| kffg45.com/ | 67.198.248.139 | 301 Moved Permanently | 162 B |
IP67.198.248.139:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 04 Oct 2022 14:01:00 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://kffg45.com/
Strict-Transport-Security: max-age=31536000
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash9955bda9c9ef64bc5700a14af0bae25e 8de7b7469e905af0374bdfcc3006bbb844f13e94 1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11081
Expires: Tue, 04 Oct 2022 17:05:41 GMT
Date: Tue, 04 Oct 2022 14:01:00 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 143.204.55.115 | 200 OK | 939 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/ IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash2d12f67fe57a87e7366b662d153a5582 d7b02d81cc74f24a251d9363e0f4b0a149264ec1 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 13:47:04 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: fKUtQkLUobJgQnL-RfO4Gt_aqhkEjanWggS9AiERgwbbvapycnd45A==
Age: 836
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain | 143.204.55.49 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain IP143.204.55.49:0
File typePEM certificate\012- , ASCII text Hash6113f8408c59aebe188d6af273b90743 7398873bf00f99944eaa77ad3ebc0d43c23dba6b b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 bb1da7862c4968b28920b91b324095c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: N4UFuFENw2xfjeEc41NYNTt2wq6K7jMF9Sa0iPB2uzsIZKwRq0SqIQ==
age: 30753
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20e2fabf3cff9ab71436359d01cbb0ea f8fe87282216c98840b342e4d30baebf799d276e d847a73762e624d73e033fbd7679c737ebe57503fc9077f413c2092a339e25ca
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D847A73762E624D73E033FBD7679C737EBE57503FC9077F413C2092A339E25CA"
Last-Modified: Tue, 04 Oct 2022 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20727
Expires: Tue, 04 Oct 2022 19:46:27 GMT
Date: Tue, 04 Oct 2022 14:01:00 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 143.204.55.115 | 200 OK | 329 B |
URL HTTP/1.1firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP143.204.55.115:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 04 Oct 2022 13:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 04 Oct 2022 14:17:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Bu9WqkX8L-C9o_zK3VW4WevCnUVBsCKYu17Ol-T0-bMb7anOjifoGA==
Age: 1887
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash16ebfb2aa621547ecf581e26fc828a7d f78993331f6f5b8af6409a9ad2fc50b77070f68a 0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5952
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 14:01:01 GMT
Last-Modified: Tue, 04 Oct 2022 12:21:49 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 52.43.253.52 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.43.253.52:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: M6aWX9hSJLFRM9W70lrO+A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Pcw3nomaSdHVDly2qIn9gxU+bMA=
|
|
| kffg45.com/static_new6/img/xxlogo.png | 67.198.248.139 | 200 OK | 24 kB |
URL HTTP/2kffg45.com/static_new6/img/xxlogo.png IP67.198.248.139:0
File typePNG image data, 216 x 216, 8-bit/color RGBA, non-interlaced\012- data Hash0ce6f757c006f5cd09e2da802faa0dbf 3a953aee4d015bcc6557e6fcaddfb500e689ad80 63bdbb512b2c2a13ad979c99a92cb90b872464549c937699c4f252952efead89
GET /static_new6/img/xxlogo.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: image/png
content-length: 24228
last-modified: Thu, 24 Feb 2022 06:43:16 GMT
etag: "62172904-5ea4"
expires: Thu, 03 Nov 2022 14:01:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/img/name.png | 67.198.248.139 | 200 OK | 1.0 kB |
URL HTTP/2kffg45.com/static_new6/img/name.png IP67.198.248.139:0
File typePNG image data, 34 x 40, 8-bit/color RGBA, non-interlaced\012- data Hashf5d6c8bf792470a6bfbd3bdcb28c82e4 4946457941e594d48da2622f1e071b72124b7cf3 9dee66a01a8baf2fffd3e2b51d386487e440c9540f3724e68bfc03fdf0d6112f
GET /static_new6/img/name.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: image/png
content-length: 1047
last-modified: Thu, 24 Feb 2022 06:55:22 GMT
etag: "62172bda-417"
expires: Thu, 03 Nov 2022 14:01:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/img/passwd.png | 67.198.248.139 | 200 OK | 1.1 kB |
URL HTTP/2kffg45.com/static_new6/img/passwd.png IP67.198.248.139:0
File typePNG image data, 34 x 38, 8-bit/color RGBA, non-interlaced\012- data Hash2909181c0575526c5c36df92a8b11b6c 495155faa16899fbc261a69835a7332e16970452 bbd10cc686f61d0a2a1718a55e4b1b2bb95fd9c89efddfd93d876788c70862dc
GET /static_new6/img/passwd.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: image/png
content-length: 1134
last-modified: Thu, 24 Feb 2022 06:55:23 GMT
etag: "62172bdb-46e"
expires: Thu, 03 Nov 2022 14:01:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/img/loadingIcon.a880485e.png | 67.198.248.139 | 200 OK | 5.4 kB |
URL HTTP/2kffg45.com/static_new6/img/loadingIcon.a880485e.png IP67.198.248.139:0
File typePNG image data, 140 x 140, 8-bit/color RGBA, non-interlaced\012- data Hasha880485e723ead6db8703d10914f9545 9f0cfc4bef07164e47963509d12f9159cd466bd1 7434b16e08a2dbe7fab69a7ebbc2344705e67ee982ebfea3920c2ac488b06b95
GET /static_new6/img/loadingIcon.a880485e.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: image/png
content-length: 5447
last-modified: Thu, 08 Apr 2021 11:11:32 GMT
etag: "606ee4e4-1547"
expires: Thu, 03 Nov 2022 14:01:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/img/successIcon.4375564d.png | 67.198.248.139 | 200 OK | 7.1 kB |
URL HTTP/2kffg45.com/static_new6/img/successIcon.4375564d.png IP67.198.248.139:0
File typePNG image data, 120 x 120, 8-bit/color RGBA, non-interlaced\012- data Hash4375564d11a4dc1b4756e57d55140056 16715802c4b6ca8031b5075b48811e315e846618 a9743e4d870d471fac99e117ee8e2691952e9634656aea871b138766f4ce9317
GET /static_new6/img/successIcon.4375564d.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: image/png
content-length: 7074
last-modified: Thu, 08 Apr 2021 10:54:32 GMT
etag: "606ee0e8-1ba2"
expires: Thu, 03 Nov 2022 14:01:01 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/img/bgbgbg.png | 67.198.248.139 | 200 OK | 21 kB |
URL HTTP/2kffg45.com/static_new6/img/bgbgbg.png IP67.198.248.139:0
File typePNG image data, 275 x 202, 8-bit/color RGBA, non-interlaced\012- data Hash8439f9ff1147055b25c182f995b7002f c6f0de4421ab164957cbfe989114cfe62183e772 ef4c5284f57b653d1fce9723c34257737843216dd9c3351eae065c808ff2c967
GET /static_new6/img/bgbgbg.png HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:02 GMT
content-type: image/png
content-length: 21158
last-modified: Thu, 22 Sep 2022 09:56:44 GMT
etag: "632c315c-52a6"
expires: Thu, 03 Nov 2022 14:01:02 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/favicon.ico | 67.198.248.139 | 200 OK | 4.3 kB |
IP67.198.248.139:0
File typeMS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data Hashb7dae3c976e02585b3f6635d8f9b3abf 30de0cfc2f9c5cf36c26801f23142a5df32305ca 7d9916755a9fe9b0636cd558c3e4c8db0f3c9f9a3d68a57bbe27f39a84b85c3e
GET /favicon.ico HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:02 GMT
content-type: image/x-icon
content-length: 4286
last-modified: Fri, 25 Feb 2022 07:37:21 GMT
etag: "62188731-10be"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new/js/common.js | 67.198.248.139 | 200 OK | 1.4 kB |
URL HTTP/2kffg45.com/static_new/js/common.js IP67.198.248.139:0
Hash6839da7934c6a79112066616ebc04548 24e41a94d9dfcb6792a67ae10eba5764641aba5d d34f5bda5a63fdb634be7b39bf0e026c06709b61cd98d2196dc14743abc04690
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /static_new/js/common.js HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: application/javascript
last-modified: Sun, 29 Mar 2020 15:03:22 GMT
vary: Accept-Encoding
etag: W/"5e80b8ba-84e"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:01:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:01:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:01:02 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hashff433c9569a3557d806b1480aeafece9 20bbd46383b85326837f45290ff87df708b3b310 e8e5212b8d90257f23bdb0d1d643b5e7d7528d964056c3a4a269b5e09f409f2d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11545
Expires: Tue, 04 Oct 2022 17:13:27 GMT
Date: Tue, 04 Oct 2022 14:01:02 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash54b3ef7aa50273b78b59c24511b0c1f9 e2ea2ef6805e391c497e62e101e76a0bdecfce64 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 58587
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg | 34.120.237.76 | 200 OK | 4.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash24a4a122273ef9f772852031eb13114a c20f1fac9020eb4bd6c84583f73872979639b991 8e1ffbed5f156637ed2f22e81d03f6d85eff0c28237c1639ea5f977e92ee7b70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdb412b7-1bf6-4a48-b9f1-b171f540e434.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4151
x-amzn-requestid: f709a11e-cbea-4965-8502-94ddbd8768bb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvSF3YIAMFdow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-29bfa31d51e8f60b38136dba;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: iHjSrLdzntzVnJ-qaRf834nLglcKXY1cTgLY5VcCyKtp0lwN2gGnnw==
via: 1.1 1b0911478686968732f973d6e5e31d10.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 58602
etag: "c20f1fac9020eb4bd6c84583f73872979639b991"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new/js/jquery.min.js | 67.198.248.139 | 200 OK | 39 kB |
URL HTTP/2kffg45.com/static_new/js/jquery.min.js IP67.198.248.139:0
Hash227f2ce8d219dbb8830ef58d311cc12c 1a3811da7c1508c8e8219420da6255962d5fe701 440841d94b3621749f79ceec94adb5f49160fba4a1b0dde945a42391c4a61ef0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /static_new/js/jquery.min.js HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: application/javascript
last-modified: Sat, 15 Feb 2020 12:13:14 GMT
vary: Accept-Encoding
etag: W/"5e47e05a-15851"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css | 67.198.248.139 | 200 OK | 312 kB |
URL HTTP/2kffg45.com/static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css IP67.198.248.139:0
Size312 kB (312530 bytes) Hashaabc68feaeb3f90f065286611f12c070 7e29de56d60394dad3ae002d0f18e5b1661c1621 2c2dba2ddf38af0607678f04b9da5799cdb556bd7c9ff15cdc5359ad86dcbf6a
GET /static_new6/css/app.7b22fa66c2af28f12bf32977d4b82694.css HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 09:01:19 GMT
vary: Accept-Encoding
etag: W/"632c245f-b24de"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/css/app.4e7da7f7.css | 67.198.248.139 | 200 OK | 11 kB |
URL HTTP/2kffg45.com/static_new6/css/app.4e7da7f7.css IP67.198.248.139:0
Hashacd8769423924d0adce8b82ed6a7f98f 49365e3ec8129dd6b05e2fb7ee0bce26689bca48 835d7d710bfb6ac9d4388fd44ce951cfd088930b9debcf1c0616616d0e2b0a12
GET /static_new6/css/app.4e7da7f7.css HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 08:43:14 GMT
vary: Accept-Encoding
etag: W/"632c2022-376d"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kffg45.com/ | 67.198.248.139 | 301 Moved Permanently | 14 kB |
IP67.198.248.139:0
File typegzip compressed data, from Unix\012- data Hash284f9da7b2f09d4a0c9b4191a9e12b70 44020051e60a25e1e04b00d8288a65a23b9f63e2 348b6c27150af36783ac3c8601b8e3c1a82fac42597fba1e089e016227d1261f
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
server: nginx
date: Tue, 04 Oct 2022 14:01:00 GMT
content-type: text/html; charset=utf-8
set-cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4; path=/; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache,must-revalidate
location: /index/user/login.html
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/css/chunk-vendors.6442bc31.css | 67.198.248.139 | 200 OK | 0 B |
URL HTTP/2kffg45.com/static_new6/css/chunk-vendors.6442bc31.css IP67.198.248.139:0
GET /static_new6/css/chunk-vendors.6442bc31.css HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 08:10:50 GMT
vary: Accept-Encoding
etag: W/"632c188a-15675"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new6/css/app.cae3284d.css | 67.198.248.139 | 200 OK | 0 B |
URL HTTP/2kffg45.com/static_new6/css/app.cae3284d.css IP67.198.248.139:0
GET /static_new6/css/app.cae3284d.css HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: text/css
last-modified: Thu, 22 Sep 2022 08:31:55 GMT
vary: Accept-Encoding
etag: W/"632c1d7b-3848"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| kffg45.com/static_new/js/dialog.min.js | 67.198.248.139 | 200 OK | 0 B |
URL HTTP/2kffg45.com/static_new/js/dialog.min.js IP67.198.248.139:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /static_new/js/dialog.min.js HTTP/1.1
Host: kffg45.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://kffg45.com/index/user/login.html
Cookie: s18ed89c1=93sp8u0trdc58fbgu0e8in0on4
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 14:01:01 GMT
content-type: application/javascript
last-modified: Wed, 29 Dec 2021 08:38:36 GMT
vary: Accept-Encoding
etag: W/"61cc1e8c-6d04"
expires: Wed, 05 Oct 2022 02:01:01 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
|
|