO6hvYqJwcZyNcWXqeciP64Me-kQdVxe_1OvkbDyX0ST0PIQh0nItVQ25K3Kw4xamg3jIqSQFynUme7p_QWXQVm4aqibdUDCrwVjzdMaGbNIGD9cuBfVkhOVJjmKNqfDAfNfSIq7FLb5MTsgEfYfBzToe7RBTGV4rABJa_iAe67eKLDo4qDvqhorzIG__LUysG8A2YX-XZu6XgTuizjOKYV5wlRhkbTFbrUkajLyS2CydGakRkT2h6PWI2iHQsFW0KJFSR7iIXr6BTKCdgDoulGOCURZ7uu&lptoken=1682755f13a1531b03b9

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 31 Jan 2023 02:52:07 GMT
Content-Type: image/gif
Content-Length: 34681
Last-Modified: Mon, 31 Oct 2022 10:02:54 GMT
Connection: keep-alive
ETag: "635f9d4e-8779"
Accept-Ranges: bytes

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6088
Expires: Tue, 31 Jan 2023 04:33:36 GMT
Date: Tue, 31 Jan 2023 02:52:08 GMT
Connection: keep-alive

ocsp.pki.goog/s/gts1p5/xBT_Y8klV4Y

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/s/gts1p5/xBT_Y8klV4Y
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
4b2e39b138bcdeaa2412dd3f4c0724b7
fca7e4a8a8f6772d06f4e4e60a19775cb2b28d03
7cbe28ee46794c6f006a85eba5a65c64b13a2fdf930e13a9f7ce5e73f2723c9e

HTTP Headers

POST /s/gts1p5/xBT_Y8klV4Y HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a5ff07b9b81cdf319f4a57d8d6dbbd6d
736ae15d0ed2068580d35a7cff8b33c0ec87af52
24406eda914ef8f78e1f60d6b54237ea6311f2fdf54b2b63647d84b397b41de0

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

translate.googleapis.com/translate_static/css/translateelement.css

142.250.74.42

200 OK

3.6 kB

URL HTTP/2
translate.googleapis.com/translate_static/css/translateelement.css
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (22967)
Size
3.6 kB (3632 bytes)
Hash
f7bf2121608909b56672e6398ac2335c
864ef3bac46b08ab6609fad23f00d5f09815647d
b9d3a8600d9b6edf9c71b793c42782282ecfb01e2026e0128608b949e91e152c

HTTP Headers

GET /translate_static/css/translateelement.css HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gabist.live/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 3632
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:29:57 GMT
expires: Tue, 31 Jan 2023 03:29:57 GMT
cache-control: public, max-age=3600
last-modified: Mon, 09 Jan 2023 20:58:00 GMT
content-type: text/css
age: 1331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main

142.250.74.42

200 OK

75 kB

URL HTTP/2
translate.googleapis.com/_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1622)
Size
75 kB (75400 bytes)
Hash
93705f618295a8c01d2c14ddbfd422fe
24696ec767a7ef8a41d2be36af9b679c2abab454
02a016cf6a3c4be2233c42e7dcc657a029bc9170da3397c8b93139d30f703ae6

HTTP Headers

GET /_/translate_http/_/js/k=translate_http.tr.no.YyskdsiEoiw.O/d=1/exm=el_conf/ed=1/rs=AN8SPfrOC7xxlHSStBnZbZdqheUGpkxWzA/m=el_main HTTP/1.1
Host: translate.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gabist.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/rosetta
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="rosetta"
report-to: {"group":"rosetta","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/rosetta"}]}
content-length: 75400
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 23:59:35 GMT
expires: Tue, 30 Jan 2024 23:59:35 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 25 Jan 2023 04:12:33 GMT
content-type: text/javascript; charset=UTF-8
age: 10353
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
40bac282ee9730b7a7fde839fcf58736
be00063ec5c760560f34663d0a6a9cad87cfebe4
45b83537d8621d3c4a7c046a9b78f6745977c359db2868d720f19dbb0eb80d3d

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

push.services.mozilla.com/

35.161.100.71

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.100.71:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 9ArRAtHAA2yoaurPNTMODg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Z77XPo8PeZCvd8q0hqLBFvCOKzs=

www.gstatic.com/images/branding/product/1x/translate_24dp.png

142.250.74.35

200 OK

846 B

URL HTTP/2
www.gstatic.com/images/branding/product/1x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
846 B (846 bytes)
Hash
e9cd262114358f26b7608b56905185dc
6dbde0a96deaab2b529723ce26c62043cf9180ab
5a861509b658aa24fc3aed2867ac3c061e7d818d90b9990959afc6d1b5d4ff99

HTTP Headers

GET /images/branding/product/1x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gabist.live/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 846
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 12:53:47 GMT
expires: Tue, 30 Jan 2024 12:53:47 GMT
cache-control: public, max-age=31536000
age: 50301
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

www.gstatic.com/images/branding/product/2x/translate_24dp.png

142.250.74.35

200 OK

1.8 kB

URL HTTP/2
www.gstatic.com/images/branding/product/2x/translate_24dp.png
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.8 kB (1842 bytes)
Hash
c69c796362406f9e11c7f4bf5bb628da
e489ce95ab56208090868882113d7416abf46775
4dac0026fbfa2615dce30c0af12830863fe885f84387a0147b9e338f548d5d82

HTTP Headers

GET /images/branding/product/2x/translate_24dp.png HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://translate.googleapis.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1842
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 16:07:41 GMT
expires: Tue, 30 Jan 2024 16:07:41 GMT
cache-control: public, max-age=31536000
age: 38667
last-modified: Thu, 14 Oct 2021 09:08:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
f075625a67cefc01c034a3c732ec8023
c3ef563fbf1cf30f75fc931f82426a0f859ccb6d
75ce941806680157fcca91d6074496cbbc7cdcf6da28fa35384273bf9a76d588

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 31 Jan 2023 02:52:08 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Tue, 31 Jan 2023 06:02:12 GMT
Date: Tue, 31 Jan 2023 02:52:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Tue, 31 Jan 2023 06:02:12 GMT
Date: Tue, 31 Jan 2023 02:52:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Tue, 31 Jan 2023 06:02:12 GMT
Date: Tue, 31 Jan 2023 02:52:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Tue, 31 Jan 2023 06:02:12 GMT
Date: Tue, 31 Jan 2023 02:52:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11403
Expires: Tue, 31 Jan 2023 06:02:12 GMT
Date: Tue, 31 Jan 2023 02:52:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9700 bytes)
Hash
1e575f4c5e3aa793f846cadc8baf386c
f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d
09a5bbe4fb7f23ee43228267f30c1ef0cd8747e515e01c963df0756b866f23ea

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd328471c-fc31-49a3-ae71-21d6171a8237.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 059475a7-d7de-4a44-9fc7-11fb24e201b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffB_9G8DIAMF64A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e399-57fea3031d1e93ec02308fac;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:10:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vzubP2I1xR5NF1amWIPiIlp6yPykWhz-CEbwDiJOs-eTWkTE-fvfjA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 04:12:11 GMT
age: 81598
etag: "f482a4e8e80ea5b6afc29e5cc1a9a2b8c2f0434d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (9987 bytes)
Hash
2c4934be94898028e2ab696561b51462
6cf734e2d29938688913daacfb75506d8e004a94
239adcbb538b7a6d1483c65c7694d4a9f9fa9cadf456ab5681c4b764185e3596

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F003f28f8-6845-4b0d-8d8d-11c9deea4eaf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 67109f87-6073-4991-b540-cdeedc2d7b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flYlPF9uIAMFXMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86e21-60ac2c7b37c72e6e54a5c69d;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:25:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hDjKAMYoVwHdCqS8t08PrWyfQQLiWaosXbi3FOJY8BeV0yAFCGziGw==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:58:16 GMT
age: 3233
etag: "6cf734e2d29938688913daacfb75506d8e004a94"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.8 kB (6844 bytes)
Hash
976dda397f9292a498ca9db5599c0378
dad9e9c3462907a2475046aee36d57f8309cd44e
7ed9ccf2ff75ca53f5ba56a1d2127e0f09b0ae941cad8b042e8df01ad01e614b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F43ae4cd9-2533-48ae-8086-f8fea8a4e269.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6844
x-amzn-requestid: 0542cf46-5045-459f-a35f-f6c0d3f5f7b7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: flZsxH0YIAMF9ew=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d86feb-692d50f710a131df2ee49aa8;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 01:33:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 6bbFjAsd03GN8zzBnAFBm7xA8igZ_xHJsOHzw7nwNgRxiWUDLPGjpQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 01:53:29 GMT
age: 3520
etag: "dad9e9c3462907a2475046aee36d57f8309cd44e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
13 kB (12906 bytes)
Hash
cbc9f50b0a96fb69fa2e948aa3125413
e7f13a6e81263e73ac5777959d63b567f50848d5
2e3411687a31211dbf0aa732f8d93a3c5a4748afb264e695d36782700c8e8b5d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3acb4fe3-f1dd-417b-ac1c-9269bcff18d1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12906
x-amzn-requestid: 4d09cdf1-2b4b-4f72-a313-caf6660774d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLoHaHIAMF1uQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22717-7074bd5202e3aced21ac49e3;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ZkPnGMNVHQUSKvsqXZajTFA6FiOiZvSXHU6QN8zbCrSXKKmSdCWVqQ==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:47:13 GMT
age: 14696
etag: "e7f13a6e81263e73ac5777959d63b567f50848d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11129 bytes)
Hash
2797bfd35b7ec24888de84be14f7f2ec
8e315ac5856967286eaa8769e081d827fb4ca39e
b99f3bd73eb4395194bc7bb6a1b801750182239e5b70f3207f99e494b60b72ab

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67cbd807-4e92-4ddb-a8c5-864884d25e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11129
x-amzn-requestid: 74f2a4dd-7d5d-4839-90a8-d2e74f6d785d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffDBZGRPoAMFedg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e53b-3de444596550bb41188ada5b;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:17:15 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: lJril-pCQ3MCMoVEFu3kmDuv4T1ABYMFJTuC5dbwxGe1_ydrbUkt8Q==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 03:40:12 GMT
age: 83517
etag: "8e315ac5856967286eaa8769e081d827fb4ca39e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9600 bytes)
Hash
3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: v9Wphg34UGE5kkZ9RKBcphcpPuCn54oVyepzTW5rZ3J9nkL9J501PA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 22:03:23 GMT
age: 17326
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

translate.google.com/translate_a/element.js?cb=googleTranslateElementInit

216.58.211.14

200 OK

0 B

URL HTTP/2
translate.google.com/translate_a/element.js?cb=googleTranslateElementInit
IP
216.58.211.14:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /translate_a/element.js?cb=googleTranslateElementInit HTTP/1.1
Host: translate.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://gabist.live/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Tue, 31 Jan 2023 02:52:08 GMT
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: CONSENT=PENDING+873; expires=Thu, 30-Jan-2025 02:52:08 GMT; path=/; domain=.google.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

threatdetect.org/fonts/?font=aHR0cDovL2dhYmlzdC5saXZlLzVMei85Lmh0bWw/Y2VwPU4zRnBIYjc4NGs5enhIT1R2NVVuUXU3MnQyRVBydzRPZHNjZS15Z0U0R1dSZm9ZUXhYTTgzSkEwbVB5VEgwU2t1MWowd2pORHBsTlkxejRwLXEzS3NLMC1wLUpNZEg2Z2hlTzZodllxSndjWnlOY1dYcWVjaVA2NE1lLWtRZFZ4ZV8xT3ZrYkR5WDBTVDBQSVFoMG5JdFZRMjVLM0t3NHhhbWczaklxU1FGeW5VbWU3cF9RV1hRVm00YXFpYmRVRENyd1ZqemRNYUdiTklHRDljdUJmVmtoT1ZKam1LTnFmREFmTmZTSXE3RkxiNU1Uc2dFZllmQnpUb2U3UkJUR1Y0ckFCSmFfaUFlNjdlS0xEbzRxRHZxaG9yeklHX19MVXlzRzhBMllYLVhadTZYZ1R1aXpqT0tZVjV3bFJoa2JURmJyVWthakx5UzJDeWRHYWtSa1QyaDZQV0kyaUhRc0ZXMEtKRlNSN2lJWHI2QlRLQ2RnRG91bEdPQ1VSWjd1dSZscHRva2VuPTE2ODI3NTVmMTNhMTUzMWIwM2I5

188.114.96.1

200 OK

0 B

URL HTTP/2
threatdetect.org/fonts/?font=aHR0cDovL2dhYmlzdC5saXZlLzVMei85Lmh0bWw/Y2VwPU4zRnBIYjc4NGs5enhIT1R2NVVuUXU3MnQyRVBydzRPZHNjZS15Z0U0R1dSZm9ZUXhYTTgzSkEwbVB5VEgwU2t1MWowd2pORHBsTlkxejRwLXEzS3NLMC1wLUpNZEg2Z2hlTzZodllxSndjWnlOY1dYcWVjaVA2NE1lLWtRZFZ4ZV8xT3ZrYkR5WDBTVDBQSVFoMG5JdFZRMjVLM0t3NHhhbWczaklxU1FGeW5VbWU3cF9RV1hRVm00YXFpYmRVRENyd1ZqemRNYUdiTklHRDljdUJmVmtoT1ZKam1LTnFmREFmTmZTSXE3RkxiNU1Uc2dFZllmQnpUb2U3UkJUR1Y0ckFCSmFfaUFlNjdlS0xEbzRxRHZxaG9yeklHX19MVXlzRzhBMllYLVhadTZYZ1R1aXpqT0tZVjV3bFJoa2JURmJyVWthakx5UzJDeWRHYWtSa1QyaDZQV0kyaUhRc0ZXMEtKRlNSN2lJWHI2QlRLQ2RnRG91bEdPQ1VSWjd1dSZscHRva2VuPTE2ODI3NTVmMTNhMTUzMWIwM2I5
IP
188.114.96.1:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /fonts/?font=aHR0cDovL2dhYmlzdC5saXZlLzVMei85Lmh0bWw/Y2VwPU4zRnBIYjc4NGs5enhIT1R2NVVuUXU3MnQyRVBydzRPZHNjZS15Z0U0R1dSZm9ZUXhYTTgzSkEwbVB5VEgwU2t1MWowd2pORHBsTlkxejRwLXEzS3NLMC1wLUpNZEg2Z2hlTzZodllxSndjWnlOY1dYcWVjaVA2NE1lLWtRZFZ4ZV8xT3ZrYkR5WDBTVDBQSVFoMG5JdFZRMjVLM0t3NHhhbWczaklxU1FGeW5VbWU3cF9RV1hRVm00YXFpYmRVRENyd1ZqemRNYUdiTklHRDljdUJmVmtoT1ZKam1LTnFmREFmTmZTSXE3RkxiNU1Uc2dFZllmQnpUb2U3UkJUR1Y0ckFCSmFfaUFlNjdlS0xEbzRxRHZxaG9yeklHX19MVXlzRzhBMllYLVhadTZYZ1R1aXpqT0tZVjV3bFJoa2JURmJyVWthakx5UzJDeWRHYWtSa1QyaDZQV0kyaUhRc0ZXMEtKRlNSN2lJWHI2QlRLQ2RnRG91bEdPQ1VSWjd1dSZscHRva2VuPTE2ODI3NTVmMTNhMTUzMWIwM2I5 HTTP/1.1
Host: threatdetect.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://gabist.live
Connection: keep-alive
Referer: http://gabist.live/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 31 Jan 2023 02:52:07 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H890Rqzts8rA7aiUE7024OP8o9Bf2%2BUGrDm1nA4VJS9ODtBryxju2pLBOua%2FRTi%2BsMBSurWYWp%2B0LMQkEXxJZ3LdC1EFTs05WPdoBr5OQedROYSH6fqoON5ke24yGo2eKtC9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 791f2645290e0b39-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL