r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9041
Expires: Fri, 02 Dec 2022 13:50:05 GMT
Date: Fri, 02 Dec 2022 11:19:24 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 0c748388899e8a8d3680355da2ea5020
903c620cd137613daafb0da0508c37b2f4a67212
39eab80e022a9a1732872d9926b0ace80f818ec5c535e36a18b539ea63786fb2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6500
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:19:24 GMT
Last-Modified: Fri, 02 Dec 2022 09:31:04 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6614
Expires: Fri, 02 Dec 2022 13:09:38 GMT
Date: Fri, 02 Dec 2022 11:19:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 02 Dec 2022 10:19:55 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3569
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: bSabTdNO0ZIpKfde22rKcPdzKF991XiN8+UzVAdmb3vNTSmVZJ6yW6LGW7pa5LxH1vGkjai4QMs=
x-amz-request-id: T47TDSERBQ3BBGQ6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 02 Dec 2022 10:46:40 GMT
age: 1964
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/jp.php
64.227.108.2301 Moved Permanently 307 B IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3bbd4cb6a122d1cdf7ba02f644c83bc7
71778fa5bdb6a0e5b7dfaaec7beb9d9011b305c1
97adcb7a963bc1c06926814a101aa57118a72c9f5651e66bdd9f5b7db4cd044d
Analyzer Verdict Alert openphish East Japan Railway Company
fortinet Phishing
GET /jp.php HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Dec 2022 11:19:24 GMT
Server: Apache
Location: https://s.ezkl-seauzu.icu/jp.php
Content-Length: 307
Connection: close
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Dec 2022 11:19:24 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 02 Dec 2022 11:08:57 GMT
cache-control: public,max-age=3600
age: 628
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 306863cd854e2636db9f6d80beb352fd
5402264ea2473e38cd50a6277edcadb16cc93ac9
e22df0a6a7f6f9bc346205790feb77bd741bfaf2bdfa75b8052cfec2a65d57c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E22DF0A6A7F6F9BC346205790FEB77BD741BFAF2BDFA75B8052CFEC2A65D57C6"
Last-Modified: Thu, 01 Dec 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21073
Expires: Fri, 02 Dec 2022 17:10:38 GMT
Date: Fri, 02 Dec 2022 11:19:25 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7f1f8fc556d1f7e0aea3e1208ee2fd1c
09c341a56ff876479cfc8a0505a5fef4a5d110f1
65adcf58887bcc23f73379f74ab19a61cfbb93285c95c64b44a6716eeacc1482
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6439
Cache-Control: max-age=171288
Content-Type: application/ocsp-response
Date: Fri, 02 Dec 2022 11:19:25 GMT
Etag: "6389c02e-1d7"
Expires: Sun, 04 Dec 2022 10:54:13 GMT
Last-Modified: Fri, 02 Dec 2022 09:06:54 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
s.ezkl-seauzu.icu/jp.php
64.227.108.2200 OK 597 B IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash c57433f76ca9046171d321a1906c2792
36f5b30d63da39892ddfa311f22caaea08f3ab91
0d41f74b3429aec31f455afe51606bf8f0d7e02376c7837fb1a2d50a891fe30e
Analyzer Verdict Alert openphish East Japan Railway Company
fortinet Phishing
GET /jp.php HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; path=/
_amkc=65c5ab4a-dc58-490b-af27-6eabf6a72e2f; expires=Fri, 02-Dec-2022 11:44:25 GMT; Max-Age=1500; path=/; domain=s.ezkl-seauzu.icu
62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D; expires=Fri, 02-Dec-2022 11:44:25 GMT; Max-Age=1500; path=/; domain=s.ezkl-seauzu.icu
vary: Accept-Encoding
content-encoding: gzip
content-length: 597
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 11:19:25 GMT
server: Apache
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.39.62.124101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.62.124:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5H33diqe0pqD/PVgQQ6OYw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rQn8ejFOgXWH1k4hnHIRlDWeKi0=
s.ezkl-seauzu.icu/vendor/vendor.23238u92u82.js
64.227.108.2200 OK 1.9 kB URL HTTP/2 s.ezkl-seauzu.icu/vendor/vendor.23238u92u82.js
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (325), with CRLF line terminators
Hash 7ca50ba65dff02b9c1fdc7dfc12151be
6c6c921082ff698e1596e48d4b857ad464fddc52
5560969a92b6346ddbc4f3473895be53bfc1f14309d5811595ea2428197658bd
GET /vendor/vendor.23238u92u82.js HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/jp.php
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=65c5ab4a-dc58-490b-af27-6eabf6a72e2f; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 17 Jun 2022 20:31:10 GMT
etag: "1375-5e1aaa277bf80-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1907
content-type: application/javascript
date: Fri, 02 Dec 2022 11:19:25 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/index.php?t=0a65236acfa34eb57091c47792af39781e6fec2913068d2a6fc9cb8f2a0e1ea3
64.227.108.2200 OK 2.4 kB URL HTTP/2 s.ezkl-seauzu.icu/index.php?t=0a65236acfa34eb57091c47792af39781e6fec2913068d2a6fc9cb8f2a0e1ea3
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4521), with CRLF line terminators
Hash 46c7cadb4b65914fc7f0ac63d3d42b47
728d7c7c5985b33875b988b7e41d5b32b28ec40a
1f333692a73892fb03d80a407da46f5dd0f0c898ef83ac3bdaa72448ff8b3c42
Analyzer Verdict Alert fortinet Phishing
GET /index.php?t=0a65236acfa34eb57091c47792af39781e6fec2913068d2a6fc9cb8f2a0e1ea3 HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/jp.php
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=65c5ab4a-dc58-490b-af27-6eabf6a72e2f; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _amkc=79711673-460a-4098-8299-d11ea974c263; expires=Fri, 02-Dec-2022 11:44:25 GMT; Max-Age=1500; path=/; domain=s.ezkl-seauzu.icu
62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D; expires=Fri, 02-Dec-2022 11:44:25 GMT; Max-Age=1500; path=/; domain=s.ezkl-seauzu.icu
vary: Accept-Encoding
content-encoding: gzip
content-length: 2408
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 11:19:25 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
64.227.108.2200 OK 4.2 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (335)
Hash d813359262777bb1b38ee0b5965ed4c5
2556529d01001b6c5c1fde00695c869a446ebca7
20a922abef6bf97ed00cc5fbe067fad0e0ad2ee66f9a6c421a4c9cc217d00beb
GET /eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1 HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/index.php?t=0a65236acfa34eb57091c47792af39781e6fec2913068d2a6fc9cb8f2a0e1ea3
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=79711673-460a-4098-8299-d11ea974c263; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: _amkc=894336f5-02f5-470a-802e-124b40f8fa78; expires=Fri, 02-Dec-2022 11:44:25 GMT; Max-Age=1500; path=/; domain=s.ezkl-seauzu.icu
vary: Accept-Encoding
content-encoding: gzip
content-length: 4205
content-type: text/html; charset=UTF-8
date: Fri, 02 Dec 2022 11:19:25 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/member.css
64.227.108.2200 OK 3.2 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/member.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3b3cbb50579158c3c77b1cc18a11341e
98f4997ef469f58734e73ad77a6db53ff40bf084
9f8e4372d78eb1d492d71dfdccee1ee56b4542a9f5dd6b8c8638d1f58e32a123
GET /eki_ap/css/member.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "4fe7-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3214
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/common.css
64.227.108.2200 OK 15 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/common.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 0e6ba791463f12c93e466986bab70ca9
50b509bfc228363639eb4e06792d254aa5dbb45d
5ce91962f1cae041faf58aee72a13b88e443965e8ab71c23c1aaa82e4fd6b76f
GET /eki_ap/css/common.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "1e065-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 14629
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/module.css
64.227.108.2200 OK 10 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/module.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c753a1433bb155c2150e696e10fdb810
4a752f90c25331701e9140070dadb3d78e30f3e1
2b613690fa86026b41b2642e864725e78b54e73e6c0dffbcede8693dac379db5
GET /eki_ap/css/module.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "12779-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 10179
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/style.css
64.227.108.2200 OK 6.6 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/style.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type assembler source, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash c7bed20defe58bf1067038da11c627a8
f1c2035e8f6d01070b2ee00c2a418f18ad5d861b
dc4c5f1d4fb3186ac78e4e1ec23cfd04be738ef409abbbae271f6a6c6c89d33d
GET /eki_ap/css/style.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "9a27-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 6590
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/load_font.css
64.227.108.2200 OK 324 B URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/load_font.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 59aac5e27f11efa332837e0be33ddf39
2be90ed04ef327a3e22a066325da5fbf8de7ffab
02f38a24379735f477735e69951cb7b613957fc721bed4f4a7c4f80b1a8db02d
GET /eki_ap/css/load_font.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "312-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 324
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/images/logo_ekinet.png
64.227.108.2200 OK 7.5 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/images/logo_ekinet.png
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 186 x 52, 8-bit/color RGBA, non-interlaced\012- data
Hash 993c5429eae331230c45b6c12fa1cf01
bf068822793fab34c4c84dbfea9442f94ac69e4e
3f7c549cfacde11c4129c09b1908d106126d823682cc758f70fc046638d7746b
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/images/logo_ekinet.png HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "1d38-5ea9973029c00"
accept-ranges: bytes
content-length: 7480
content-type: image/png
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/images/logo_jreast.png
64.227.108.2200 OK 2.9 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/images/logo_jreast.png
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 88 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dc3fb68ca54c0446848c5786df4063c
a459d4dddd3b2c788883ef9d07add9640a49330b
ba4924716ed0580ae30f974eebb97421a2c10c1e2cf61e8ad60fcd39d8fbca30
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/images/logo_jreast.png HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "b5d-5ea9973029c00"
accept-ranges: bytes
content-length: 2909
content-type: image/png
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/css/top_searchparts.css
64.227.108.2200 OK 13 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/css/top_searchparts.css
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 75715fbe0652f8c6e47f1b463ac8ea55
e49891237351269ddd016a362ce10ac48cce1777
c178a06d3de547c705bab9e9bdfa45c5770b3f8395f86f572f3e10a1d2c05b4e
GET /eki_ap/css/top_searchparts.css HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "1db4d-5ea9973029c00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 12592
content-type: text/css
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/images/icon_linkblank.png
64.227.108.2200 OK 166 B URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/images/icon_linkblank.png
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 73c445fe98114a16d3d453a359f24e48
5a987bf2d56d11b069d788d512f869431566b5bc
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/images/icon_linkblank.png HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "a6-5ea9973029c00"
accept-ranges: bytes
content-length: 166
content-type: image/png
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/images/icon_linkblank-1.png
64.227.108.2200 OK 166 B URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/images/icon_linkblank-1.png
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 24 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash 73c445fe98114a16d3d453a359f24e48
5a987bf2d56d11b069d788d512f869431566b5bc
e918e110b6e7e8c5ada678baab1d10bcf4f24d149943804b0b31363ccd976b7a
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/images/icon_linkblank-1.png HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "a6-5ea9973029c00"
accept-ranges: bytes
content-length: 166
content-type: image/png
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/images/icon_input_ok.png
64.227.108.2200 OK 3.2 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/images/icon_input_ok.png
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash a4a91639d8d3d804985fef75e1fbb4cc
152f6d800881c85bdce965cf204856d954d74bec
d4d96a513c50320d375f5cb8c1c4f52d6ba868b6ffafec5f451deb8dc9ef05f4
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/images/icon_input_ok.png HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "c9d-5ea9973029c00"
accept-ranges: bytes
content-length: 3229
content-type: image/png
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/favicon.ico
64.227.108.2200 OK 1.5 kB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/favicon.ico
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 5 icons, 32x32, 16 colors, 4 bits/pixel, 16x16, 16 colors, 4 bits/pixel\012- data
Hash 3608d6a8aa4edf7951916f3dfa82ca3c
7d0dc0f86f876a12b1b491cf78916f660fcbcf01
b790e2b436991d81dfba3ee03342515d4ccb5564bc274900ec7ec425e2d33ae4
GET /eki_ap/favicon.ico HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/signin.php?_encoding=UTF8&openid.assoc_handle=jpflex&openid.claimed_id=&action=sign-in&path=home&ref_=nav_Account&signIn=1&useRedirectOnSuccess=1
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 22:48:24 GMT
etag: "231e-5eaa1d7295e00-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 1532
content-type: image/x-icon
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7633
Expires: Fri, 02 Dec 2022 13:26:39 GMT
Date: Fri, 02 Dec 2022 11:19:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7633
Expires: Fri, 02 Dec 2022 13:26:39 GMT
Date: Fri, 02 Dec 2022 11:19:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ecab83d593cc540b02689be5be7abc8a
81cda579b7b9b22332b85266b0126585f3d3f73f
d469c5adb69f261084b016f8e24edf8b69b62d9f930ca2d85cf35375e2303ecc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D469C5ADB69F261084B016F8E24EDF8B69B62D9F930CA2D85CF35375E2303ECC"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7633
Expires: Fri, 02 Dec 2022 13:26:39 GMT
Date: Fri, 02 Dec 2022 11:19:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: ad2d9243-5e32-4faf-8ff3-b9abd3af1e89
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cb1_hEJJIAMF4Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6387d063-596f5833509112ee6cbedf54;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 21:51:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PIC-TIeTFK_Y2AiqowYT4_8tMuzIKO23lAwx18fYepTf4PIWkmLqkQ==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 05:20:15 GMT
age: 21551
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 16a112f00456d38c4c9e051ccf40e105
8fe32fffe672f0e91ce773af0e4be960f55bad08
43517bbcd17ec6d05d09a4c0d183610acdc7e2fa4767cb786cb8b936d5f44402
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feb2cfbf1-2aef-40a6-97e1-99a756e32924.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13461
x-amzn-requestid: 8c0121a6-cf29-4cd0-bd42-d9f67af62b84
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZQsyGhGoAMF1-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6386c7eb-593f28367320530e2dcafbfb;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 03:03:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: npt-A-TEzjd-QRTVhv5FMJhwlYujCRCF7tyYbathxjCdCFFEwh_vEQ==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:42:38 GMT
age: 16608
etag: "8fe32fffe672f0e91ce773af0e4be960f55bad08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b986f9fcbeca91ed5c8d58fbfaf47d19
6e6c8bd2bce144cc4da1cd7be375b046b60dca79
07a8938d2841f8c13bd646f4e79e41e46acd6463aa019cd70871b3741f12bb4f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F683f066f-699d-4765-8f4f-33c72e1672e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6174
x-amzn-requestid: f78f1e9d-8c0c-495d-a862-61838f8297e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cZ0iyH2WoAMFQdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63870144-45442a8544259930564f685b;Sampled=0
x-amzn-remapped-date: Wed, 30 Nov 2022 07:07:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QIOz71_Kr08pIIwOm2GUkWr421fO7-UyUI7LYld0JBaGnYQ0j3IDFg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Dec 2022 06:00:48 GMT
age: 19118
etag: "6e6c8bd2bce144cc4da1cd7be375b046b60dca79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 25c68d8b1fae82820f93efca500fd848
45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48
f0ec6b6f6ba0a931c9b71f5bc7ad1e5b89c8e4d8b7441f35eeebfba418d0e588
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbb8ec880-52b8-4350-bb47-d051878e78f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6882
x-amzn-requestid: 6b5f15a5-c15b-46bf-9fd5-5d013d37a0eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfGfrG3WIAMFc9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891dfd-6038ca700dfb4489230c2683;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:34:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2O6x-8-ESFDtlhcjVyGxEXCZcLbbfhsCVQeX02lbNMupPWmM-fKuLA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:34:54 GMT
age: 49472
etag: "45cf5e1a54ee491497ffe08a8e39fe97ba3c8a48"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c7113338bc3310b13d23ca415c177e2
2cb4edc6b161c6d2d5b47aa498ae54e677966466
3a83adce869dd7eb064c583bf7ff93c57fabd7ea2da872f7d1f7d868b8a492e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F449f29d0-f60b-4dec-8b5b-0a1971bab406.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10270
x-amzn-requestid: ac2d2825-2ec4-435e-9921-3ea6524df1dc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cfG1nEvYoAMFliA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63891e8a-4419423112b5723e3dba46ea;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 21:37:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2ihxuuXiECC4oX11t_vswhnLF0UpqDuboPLkrhpWwp-vfCR5pxGGxw==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 21:53:50 GMT
age: 48336
etag: "2cb4edc6b161c6d2d5b47aa498ae54e677966466"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 156e9ea97b774cbd8361072e4041b6c8
fc71ae3cae92ed6011904bb2367f23bf4e69fab4
58d953c19ebbbdfc3965bbe3f52308d4702deaf4d0c029f4674bcb862da138af
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb582f62c-d1ce-4054-b87e-36be40dadfa4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8863
x-amzn-requestid: 798d014b-0f9c-4787-a676-8f5e8fae3d11
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdG14HBNIAMFdWg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851bf-7549feac6d476a8512676412;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:27 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: r_0F64VpyutAOJ9IcTWrs3Sv--fhKiwKsV1FW0fOMSRt1QLLPxvJzg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Dec 2022 13:21:56 GMT
age: 79050
etag: "fc71ae3cae92ed6011904bb2367f23bf4e69fab4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/fonts/notosanscjkjp-bold_subset.woff
64.227.108.2200 OK 548 B URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/fonts/notosanscjkjp-bold_subset.woff
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 370e16c3b7dba286cff055f93b9a94d8
65f3537c3c798f7da146c55aef536f7b5d0cb943
d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/fonts/notosanscjkjp-bold_subset.woff HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/css/load_font.css
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "224-5ea9973029c00"
accept-ranges: bytes
content-length: 548
vary: Accept-Encoding
content-type: font/woff
date: Fri, 02 Dec 2022 11:19:27 GMT
server: Apache
X-Firefox-Spdy: h2
s.ezkl-seauzu.icu/eki_ap/fonts/notosanscjkjp-regular_subset.woff
64.227.108.2200 OK 1.2 MB URL HTTP/2 s.ezkl-seauzu.icu/eki_ap/fonts/notosanscjkjp-regular_subset.woff
IP 64.227.108.2:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format, CFF, length 1216180, version 1.0\012- data
Size 1.2 MB (1216180 bytes)
Hash 2eed70e05875f5a1816d67fc9150ef4f
57022eef1926803836aafeb3a07cbd246d4a9892
434379a92cc3af5ca03ccb2bfaadc7f2b8224b1b49f310ec5f4d27ca36777520
Analyzer Verdict Alert urlquery Phishing - East Japan Railway Company
GET /eki_ap/fonts/notosanscjkjp-regular_subset.woff HTTP/1.1
Host: s.ezkl-seauzu.icu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://s.ezkl-seauzu.icu/eki_ap/css/load_font.css
Cookie: PHPSESSID=ih5pn3g2p4pgkiivooog32qide; _amkc=894336f5-02f5-470a-802e-124b40f8fa78; 62345ba76168db0033ce8ae6a90ce5a762956614=nwcMGFHjQc7nDOZDxhWlbg%3D%3D
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
last-modified: Sun, 09 Oct 2022 12:47:44 GMT
etag: "128eb4-5ea9973029c00"
accept-ranges: bytes
content-length: 1216180
vary: Accept-Encoding
content-type: font/woff
date: Fri, 02 Dec 2022 11:19:26 GMT
server: Apache
X-Firefox-Spdy: h2