urlquery - report: gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
firefox.settings.services.mozilla.com (2)	867	2020-05-27 20:08:30 UTC	2022-10-01 15:00:41 UTC	13.224.103.25
r3.o.lencr.org (6)	344	2020-12-02 08:52:13 UTC	2022-10-01 04:59:16 UTC	23.36.77.32
contile.services.mozilla.com (1)	1114	2021-05-27 18:32:35 UTC	2022-10-01 05:00:18 UTC	34.117.237.239
ajax.googleapis.com (1)	12905	2013-06-10 06:53:41 UTC	2022-10-01 21:01:30 UTC	142.250.74.106
code.jquery.com (1)	634	2012-05-21 17:28:02 UTC	2022-10-01 05:11:01 UTC	69.16.175.42
gzybl13.com (16)	0	2022-09-14 15:07:23 UTC	2022-10-01 18:34:43 UTC	121.42.94.163	Unknown ranking
ipinfo.io (2)	8136	2015-02-06 06:58:53 UTC	2022-10-01 13:13:16 UTC	34.117.59.81
ocsp.pki.goog (2)	175	2017-06-14 07:23:31 UTC	2022-10-01 04:58:47 UTC	142.250.74.3
cdn.jsdelivr.net (2)	439	2012-09-30 00:15:09 UTC	2022-10-01 04:58:51 UTC	151.101.85.229
ocsp.globalsign.com (1)	2075	2012-05-25 06:20:55 UTC	2022-10-01 05:00:56 UTC	104.18.21.226
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03 12:26:46 UTC	2022-10-01 05:17:12 UTC	13.224.103.45
ocsp.digicert.com (1)	86	2012-05-21 07:02:23 UTC	2022-10-01 14:14:43 UTC	93.184.220.29
img-getpocket.cdn.mozilla.net (6)	1631	2017-09-01 03:40:57 UTC	2022-10-01 14:59:59 UTC	34.120.237.76
push.services.mozilla.com (1)	2140	2015-09-03 10:29:36 UTC	2022-10-01 05:28:34 UTC	44.242.32.27

Scan Date	Severity	Indicator	Comment
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/js.cookie.js	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/jquery-lang.js	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/default-274a65bae9742377a (...)	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/load.php	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_head.html	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_footer.html	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/langpack/en.json	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/iconfont-e7bece496cd0e6d6 (...)	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/default-815fcbb4d2c579017 (...)	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/default-3e828e80f6e985c35 (...)	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_track.html	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/jquery.validate.min.js	Phishing
2022-10-01	2	gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/default-5a6dd86f272b304a8 (...)	Phishing

Date	UQ / IDS / BL	URL	IP
2022-10-01 23:16:28 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/cca1aa (...)	121.42.94.163
2022-10-01 22:53:35 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/90e069 (...)	121.42.94.163
2022-10-01 22:52:43 +0000	7 - 0 - 14	gzybl13.com/vendor/sebastian/diff/bana/8db71c (...)	121.42.94.163
2022-10-01 22:52:27 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/7dc89f (...)	121.42.94.163
2022-10-01 22:21:05 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/f47529 (...)	121.42.94.163

Date	UQ / IDS / BL	URL	IP
2023-01-29 18:53:58 +0000	0 - 0 - 1	files.cnblogs.com/files/MACLEO/D-CF5ZE2.ZIP	47.110.20.149
2023-01-29 18:53:54 +0000	0 - 0 - 1	files.cnblogs.com/files/allyesno/dedeexp.rar	47.110.20.149
2023-01-29 18:53:53 +0000	0 - 0 - 2	files.cnblogs.com/files/soli/whole.tomato.vis (...)	47.110.20.149
2023-01-29 18:31:23 +0000	0 - 1 - 3	jcedu.org/ebook/cs17.exe	47.100.62.130
2023-01-29 18:21:58 +0000	0 - 1 - 1	soft.110route.com/PAETools.exe	39.106.158.243

Date	UQ / IDS / BL	URL	IP
2022-10-01 23:16:28 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/cca1aa (...)	121.42.94.163
2022-10-01 22:53:35 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/90e069 (...)	121.42.94.163
2022-10-01 22:52:43 +0000	7 - 0 - 14	gzybl13.com/vendor/sebastian/diff/bana/8db71c (...)	121.42.94.163
2022-10-01 22:52:27 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/7dc89f (...)	121.42.94.163
2022-10-01 22:21:05 +0000	6 - 0 - 13	gzybl13.com/vendor/sebastian/diff/bana/f47529 (...)	121.42.94.163

Date	UQ / IDS / BL	URL	IP
2023-01-29 19:46:17 +0000	34 - 1 - 15	www.ndnmag.fr/en/58beb503b68fb12161a43f2c4b43 (...)	46.182.4.120
2023-01-29 18:53:46 +0000	32 - 0 - 14	www.ndnmag.fr/en/09905792936f1deb18f47db204ea (...)	46.182.4.120
2023-01-29 18:35:48 +0000	34 - 1 - 16	www.ndnmag.fr/en/a0239a4daf50402b14b2d597de66 (...)	46.182.4.120
2023-01-29 18:35:44 +0000	34 - 0 - 16	www.ndnmag.fr/en/f13c86b8414e28c33f9e447b91ec (...)	46.182.4.120
2023-01-29 18:35:44 +0000	34 - 0 - 16	www.ndnmag.fr/en/b39220da92c4125d2db7447673f0 (...)	46.182.4.120

Request	Response
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 13.224.103.25 HASH: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551 13.224.103.25 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 939 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert Cache-Control: max-age=3600 Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Date: Sat, 01 Oct 2022 21:59:10 GMT X-Content-Type-Options: nosniff X-Cache: Hit from cloudfront Via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ZRH50-C1 X-Amz-Cf-Id: NRiR6GUq_8VUrBbhZ2m_i1LKKUY-AaneDjIaAb8TG7pOBuui42ieVg== Age: 1305 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 2d12f67fe57a87e7366b662d153a5582 Sha1: d7b02d81cc74f24a251d9363e0f4b0a149264ec1 Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: eb128aec099dbf1919ee5d965221e904ad3a2162583683cec44518640b505447 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2536 Expires: Sat, 01 Oct 2022 23:03:11 GMT Date: Sat, 01 Oct 2022 22:20:55 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 24cdc937930ac2ef9c8f46ba1deabcc5 Sha1: 397417929951bf20f235d5f91510163ac213dc71 Sha256: eb128aec099dbf1919ee5d965221e904ad3a2162583683cec44518640b505447
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 13.224.103.45 HASH: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770 13.224.103.45 HTTP/2 200 OK content-type: binary/octet-stream content-length: 5348 last-modified: Sat, 10 Sep 2022 18:47:45 GMT content-disposition: attachment accept-ranges: bytes server: AmazonS3 date: Sat, 01 Oct 2022 05:28:28 GMT etag: "6113f8408c59aebe188d6af273b90743" x-cache: Hit from cloudfront via: 1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront) x-amz-cf-pop: ZRH50-C1 x-amz-cf-id: ZkURzFuLj74pqt3D3af7ljWRxMH6iQaf7xHZWMryFouY0kdD-N-AMA== age: 60748 X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 6113f8408c59aebe188d6af273b90743 Sha1: 7398873bf00f99944eaa77ad3ebc0d43c23dba6b Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 01 Oct 2022 22:20:55 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 13.224.103.25 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 13.224.103.25 HTTP/1.1 200 OK Content-Type: application/json Content-Length: 329 Connection: keep-alive Access-Control-Allow-Origin: * Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT X-Content-Type-Options: nosniff Cache-Control: max-age=3600, max-age=3600 Date: Sat, 01 Oct 2022 21:29:33 GMT Expires: Sat, 01 Oct 2022 22:25:22 GMT ETag: "1648230346554" X-Cache: Hit from cloudfront Via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) X-Amz-Cf-Pop: ZRH50-C1 X-Amz-Cf-Id: Ka4tlXHI_mteFvQXIYsNNnkt1oHG_zVl3EKxRlU2hgvh9ofDKQH-Qg== Age: 3082 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: langCookie=en Upgrade-Insecure-Requests: 1	URL: gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf1 (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: b33e199645f50f4a637971e4a59746df19a8b9abf44e731f24d7e78bb9048d5d 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 01 Oct 2022 22:20:56 GMT Server: Apache Last-Modified: Wed, 21 Sep 2022 04:43:32 GMT ETag: "28a023c-1f52-5e9289641ad2c" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 1782 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators Size: 1782 Md5: 6b93961fcf4afedb697680d1abf1cf33 Sha1: 025249a0f6d1fc3192abec4f8f4c089a121534cd Sha256: b33e199645f50f4a637971e4a59746df19a8b9abf44e731f24d7e78bb9048d5d Alerts: urlquery: - Phishing - DHL
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 36282e09bb25caf3d7350c4bee485cb87947aabc7d7409169caf15c2e75d8b7d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 5492 Cache-Control: 'max-age=158059' Date: Sat, 01 Oct 2022 22:20:56 GMT Last-Modified: Sat, 01 Oct 2022 20:49:24 GMT Server: ECS (ska/F70C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 829e839c217bf861b8cf90c8d636f510 Sha1: 459714fcf0d374bdc078ef59d122d59bf9312c5f Sha256: 36282e09bb25caf3d7350c4bee485cb87947aabc7d7409169caf15c2e75d8b7d
GET /ajax/libs/jquery/1.10.2/jquery.min.js HTTP/1.1 Host: ajax.googleapis.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/	URL: ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js FQDN: ajax.googleapis.com IP: 142.250.74.106 HASH: 65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd 142.250.74.106 HTTP/1.1 200 OK Content-Type: text/javascript; charset=UTF-8 Accept-Ranges: bytes Vary: Accept-Encoding Content-Encoding: gzip Access-Control-Allow-Origin: * Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers Cross-Origin-Resource-Policy: cross-origin Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers" Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]} Timing-Allow-Origin: * Content-Length: 32954 X-Content-Type-Options: nosniff Server: sffe X-XSS-Protection: 0 Date: Sat, 01 Oct 2022 12:17:57 GMT Expires: Sun, 01 Oct 2023 12:17:57 GMT Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000 Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT Age: 36179 --- Additional Info --- Magic: ASCII text, with very long lines (32072) Size: 32954 Md5: d38e2944bbc9ae54b8947a2bd0b9a932 Sha1: 782a825679b248d38979c2d7ecae257873344437 Sha256: 65a0917567cb7037612cf420629873f2f3594d2e741aaadf90d893d07d8f5fdd
GET /jquery-3.5.1.min.js HTTP/1.1 Host: code.jquery.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://gzybl13.com Connection: keep-alive Referer: http://gzybl13.com/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: code.jquery.com/jquery-3.5.1.min.js FQDN: code.jquery.com IP: 69.16.175.42 HASH: fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e 69.16.175.42 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 date: Sat, 01 Oct 2022 22:20:56 GMT content-encoding: gzip content-length: 30879 last-modified: Fri, 20 Aug 2021 17:47:53 GMT accept-ranges: bytes server: nginx etag: W/"611feac9-15d84" cache-control: max-age=315360000, public access-control-allow-origin: * vary: Accept-Encoding x-hw: 1664662856.dop218.sk1.t,1664662856.cds227.sk1.hn,1664662856.cds208.sk1.c X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (65451) Size: 30879 Md5: 3700d0b271343804b9b9aa1c13efa521 Sha1: 3d6b03dbd74872ca3dfbb0529f6c80943788f918 Sha256: fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e
GET /vendor/sebastian/diff/bana/dist/js.cookie.js HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/js.cookie.js FQDN: gzybl13.com IP: 121.42.94.163 HASH: d234097e1e7a6e22fa09f7684577c07c861c77485105a1d74daa90646c1d47a7 121.42.94.163 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 01 Oct 2022 22:20:56 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421066-d60-5e81d8492cc0d" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 1387 Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 1387 Md5: bc8cc9c688c4d556936a7fa6ec6fbe12 Sha1: 7c3a045a0256e758345d82062b9d08c6a4d97d2a Sha256: d234097e1e7a6e22fa09f7684577c07c861c77485105a1d74daa90646c1d47a7 Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: p7mtoT7aBNTOw3w07OGCVQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 44.242.32.27 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 44.242.32.27 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: 84gQXfxoUed6MQuRvLNjeeXrN1I= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vendor/sebastian/diff/bana/dist/jquery-lang.js HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/jquery-lang.js FQDN: gzybl13.com IP: 121.42.94.163 HASH: 50b74f02b7f4852ea8afdf518a07bb264480821da537d26d5fe7dffd5c62ca2f 121.42.94.163 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 01 Oct 2022 22:20:57 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421061-6c2d-5e81d8492c825" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 7000 Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: ASCII text Size: 7000 Md5: 1c1917fafff89489f105f5d8427e6ef5 Sha1: f6fb0efe5340fb45aeeb5550c1811e8c46cf79fa Sha256: 50b74f02b7f4852ea8afdf518a07bb264480821da537d26d5fe7dffd5c62ca2f Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8349 Expires: Sun, 02 Oct 2022 00:40:06 GMT Date: Sat, 01 Oct 2022 22:20:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5e503471cc78b95c0a3e75785615e5f Sha1: 145b1e4d850c145a78577b5d7d4fadae9658d7a4 Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8349 Expires: Sun, 02 Oct 2022 00:40:06 GMT Date: Sat, 01 Oct 2022 22:20:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5e503471cc78b95c0a3e75785615e5f Sha1: 145b1e4d850c145a78577b5d7d4fadae9658d7a4 Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8349 Expires: Sun, 02 Oct 2022 00:40:06 GMT Date: Sat, 01 Oct 2022 22:20:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5e503471cc78b95c0a3e75785615e5f Sha1: 145b1e4d850c145a78577b5d7d4fadae9658d7a4 Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8349 Expires: Sun, 02 Oct 2022 00:40:06 GMT Date: Sat, 01 Oct 2022 22:20:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5e503471cc78b95c0a3e75785615e5f Sha1: 145b1e4d850c145a78577b5d7d4fadae9658d7a4 Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.77.32 HASH: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4 23.36.77.32 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8349 Expires: Sun, 02 Oct 2022 00:40:06 GMT Date: Sat, 01 Oct 2022 22:20:57 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: f5e503471cc78b95c0a3e75785615e5f Sha1: 145b1e4d850c145a78577b5d7d4fadae9658d7a4 Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fccb5f775-a073-47ba-b076-ad1c96659b64.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 11083 x-amzn-requestid: 53e2c961-bcc0-4977-8648-ee3c1aed9cde x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWEHRFWfIAMFhlA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338b3c7-070212d7386d5efa1b4aa8d3;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 21:40:23 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: Z1KmxHJh9QNfg5x0enkqOjbmiqHvg7nlQiMnuDuCRNWQUBFEiKELbw== via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 21:53:35 GMT etag: "d63b6ba630736d32c364b0e6a369274b2389b7ff" age: 1642 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 11083 Md5: edded48f558f739287a040151349ef67 Sha1: d63b6ba630736d32c364b0e6a369274b2389b7ff Sha256: 33b4a459df0ba7b36b907ba96d74e08660cc75640c42a5748b97d18ec2e9d533
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9600 x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWDgmFdlIAMFzQA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w== via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 21:54:50 GMT etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38" age: 1567 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9600 Md5: 11f2e40823827b62bca89d18ee279cb2 Sha1: fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38 Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61a78142-79d3-492f-a1bc-8f9016d71e67.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: b7565d1a9f6d33b9eb4be756b082a1e88995c52dfa21f275695dac19855031c7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 15343 x-amzn-requestid: e35696b7-7437-4e65-b85a-091af1ef744f x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWDpnF7_IAMF29Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338b30a-46f1951a226c39771f5fccb4;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT x-amz-cf-pop: SEA73-P2, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ootuzanDDyYWbZ9Vwsyn5G5r-4l59DJsqc0j2kHchPfuX2X6IEAqpQ== via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 21:47:13 GMT age: 2024 etag: "0b6247645b3a1637717bb7ee83ce0771dce84546" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 15343 Md5: 062b1abd4238d4d895b664802ab04547 Sha1: 0b6247645b3a1637717bb7ee83ce0771dce84546 Sha256: b7565d1a9f6d33b9eb4be756b082a1e88995c52dfa21f275695dac19855031c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6315 x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZPnunF35oAMFYbg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0 x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: F3fk5JnJ9ZFNPan-8DuLb4kuTiYKfniBar3qNlsuqd8a0saW3sEGvQ== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 04:41:31 GMT age: 63566 etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6315 Md5: 206fb65e75dbadf119512f71e0b78402 Sha1: 58ff0bf8ce7528b303d28bab01a80ad721705569 Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4230b0ca-f194-4ba4-bdd1-69ebd8421799.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 38018ebad5d3ad8ad02c5bc732d0879a3275c28795e9dc141e35f673a03ce349 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6942 x-amzn-requestid: 312f14b3-7734-4013-a652-1e0132f247eb x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWDpnGewIAMF_1Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338b30a-49ec997d74e55c63500e960f;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Miss from cloudfront x-amz-cf-id: wowfOaUJdM-_XK1Tp8R6ItYDYUfRUmWLEyUhvfcLK6WHGzSw_1_vtw== via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 21:52:27 GMT age: 1710 etag: "335a691d7ca92b74a69c349d7a25a8a15dbda5c8" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6942 Md5: 91c3d94a9442b6a9c2103c8cda90ddcd Sha1: 335a691d7ca92b74a69c349d7a25a8a15dbda5c8 Sha256: 38018ebad5d3ad8ad02c5bc732d0879a3275c28795e9dc141e35f673a03ce349
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6101 x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: ZWDpnFumIAMFoEg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0 x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT x-amz-cf-pop: HIO50-C1, SEA73-P1 x-cache: Hit from cloudfront x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg== via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google date: Sat, 01 Oct 2022 21:55:55 GMT age: 1502 etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6101 Md5: e711c6bf0d0808f0b5c57b80916eba4d Sha1: 36c8dcdfdc2c59246ba9d999ddffd5387f68155e Sha256: e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25
GET /vendor/sebastian/diff/bana/dist/dhl.css HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css FQDN: gzybl13.com IP: 121.42.94.163 HASH: 4ebc8985f17f3baf5683617c7854fd2132e952ca17ca83312685c7eb0e5d7c54 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/css Date: Sat, 01 Oct 2022 22:20:56 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421056-15b189-5e81d8492b0b5" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Keep-Alive: timeout=15, max=300 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (1148), with CRLF line terminators Size: 314756 Md5: 91bb51af984823aa997a73805a14c17a Sha1: 3e466647149a7c376f7df1fc9d921571eac24c9d Sha256: 4ebc8985f17f3baf5683617c7854fd2132e952ca17ca83312685c7eb0e5d7c54
GET /vendor/sebastian/diff/bana/dist/favicon.ico HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/favicon.ico FQDN: gzybl13.com IP: 121.42.94.163 HASH: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e 121.42.94.163 HTTP/1.1 200 OK Content-Type: image/x-icon Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "242105c-47e-5e81d8492b49d" Accept-Ranges: bytes Content-Length: 1150 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Size: 1150 Md5: d8106bf3a1d00ab43b01e6e3c92500eb Sha1: 202b5e8654ab1b28351378293bca3b9d844cc29b Sha256: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
GET /vendor/sebastian/diff/bana/dist/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/defau (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: 5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/plain Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2443059-a07c-5e81d8492bc6d" Accept-Ranges: bytes Content-Length: 41084 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 41084, version 1.66\012- data Size: 41084 Md5: 03f859bf58e4d37841070de34be7d978 Sha1: 3436d4fa17e7ee470c3d62b08787cfa7de408408 Sha256: 5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940 Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/load.php HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/load.php FQDN: gzybl13.com IP: 121.42.94.163 HASH: 0d2d38ee6854230889d7e258fff29e7878cd1407ca222fb4b859863579ab9507 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Vary: User-Agent,Accept-Encoding Content-Encoding: gzip Content-Length: 1096 Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: HTML document, ASCII text, with CRLF line terminators Size: 1096 Md5: 443278ad17f9fe35fcaf6044308d9762 Sha1: 0b1b47ec66fff41259da13c19283b366c6f39e29 Sha256: 0d2d38ee6854230889d7e258fff29e7878cd1407ca222fb4b859863579ab9507 Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/DHL_head.html HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_head.html FQDN: gzybl13.com IP: 121.42.94.163 HASH: 3e87d6aac316578b0c3ee6a1e4dcb51a03cf97146896e94a421c36da027f797f 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421058-2cb7-5e81d8492b0b5" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 3110 Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (1836) Size: 3110 Md5: 0f20c23d9a6f196d80806ed8f45a1034 Sha1: d3ffb719f856333ac01886c8f9dacb2467c7df78 Sha256: 3e87d6aac316578b0c3ee6a1e4dcb51a03cf97146896e94a421c36da027f797f Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/DHL_footer.html HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_footer.html FQDN: gzybl13.com IP: 121.42.94.163 HASH: aebdf87856c1666bd33d7b4135380b7a3593d11cada6d62682f5bf27790c04d8 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421057-3c2f-5e81d8492b0b5" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 6053 Keep-Alive: timeout=15, max=298 Connection: Keep-Alive --- Additional Info --- Magic: exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (2591) Size: 6053 Md5: e45471c894fc4dac290da5a886d216b7 Sha1: f064f191fd83000073053213acb364d0600b52aa Sha256: aebdf87856c1666bd33d7b4135380b7a3593d11cada6d62682f5bf27790c04d8 Alerts: Blocklists: - fortinet: Phishing
GET /country HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://gzybl13.com/ Origin: http://gzybl13.com Connection: keep-alive	URL: ipinfo.io/country FQDN: ipinfo.io IP: 34.117.59.81 HASH: 76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0 34.117.59.81 HTTP/1.1 302 Found content-type: text/plain; charset=utf-8 access-control-allow-origin: * location: https://ipinfo.io/country vary: Accept, Accept-Encoding date: Sat, 01 Oct 2022 22:20:59 GMT x-envoy-upstream-service-time: 1 strict-transport-security: max-age=2592000; includeSubDomains content-encoding: gzip transfer-encoding: chunked Via: 1.1 google --- Additional Info --- Magic: ASCII text, with no line terminators Size: 72 Md5: b79f12127b13f3298b65130f55033eea Sha1: 0c5df3d4734c5d754f78df4dd08f329ce38ab901 Sha256: 76d7f55bf215f2132f41391f47b4efd048f7c3b61db2b650e2a0a9b4a02d79f0
POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: f1d812f00bef48ee18f7f9a53f976ca0c8ccab6bab6f84e23d4acacf457acc08 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 22:20:59 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 292ce37b593ce3c3ec7c0af26bfba179 Sha1: 96394b63a1af6edd4087a423e0a16b54fc23597b Sha256: f1d812f00bef48ee18f7f9a53f976ca0c8ccab6bab6f84e23d4acacf457acc08
GET /vendor/sebastian/diff/bana/dist/langpack/en.json HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/langpack/en.json FQDN: gzybl13.com IP: 121.42.94.163 HASH: 86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3 121.42.94.163 HTTP/1.1 200 OK Content-Type: application/json Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "24600f3-202-5e81d8492dbad" Accept-Ranges: bytes Content-Length: 514 Vary: User-Agent Keep-Alive: timeout=15, max=297 Connection: Keep-Alive --- Additional Info --- Magic: JSON data\012- , ASCII text Size: 514 Md5: e5111c3d242107acc93f71f9c9182079 Sha1: c648da6b0a6c4f9b89dbee1027cf9a7be36217ca Sha256: 86f9abd216bc64ead1404975e2b6132aebc42ebd106e5be0f660b7e5852051a3 Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/iconf (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: 6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/plain Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2443064-2464-5e81d8492c43d" Accept-Ranges: bytes Content-Length: 9316 Vary: User-Agent Keep-Alive: timeout=15, max=297 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 9316, version 1.0\012- data Size: 9316 Md5: 9355df62a665ef9249036bbccad8c54c Sha1: 6b7779a10187a1a7473f604fbe3db96350868c6a Sha256: 6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807 Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 Host: ocsp.pki.goog User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 84 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.pki.goog/s/gts1d4/5QlTZKzjgCw FQDN: ocsp.pki.goog IP: 142.250.74.3 HASH: f1d812f00bef48ee18f7f9a53f976ca0c8ccab6bab6f84e23d4acacf457acc08 142.250.74.3 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 22:20:59 GMT Cache-Control: public, max-age=14400 Server: scaffolding on HTTPServer2 Content-Length: 472 X-XSS-Protection: 0 X-Frame-Options: SAMEORIGIN --- Additional Info --- Magic: data Size: 472 Md5: 292ce37b593ce3c3ec7c0af26bfba179 Sha1: 96394b63a1af6edd4087a423e0a16b54fc23597b Sha256: f1d812f00bef48ee18f7f9a53f976ca0c8ccab6bab6f84e23d4acacf457acc08
GET /vendor/sebastian/diff/bana/dist/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/defau (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: 19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/plain Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2443063-a170-5e81d8492c055" Accept-Ranges: bytes Content-Length: 41328 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 41328, version 1.66\012- data Size: 41328 Md5: e39bd2e2657ce5dd6f9c33df18529233 Sha1: 6db81ebb91bfa67cef8f2f870f03046150568799 Sha256: 19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383 Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/defau (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: 87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/plain Date: Sat, 01 Oct 2022 22:20:59 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2443061-ace4-5e81d8492c055" Accept-Ranges: bytes Content-Length: 44260 Vary: User-Agent Keep-Alive: timeout=15, max=300 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 44260, version 1.66\012- data Size: 44260 Md5: 4a350e02a03ac62e72e9ea575b31ce84 Sha1: d47b03b96b6e7034a1473a293bb594e597a41dc2 Sha256: 87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5 Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/DHL_track.html HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/html, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/DHL_track.html FQDN: gzybl13.com IP: 121.42.94.163 HASH: 809a2807c641ba62a321e81b256bd9b3f7cb89793c3a579f5c2f8388c3c61f7e 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/html Date: Sat, 01 Oct 2022 22:21:01 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "242105b-1952-5e81d8492b49d" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 2376 Keep-Alive: timeout=15, max=296 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (356) Size: 2376 Md5: c53f5d4aa2db91c1ed65876d9abbafd8 Sha1: 5a9a36799ec58afb17711e9fcfbe61e8bbf8757a Sha256: 809a2807c641ba62a321e81b256bd9b3f7cb89793c3a579f5c2f8388c3c61f7e Alerts: Blocklists: - fortinet: Phishing
GET /vendor/sebastian/diff/bana/dist/jquery.validate.min.js HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, /; q=0.01 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/jquery.vali (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: d88829113f706278062864700f82a7b55756af1c0ba4be724122c78fe3fc37fe 121.42.94.163 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 01 Oct 2022 22:21:01 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2421065-5f38-5e81d8492cc0d" Accept-Ranges: bytes Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Content-Length: 7815 Keep-Alive: timeout=15, max=295 Connection: Keep-Alive --- Additional Info --- Magic: Unicode text, UTF-8 text, with very long lines (24237) Size: 7815 Md5: 733b253cf585468481e2a1d19b517fc2 Sha1: bd1c201faf6ff53a44b19e2ef8f6a18b6a36141b Sha256: d88829113f706278062864700f82a7b55756af1c0ba4be724122c78fe3fc37fe Alerts: Blocklists: - fortinet: Phishing
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://gzybl13.com/	URL: cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js FQDN: cdn.jsdelivr.net IP: 151.101.85.229 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 151.101.85.229 HTTP/1.1 301 Moved Permanently Connection: close Content-Length: 0 Server: Varnish Retry-After: 0 Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js Accept-Ranges: bytes Date: Sat, 01 Oct 2022 22:21:01 GMT X-Served-By: cache-bma1659-BMA X-Cache: HIT alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 Host: cdn.jsdelivr.net User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: http://gzybl13.com/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js FQDN: cdn.jsdelivr.net IP: 151.101.85.229 HASH: fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648 151.101.85.229 HTTP/2 200 OK content-type: application/javascript; charset=utf-8 access-control-allow-origin: * access-control-expose-headers: * timing-allow-origin: * cache-control: public, max-age=31536000, s-maxage=31536000, immutable cross-origin-resource-policy: cross-origin x-content-type-options: nosniff strict-transport-security: max-age=31536000; includeSubDomains; preload x-jsd-version: 1.16.1 x-jsd-version-type: version etag: W/"52f1-MTeJyg4xtlR4TbuosPg/Nk+Gg7Q" content-encoding: gzip accept-ranges: bytes date: Sat, 01 Oct 2022 22:21:01 GMT age: 10953067 x-served-by: cache-fra19126-FRA, cache-bma1624-BMA x-cache: HIT, HIT vary: Accept-Encoding alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 content-length: 7503 X-Firefox-Spdy: h2 --- Additional Info --- Magic: ASCII text, with very long lines (21060) Size: 7503 Md5: 1f61c1b15b25ba046056238766ff3a43 Sha1: 2b8db740e4e913e9dc87a6060dea2a6b17ad0ec8 Sha256: fe78a2c604b4757dd5d114e0efb7e74c8f4acfe840bf6b6c01517205744a7648
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 FQDN: ocsp.globalsign.com IP: 104.18.21.226 HASH: b7c377500a7404eb47f03ecd5c095a1314a0d63a883cbea65d49b72ec46e04b1 104.18.21.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 01 Oct 2022 22:21:01 GMT Transfer-Encoding: chunked Connection: keep-alive Etag: "81D7645B8B5F98E7BB77388C6719C6E28C770A64" Expires: Sun, 02 Oct 2022 09:00:00 GMT Last-Modified: Sat, 01 Oct 2022 21:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 1833 Vary: Accept-Encoding Server: cloudflare CF-RAY: 753896c32b700b59-OSL --- Additional Info --- Magic: data Size: 1462 Md5: cf176be21500683add9b17106d480fbc Sha1: f3600b4544080ee7202b32e4dd7e741e16b866b3 Sha256: b7c377500a7404eb47f03ecd5c095a1314a0d63a883cbea65d49b72ec46e04b1
GET /vendor/sebastian/diff/bana/dist/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1 Host: gzybl13.com User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://gzybl13.com/vendor/sebastian/diff/bana/dist/dhl.css Cookie: langCookie=en	URL: gzybl13.com/vendor/sebastian/diff/bana/dist/fonts/defau (...) FQDN: gzybl13.com IP: 121.42.94.163 HASH: b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4 121.42.94.163 HTTP/1.1 200 OK Content-Type: text/plain Date: Sat, 01 Oct 2022 22:21:01 GMT Server: Apache Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT ETag: "2443062-a188-5e81d8492c055" Accept-Ranges: bytes Content-Length: 41352 Vary: User-Agent Keep-Alive: timeout=15, max=299 Connection: Keep-Alive --- Additional Info --- Magic: Web Open Font Format, TrueType, length 41352, version 1.66\012- data Size: 41352 Md5: 4e23ecf085132857bdb54b4da7373151 Sha1: a50215c22a591536b21e509100d1707c6886ffd6 Sha256: b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4 Alerts: Blocklists: - fortinet: Phishing
GET /country HTTP/1.1 Host: ipinfo.io User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Referer: http://gzybl13.com/ Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: ipinfo.io/country FQDN: ipinfo.io IP: 34.117.59.81 34.117.59.81 HTTP/2 429 Too Many Requests content-type: application/json; charset=utf-8 access-control-allow-origin: * x-frame-options: SAMEORIGIN x-xss-protection: 1; mode=block x-content-type-options: nosniff referrer-policy: strict-origin-when-cross-origin date: Sat, 01 Oct 2022 22:20:59 GMT x-envoy-upstream-service-time: 2 strict-transport-security: max-age=2592000; includeSubDomains vary: Accept-Encoding content-encoding: gzip via: 1.1 google alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 X-Firefox-Spdy: h2 --- Additional Info ---

                                        
                                            GET /v1/ HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.224.103.25

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 939 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert 

                                        
                                            
Cache-Control: max-age=3600 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Date: Sat, 01 Oct 2022 21:59:10 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 c76347c8ef1f3a2b6fb69cd7d1c6f748.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: ZRH50-C1 

                                        
                                            
X-Amz-Cf-Id: NRiR6GUq_8VUrBbhZ2m_i1LKKUY-AaneDjIaAb8TG7pOBuui42ieVg== 

                                        
                                            
Age: 1305 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators

                                                Size:   939

                                                Md5:    2d12f67fe57a87e7366b662d153a5582

                                                Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1

                                                Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 

                                        
                                            
Host: content-signature-2.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: no-cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.224.103.45

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: binary/octet-stream

                                        

                                        
                                            
content-length: 5348 

                                        
                                            
last-modified: Sat, 10 Sep 2022 18:47:45 GMT 

                                        
                                            
content-disposition: attachment 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: AmazonS3 

                                        
                                            
date: Sat, 01 Oct 2022 05:28:28 GMT 

                                        
                                            
etag: "6113f8408c59aebe188d6af273b90743" 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
via: 1.1 e92dffa8673a73c15c61e7c3abefc47c.cloudfront.net (CloudFront) 

                                        
                                            
x-amz-cf-pop: ZRH50-C1 

                                        
                                            
x-amz-cf-id: ZkURzFuLj74pqt3D3af7ljWRxMH6iQaf7xHZWMryFouY0kdD-N-AMA== 

                                        
                                            
age: 60748 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  PEM certificate\012- , ASCII text

                                                Size:   5348

                                                Md5:    6113f8408c59aebe188d6af273b90743

                                                Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b

                                                Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770

                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 

                                        
                                            
Host: firefox.settings.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: application/json 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Content-Type: application/json 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         13.224.103.25

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/json

                                        

                                        
                                            
Content-Length: 329 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Access-Control-Allow-Origin: * 

                                        
                                            
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert 

                                        
                                            
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; 

                                        
                                            
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT 

                                        
                                            
X-Content-Type-Options: nosniff 

                                        
                                            
Cache-Control: max-age=3600, max-age=3600 

                                        
                                            
Date: Sat, 01 Oct 2022 21:29:33 GMT 

                                        
                                            
Expires: Sat, 01 Oct 2022 22:25:22 GMT 

                                        
                                            
ETag: "1648230346554" 

                                        
                                            
X-Cache: Hit from cloudfront 

                                        
                                            
Via: 1.1 8c175d0adc08dac3750e9201b76886e8.cloudfront.net (CloudFront) 

                                        
                                            
X-Amz-Cf-Pop: ZRH50-C1 

                                        
                                            
X-Amz-Cf-Id: Ka4tlXHI_mteFvQXIYsNNnkt1oHG_zVl3EKxRlU2hgvh9ofDKQH-Qg== 

                                        
                                            
Age: 3082 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators

                                                Size:   329

                                                Md5:    0333b0655111aa68de771adfcc4db243

                                                Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb

                                                Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: ocsp.digicert.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         93.184.220.29

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Age: 5492 

                                        
                                            
Cache-Control: 'max-age=158059' 

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:56 GMT 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 20:49:24 GMT 

                                        
                                            
Server: ECS (ska/F70C) 

                                        
                                            
X-Cache: HIT 

                                        
                                            
Content-Length: 471 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   471

                                                Md5:    829e839c217bf861b8cf90c8d636f510

                                                Sha1:   459714fcf0d374bdc078ef59d122d59bf9312c5f

                                                Sha256: 36282e09bb25caf3d7350c4bee485cb87947aabc7d7409169caf15c2e75d8b7d

                                        
                                            GET /jquery-3.5.1.min.js HTTP/1.1 

                                        
                                            
Host: code.jquery.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: http://gzybl13.com 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://gzybl13.com/ 

                                        
                                            
Sec-Fetch-Dest: script 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         69.16.175.42

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: application/javascript; charset=utf-8

                                        

                                        
                                            
date: Sat, 01 Oct 2022 22:20:56 GMT 

                                        
                                            
content-encoding: gzip 

                                        
                                            
content-length: 30879 

                                        
                                            
last-modified: Fri, 20 Aug 2021 17:47:53 GMT 

                                        
                                            
accept-ranges: bytes 

                                        
                                            
server: nginx 

                                        
                                            
etag: W/"611feac9-15d84" 

                                        
                                            
cache-control: max-age=315360000, public 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
x-hw: 1664662856.dop218.sk1.t,1664662856.cds227.sk1.hn,1664662856.cds208.sk1.c 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  ASCII text, with very long lines (65451)

                                                Size:   30879

                                                Md5:    3700d0b271343804b9b9aa1c13efa521

                                                Sha1:   3d6b03dbd74872ca3dfbb0529f6c80943788f918

                                                Sha256: fda7541f8e4cf921d20bcd0dc1d0efe69644c79bd18a0be4ce2f34246c83603e

                                        
                                            GET / HTTP/1.1 

                                        
                                            
Host: push.services.mozilla.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Sec-WebSocket-Version: 13 

                                        
                                            
Origin: wss://push.services.mozilla.com/ 

                                        
                                            
Sec-WebSocket-Protocol: push-notification 

                                        
                                            
Sec-WebSocket-Extensions: permessage-deflate 

                                        
                                            
Sec-WebSocket-Key: p7mtoT7aBNTOw3w07OGCVQ== 

                                        
                                            
Connection: keep-alive, Upgrade 

                                        
                                            
Sec-Fetch-Dest: websocket 

                                        
                                            
Sec-Fetch-Mode: websocket 

                                        
                                            
Sec-Fetch-Site: cross-site 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache 

                                        
                                            
Upgrade: websocket

                                         44.242.32.27

                                        
                                            HTTP/1.1 101 Switching Protocols

                                        

                                        
                                            
Connection: Upgrade 

                                        
                                            
Upgrade: websocket 

                                        
                                            
Sec-WebSocket-Accept: 84gQXfxoUed6MQuRvLNjeeXrN1I= 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8349 

                                        
                                            
Expires: Sun, 02 Oct 2022 00:40:06 GMT 

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f5e503471cc78b95c0a3e75785615e5f

                                                Sha1:   145b1e4d850c145a78577b5d7d4fadae9658d7a4

                                                Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8349 

                                        
                                            
Expires: Sun, 02 Oct 2022 00:40:06 GMT 

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f5e503471cc78b95c0a3e75785615e5f

                                                Sha1:   145b1e4d850c145a78577b5d7d4fadae9658d7a4

                                                Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4

                                        
                                            POST / HTTP/1.1 

                                        
                                            
Host: r3.o.lencr.org

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 85 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         23.36.77.32

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Server: nginx 

                                        
                                            
Content-Length: 503 

                                        
                                            
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4" 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC 

                                        
                                            
Cache-Control: public, no-transform, must-revalidate, max-age=8349 

                                        
                                            
Expires: Sun, 02 Oct 2022 00:40:06 GMT 

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:57 GMT 

                                        
                                            
Connection: keep-alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   503

                                                Md5:    f5e503471cc78b95c0a3e75785615e5f

                                                Sha1:   145b1e4d850c145a78577b5d7d4fadae9658d7a4

                                                Sha256: 61bf2bddece68c7876ab5481c14ed1b1879343e55c86ee013b4f3a8d3353e6b4

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F589e050c-3794-45f2-a218-269b944ae739.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 9600 

                                        
                                            
x-amzn-requestid: e83a86d3-f5ab-4645-92df-4b2da3d4afa3 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWDgmFdlIAMFzQA= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b2d0-48c3fa150800475c790b95bd;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:36:16 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Miss from cloudfront 

                                        
                                            
x-amz-cf-id: f1aqkuvCub_vq9gBDgA4VL8hNf16FXzXhQjSHC1yDLISm85uOqJF9w== 

                                        
                                            
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:54:50 GMT 

                                        
                                            
etag: "fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38" 

                                        
                                            
age: 1567 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   9600

                                                Md5:    11f2e40823827b62bca89d18ee279cb2

                                                Sha1:   fa7e61b4f2864b8e51acb2cc887c15d5cb41ef38

                                                Sha256: c7811cb947483a033f31ff1e93b813f1bbc49b03ed78fcedab2090c71e5c4d1f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6315 

                                        
                                            
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZPnunF35oAMFYbg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT 

                                        
                                            
x-amz-cf-pop: SEA19-C2 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: F3fk5JnJ9ZFNPan-8DuLb4kuTiYKfniBar3qNlsuqd8a0saW3sEGvQ== 

                                        
                                            
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 04:41:31 GMT 

                                        
                                            
age: 63566 

                                        
                                            
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6315

                                                Md5:    206fb65e75dbadf119512f71e0b78402

                                                Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569

                                                Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7a6e7d5-efdf-4904-b660-ffb0d8ffd4d3.jpeg HTTP/1.1 

                                        
                                            
Host: img-getpocket.cdn.mozilla.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: image 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.120.237.76

                                        
                                            HTTP/2 200 OK 

                                        
                                            
content-type: image/jpeg

                                        

                                        
                                            
server: nginx 

                                        
                                            
content-length: 6101 

                                        
                                            
x-amzn-requestid: 0edbc5d1-324f-4b4f-a55c-b9333f2bb6a2 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
strict-transport-security: max-age=63072000; includeSubdomains; preload 

                                        
                                            
x-frame-options: DENY 

                                        
                                            
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' 

                                        
                                            
x-amz-apigw-id: ZWDpnFumIAMFoEg= 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
x-amzn-trace-id: Root=1-6338b30a-1422f70670e89174415c1aba;Sampled=0 

                                        
                                            
x-amzn-remapped-date: Sat, 01 Oct 2022 21:37:14 GMT 

                                        
                                            
x-amz-cf-pop: HIO50-C1, SEA73-P1 

                                        
                                            
x-cache: Hit from cloudfront 

                                        
                                            
x-amz-cf-id: hG5L6pTNHLcM-nBovmH6kFuFK5oXJuxVWsnaffj6L8bDlGnpFVJFKg== 

                                        
                                            
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google 

                                        
                                            
date: Sat, 01 Oct 2022 21:55:55 GMT 

                                        
                                            
age: 1502 

                                        
                                            
etag: "36c8dcdfdc2c59246ba9d999ddffd5387f68155e" 

                                        
                                            
cache-control: max-age=3600,public,public 

                                        
                                            
alt-svc: clear 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

                                                Size:   6101

                                                Md5:    e711c6bf0d0808f0b5c57b80916eba4d

                                                Sha1:   36c8dcdfdc2c59246ba9d999ddffd5387f68155e

                                                Sha256: e252f3c857e18ddaea7059bfb19826ac5e47c694ce57068d85f60bd1ac5f6c25

                                        
                                            GET /vendor/sebastian/diff/bana/dist/favicon.ico HTTP/1.1 

                                        
                                            
Host: gzybl13.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: image/avif,image/webp,*/* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1 

                                        
                                            
Cookie: langCookie=en

                                         121.42.94.163

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: image/x-icon

                                        

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:59 GMT 

                                        
                                            
Server: Apache 

                                        
                                            
Last-Modified: Wed, 07 Sep 2022 22:05:59 GMT 

                                        
                                            
ETag: "242105c-47e-5e81d8492b49d" 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Content-Length: 1150 

                                        
                                            
Vary: User-Agent 

                                        
                                            
Keep-Alive: timeout=15, max=299 

                                        
                                            
Connection: Keep-Alive 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data

                                                Size:   1150

                                                Md5:    d8106bf3a1d00ab43b01e6e3c92500eb

                                                Sha1:   202b5e8654ab1b28351378293bca3b9d844cc29b

                                                Sha256: 9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e

                                        
                                            POST /s/gts1d4/5QlTZKzjgCw HTTP/1.1 

                                        
                                            
Host: ocsp.pki.goog

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 84 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         142.250.74.3

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 01 Oct 2022 22:20:59 GMT 

                                        
                                            
Cache-Control: public, max-age=14400 

                                        
                                            
Server: scaffolding on HTTPServer2 

                                        
                                            
Content-Length: 472 

                                        
                                            
X-XSS-Protection: 0 

                                        
                                            
X-Frame-Options: SAMEORIGIN 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   472

                                                Md5:    292ce37b593ce3c3ec7c0af26bfba179

                                                Sha1:   96394b63a1af6edd4087a423e0a16b54fc23597b

                                                Sha256: f1d812f00bef48ee18f7f9a53f976ca0c8ccab6bab6f84e23d4acacf457acc08

                                        
                                            GET /npm/popper.js@1.16.1/dist/umd/popper.min.js HTTP/1.1 

                                        
                                            
Host: cdn.jsdelivr.net

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Referer: http://gzybl13.com/

                                         151.101.85.229

                                        
                                            HTTP/1.1 301 Moved Permanently

                                        

                                        
                                            
Connection: close 

                                        
                                            
Content-Length: 0 

                                        
                                            
Server: Varnish 

                                        
                                            
Retry-After: 0 

                                        
                                            
Location: https://cdn.jsdelivr.net/npm/popper.js@1.16.1/dist/umd/popper.min.js 

                                        
                                            
Accept-Ranges: bytes 

                                        
                                            
Date: Sat, 01 Oct 2022 22:21:01 GMT 

                                        
                                            
X-Served-By: cache-bma1659-BMA 

                                        
                                            
X-Cache: HIT 

                                        
                                            
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  

                                                Size:   0

                                                Md5:    d41d8cd98f00b204e9800998ecf8427e

                                                Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 

                                        
                                            
Host: ocsp.globalsign.com

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate 

                                        
                                            
Content-Type: application/ocsp-request 

                                        
                                            
Content-Length: 83 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Pragma: no-cache 

                                        
                                            
Cache-Control: no-cache

                                         104.18.21.226

                                        
                                            HTTP/1.1 200 OK 

                                        
                                            
Content-Type: application/ocsp-response

                                        

                                        
                                            
Date: Sat, 01 Oct 2022 22:21:01 GMT 

                                        
                                            
Transfer-Encoding: chunked 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Etag: "81D7645B8B5F98E7BB77388C6719C6E28C770A64" 

                                        
                                            
Expires: Sun, 02 Oct 2022 09:00:00 GMT 

                                        
                                            
Last-Modified: Sat, 01 Oct 2022 21:00:00 UTC 

                                        
                                            
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate 

                                        
                                            
CF-Cache-Status: HIT 

                                        
                                            
Age: 1833 

                                        
                                            
Vary: Accept-Encoding 

                                        
                                            
Server: cloudflare 

                                        
                                            
CF-RAY: 753896c32b700b59-OSL 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

                                            
                                                Magic:  data

                                                Size:   1462

                                                Md5:    cf176be21500683add9b17106d480fbc

                                                Sha1:   f3600b4544080ee7202b32e4dd7e741e16b866b3

                                                Sha256: b7c377500a7404eb47f03ecd5c095a1314a0d63a883cbea65d49b72ec46e04b1

                                        
                                            GET /country HTTP/1.1 

                                        
                                            
Host: ipinfo.io

                                        

                                        
                                            
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0 

                                        
                                            
Accept: */* 

                                        
                                            
Accept-Language: en-US,en;q=0.5 

                                        
                                            
Accept-Encoding: gzip, deflate, br 

                                        
                                            
Origin: null 

                                        
                                            
Referer: http://gzybl13.com/ 

                                        
                                            
Connection: keep-alive 

                                        
                                            
Sec-Fetch-Dest: empty 

                                        
                                            
Sec-Fetch-Mode: cors 

                                        
                                            
Sec-Fetch-Site: cross-site

                                         34.117.59.81

                                        
                                            HTTP/2 429 Too Many Requests 

                                        
                                            
content-type: application/json; charset=utf-8

                                        

                                        
                                            
access-control-allow-origin: * 

                                        
                                            
x-frame-options: SAMEORIGIN 

                                        
                                            
x-xss-protection: 1; mode=block 

                                        
                                            
x-content-type-options: nosniff 

                                        
                                            
referrer-policy: strict-origin-when-cross-origin 

                                        
                                            
date: Sat, 01 Oct 2022 22:20:59 GMT 

                                        
                                            
x-envoy-upstream-service-time: 2 

                                        
                                            
strict-transport-security: max-age=2592000; includeSubDomains 

                                        
                                            
vary: Accept-Encoding 

                                        
                                            
content-encoding: gzip 

                                        
                                            
via: 1.1 google 

                                        
                                            
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000 

                                        
                                            
X-Firefox-Spdy: h2 

                                        
                                            
 

                                        
                                        
                                            

                                            --- Additional Info ---

URL	gzybl13.com/vendor/sebastian/diff/bana/f475296a7858bdf15ac1a8f6a6364cfe/execution.html?validation=e1s1
IP	121.42.94.163 (China)
ASN	#37963 Hangzhou Alibaba Advertising Co.,Ltd.
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-10-01 22:21:05 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	13
urlquery alerts	6 Phishing - DHL
Tags	None

Overview

Domain Summary (14)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 121.42.94.163

Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.

Last 5 reports on domain: gzybl13.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (14)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Overview

Domain Summary (14)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 121.42.94.163

Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.

Last 5 reports on domain: gzybl13.com

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (14)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (43)

Network Intrusion Detection Systems