Report - ekuity.biofarmint.com/

Report Overview

Submitted URL
ekuity.biofarmint.com/
IP
192.185.14.2
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2022-10-06 02:36:53
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ekuity.biofarmint.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	341 B	451 B	192.185.14.2
sgp1.digitaloceanspaces.com	227353	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	548 B	782 kB	103.253.144.208
stackpath.bootstrapcdn.com	2467	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	2.7 kB	104.18.11.207
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	758 B	2.7 kB	54.230.111.118
login.microsoftonline.com	25	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	667 B	134 kB	40.126.32.75
leepsolutions.co.za	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	807 B	19 kB	196.41.122.224
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	978 B	2.7 kB	23.36.76.226
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	401 B	5.8 kB	54.230.111.7
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	993 B	2.1 kB	142.250.74.3
ocsp.comodoca.com	1696	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	329 B	1.0 kB	172.64.155.188
logincdn.msauth.net	2330	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	420 B	20 kB	192.229.221.185
ajax.googleapis.com	12905	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	783 B	66 kB	142.250.74.42
aadcdn.msftauth.net	1455	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.4 kB	266 kB	152.199.23.37
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	658 B	1.5 kB	93.184.220.29
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	594 B	127 B	52.43.253.52
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	66 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	28 kB	104.17.25.14
voicelogic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	466 B	139 kB	18.190.15.219

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2022-10-05	medium	ekuity.biofarmint.com/	Outlook
2022-10-01	medium	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	Outlook

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-06	medium	ekuity.biofarmint.com/	Phishing
2022-10-06	medium	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (21)

	URL	Size	First Seen	Last Seen
	ekuity.biofarmint.com/	229 B	2023-03-07	2023-03-17
Pretty URL ekuity.biofarmint.com/ IP 192.185.14.2 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:53:53 Last Seen2023-03-17 12:47:13 Times Seen1 Hash 39ffc8086c07b5bea2e5782f61b78a6c f98d64aa2980af8d3aa2250680b8bf4299b185b8 8161c9295f9a4093347c02993ab63d56af0e9ca9035da1b65a8881c3d4f8eb7d Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js	79 kB	2023-03-07	2024-04-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:59 Last Seen2024-04-19 13:21:20 Times Seen15657 Hash a454220fc07088bf1fdd19313b6bfd50 265a733cb7fbc481fd2510a659a85ad55c93c895 7f3145c87d3570154f633975e8a4f8d30aa38603edaba145501e9c90ddbe186c Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	14 kB	2023-03-08	2023-03-08
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:50:41 Last Seen2023-03-08 06:50:41 Times Seen1 Hash c09dbf8e32cf8379a7f8a02e6c13d984 882d68fa0e8a9d1e519ef16a7944bc7f62eda9f6 2f67b332431562394e4628b6a0c54cfed39390d7d4c82276eaecd2fdb4103b78 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	120 kB	2023-03-07	2023-06-12
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:13 Last Seen2023-06-12 23:35:38 Times Seen105 Hash 6628c2dd03004f08d880fbba3eef7efc 0fcaefe7867c2524654d0741460c8b49fba58120 21ac90b3c6ce3556091b83015e8c56ffc653c3612e45fbd0b84825dd8c8fddbe Loading...

	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	2.5 kB	2023-03-07	2023-03-17
Pretty URL sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html IP 103.253.144.208 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:17 Last Seen2023-03-17 12:47:13 Times Seen1 Hash df30b0145551c8d9c7bc5b584871594f b2e95b21b1c62877065e1f3847d171b7e949aaef 8fd667a7980056c3314e1eb87c870f66031bd9210a89ede8b8e3081cf67c4f36 Loading...

	ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js	86 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-19 23:48:31 Times Seen380304 Hash 2f6b11a7e914718e0290410e85366fe9 69bb69e25ca7d5ef0935317584e6153f3fd9a88c 05b85d96f41fff14d8f608dad03ab71e2c1017c2da0914d7c59291bad7a54f8e Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	4.8 kB	2023-03-07	2023-03-26
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:58 Last Seen2023-03-26 07:01:27 Times Seen3 Hash 58704fa89f1b1f12e88da512a6321acf 036bd182b7b6b2123b7f776420af7582a1c74549 3740fe93452b9c7a0c40b29c05637b58c87398db26dadbab2143763d09c50438 Loading...

	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	7.5 kB	2023-03-07	2023-03-17
Pretty URL sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html IP 103.253.144.208 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:20:17 Last Seen2023-03-17 12:47:13 Times Seen1 Hash 047d2549d5bf3d1abaaa32be21ff2e8f 5646d2d539347f5b84f6b0fcb7ce8ffc66df4580 1f38f26aebfca56ed64c626f0fc085e8a7148acb1411d029ee33452ffa4f7074 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	504 B	2023-03-07	2023-11-03
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:13 Last Seen2023-11-03 00:22:22 Times Seen1061 Hash ce50805b79c6d18b0569746ce1c1813d 5dba06a968e892018fa56719a2122fb9c2dbe073 db7fef64c3f5bd639bfec0be3af1779dac1f7238780320ecd06d478959da8495 Loading...

	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	66 B	2023-03-07	2023-03-17
Pretty URL sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html IP 103.253.144.208 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 17:53:53 Last Seen2023-03-17 12:47:13 Times Seen1 Hash aa8c119e644cdd7319b60c8d76863d84 b69a6fac6093b0dda97cee124ee07b32d1f98933 289d0fa2c5450c6c701c6ad23812b1c4c2a91ac2a154bec8017ff9fff53259f5 Loading...

	sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html	774 kB	2023-03-07	2023-03-17
Pretty URL sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html IP 103.253.144.208 ASN #14061 DIGITALOCEAN-ASN Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:45:16 Last Seen2023-03-17 12:47:13 Times Seen1 Hash 6dcd6809bcc64950435b39132ce2dcd1 ef4c63a38493fff64d29d6f79136e4f5e6ad3789 c067fc467ab2ab00c17ec689bcfb6942f56cc3ec67f231ecce8a58ca2ee492dc Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js	51 kB	2023-03-07	2024-04-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:44 Last Seen2024-04-19 23:48:31 Times Seen241271 Hash 67176c242e1bdc20603c878dee836df3 27a71b00383d61ef3c489326b3564d698fc1227c 56c12a125b021d21a69e61d7190cefa168d6c28ce715265cea1b3b0112d169c4 Loading...

	stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js	58 kB	2023-03-07	2024-04-19
Pretty URL stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js IP 104.18.11.207 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:33 Last Seen2024-04-19 23:22:25 Times Seen19525 Hash e1d98d47689e00f8ecbc5d9f61bdb42e 6778fed3cf095a318141a31f455c8f4663885bde 0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b Loading...

	ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js	97 kB	2023-03-07	2024-04-19
Pretty URL ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js IP 142.250.74.42 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:06 Last Seen2024-04-19 19:14:44 Times Seen118542 Hash 4f252523d4af0b478c810c2547a63e19 5a9dcfbef655a2668e78baebeaa8dc6f41d8dabb 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	12 kB	2023-03-07	2024-02-08
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:22 Last Seen2024-02-08 12:27:13 Times Seen15 Hash 410ff206162d68e386b10f478a49631f 2e8dc5e02a31a906ba77a4d48822ca4415c652e6 f731e662470f7d40cf6e0a2be8e0e374398fb631434d849199db1d12278dca94 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	183 kB	2023-03-07	2023-06-12
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:13 Last Seen2023-06-12 23:35:38 Times Seen33 Hash 72400ce90ceca2faa449abd37a249202 6beba1cb204858453600489b160615b8857d222b 5758d28ab0363d2403aeda906a3d53f744248923e5f1d0599f2377f2d3dc0a30 Loading...

	cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js	87 kB	2023-03-07	2024-04-20
Pretty URL cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-20 00:24:02 Times Seen105365 Hash a09e13ee94d51c524b7e2a728c7d4039 0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	2.2 kB	2023-03-07	2023-06-12
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:13 Last Seen2023-06-12 23:35:38 Times Seen34 Hash 9666a2ea63af16a3d137e4bc39abf5ba d248d43bb665bf8df5aa7e4dec0bfe3918568deb 815bc01505ce195d4212849331cc179ab6ffa21e5ff22a348f450e8c7dc44cf6 Loading...

	login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392	104 B	2023-03-07	2023-06-12
Pretty URL login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 IP 40.126.32.75 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:13 Last Seen2023-06-12 23:35:38 Times Seen34 Hash 54153736fe017a4a30d1e2bd79c62d86 94ac8c6da532f5148cc8d4bdfae0530723d815c7 4e2204d3edd7e7bd84f0756553de8767ed363b070a3f0d0792ebf4ca0fbf4652 Loading...

		Size	First Seen	Last Seen
	#1 Write - f595ad63e637e3b61fd990181e8ce234	258 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 13:20:17 Last Seen2023-03-17 12:47:13 Times Seen1 Hash f595ad63e637e3b61fd990181e8ce234 83c8a5e39edc142d1f6b53d54be31b81eb8f0d3b 90f930ee81e0c66b5c1826fcd7a76235bc94dbfb80ae3a09fe50876a5e778878 Loading...

	#2 Write - fc7ab9398f36521f3bd965601d089c03	2.5 kB	2023-03-07	2023-03-17
Pretty Observations First Seen2023-03-07 13:20:17 Last Seen2023-03-17 12:47:13 Times Seen1 Hash fc7ab9398f36521f3bd965601d089c03 bf159cbb3636418374ddc4b6270b224b34b3be9b 5f4b5f0f6b7be773ef47ffb3aaa60137fed9c3eaa7a2ae277243772b75ac36cb Loading...

HTTP Transactions (49)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
eabb7d9ffae717f7305d63c057755470
3b7f0baccfdbb8d9ffefa4a2215d4d6094be454a
ab48f17e54075e1ecf034278e82bcacd2e3689773186cc84fba9b79aac907294

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5266
Expires: Thu, 06 Oct 2022 04:04:28 GMT
Date: Thu, 06 Oct 2022 02:36:42 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

54.230.111.118

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4bgLWTBgk2f93UyLVj3uPzJZiaw9LRU_E_P2kWSyUvgUdUhTXWaCVg==
Age: 38964

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

54.230.111.7

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
54.230.111.7:0
ASN
#16509 AMAZON-02

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 05 Oct 2022 04:02:33 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cZrkfFkxv2Bo8Henm9W9TLwDr-M2w_p5tbAofr6-zio3ORjjx5ftOg==
age: 81250
X-Firefox-Spdy: h2

ekuity.biofarmint.com/

192.185.14.2

200 OK

192 B

URL HTTP/1.1
ekuity.biofarmint.com/
IP
192.185.14.2:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document, ASCII text, with CRLF line terminators
Size
192 B (192 bytes)
Hash
0454db501b67d41215c9d35d221d97a5
dfabc8fb9fa1e3eaf3d1458fa4aa67fe97799a40
9786e530869ba27b8f730ad92a48e1a32bf5aa569f14f25def97f8bb0a803a6f

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: ekuity.biofarmint.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:36:42 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 192
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 02:36:42 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.118

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.118:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 02:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 02:56:32 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z7TXVoqoK_Xl4cTUGT-1-B8uWOWN-xQ_Dh9dU-Xw3eAqQXPdpKB_Bw==
Age: 422

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
1561c6be7c89d1357a80d12de47b6e74
9a705277922ecca583c867af58b3efce099f83bd
e33dc034dbf4b3b627cd3c1af2d942e2ca5704ec9a4aad5c46ad39eb070e82ab

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3438
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:36:43 GMT
Last-Modified: Thu, 06 Oct 2022 01:39:26 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
f76cde90232392b2f6b1cf020735648c
9bdf98bfff8d6cce74d5aed03e5b2b56b751eebd
ec3969943e00b2b645e20b576f6cdb8e18a48125ac8e049dbf8e52a70d16ed37

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5142
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:36:43 GMT
Last-Modified: Thu, 06 Oct 2022 01:11:01 GMT
Server: ECS (amb/6BA6)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.43.253.52

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.253.52:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Z1f0k0p2Ii7ozuwIiUWo5A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: nvmq8AZJzvG09y/92fllzrVPO0c=

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4720
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 02:36:44 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4720
Expires: Thu, 06 Oct 2022 03:55:24 GMT
Date: Thu, 06 Oct 2022 02:36:44 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12156 bytes)
Hash
af17f003b33d854fd024dcd3980fea27
1282572af57f7d04cae3f736a9b9fcb378efdf70
5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 13:09:19 GMT
age: 48445
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.9 kB (6933 bytes)
Hash
746e3c38e01d58e6fa0728798221a830
b19dd1d42995ea4242505b152e77835442341581
c524a2e7e29690030b7402077f711e643674c8f42de071214f3909b447fb1e3b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: aRwLcesGtAJ-M6BLPyzdprcMh8tvcxVH6AOG2LJc8aSYLR0BR9WAwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:09 GMT
etag: "b19dd1d42995ea4242505b152e77835442341581"
content-type: image/jpeg
age: 16055
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10809 bytes)
Hash
a508ac9cd743bec987b2a24454418265
8c7ecefe6908387e2128dc849a6ba857991ba0ab
afb2c2b51f2ce445ada599068901551beee594b15c152ed7551ab7a8835dde6d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F913c841b-40a5-4fa4-bc55-0e9d1369640e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10809
x-amzn-requestid: db4d1d2a-05b8-403e-a7ca-8b8a6a0a4087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQb-HrTIAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfab2-74f184406a48e42c0ecc4ec9;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: tv80OXQUu13gDuuFESnEnXMuFdNBmGc1y592euL7QnfZW5PwJym9-g==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:53:39 GMT
etag: "8c7ecefe6908387e2128dc849a6ba857991ba0ab"
content-type: image/jpeg
age: 16985
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8651 bytes)
Hash
2d101e6535dfc8ea8c193d3e97c07e1d
d839f3aa41455d818da9a794b0688b1144b3a03a
d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 16046
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11080 bytes)
Hash
2277f8f2d93b4bc3b05d348343177892
531d9e4ec9078cd2d7376a19fcb287084af36c82
62907648de4a2ed390232a71ab7dce49f1e9c3363cde6a2f30ecae10ab67f93a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fac259b-7a22-4aa2-ba3f-682cb749091c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11080
x-amzn-requestid: 8fa4d19d-87a5-46c5-96c5-4aec793daad9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO7xE5eoAMFQLw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df84b-5c422c7a168c014f57559037;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:34:03 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: LySueW1si-yWLwecUILV1s57IEV2FdcQ9_pH1Aoe4AYISi7QXXfd3A==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 34c44cb7892e57a3b6c51812bcf68ee4.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:39:28 GMT
age: 17836
etag: "531d9e4ec9078cd2d7376a19fcb287084af36c82"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10158 bytes)
Hash
4fc2ddd86450d64d3fb659ab4e78be58
bbe71936b78a8c34d03ab87948dc840b35c6948f
84a760397a5912bd05f61bc8a953c13a88a677e2d17fbbf74bdf7d7ff4d3942f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 04:06:09 GMT
age: 81035
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html

103.253.144.208

200 OK

782 kB

URL HTTP/2
sgp1.digitaloceanspaces.com/18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html
IP
103.253.144.208:0
ASN
#14061 DIGITALOCEAN-ASN

File type
HTML document, ASCII text, with very long lines (65536), with no line terminators
Size
782 kB (781908 bytes)
Hash
51b97915388321be64b739bd85c498fa
1bece98aca5ac40174b457e5ee528f03de23319c
79b8963f044a456e0e374fad876b9082102de46338a7fb99b7a2453760a60e30

Detections

Analyzer	Verdict	Alert
openphish	Outlook
fortinet	Phishing

HTTP Headers

GET /18b72318b723218b7232f-11b9-4ed1-9c49-2b132f-11b9-4ed1-9c49-2b13/index-01.html HTTP/1.1
Host: sgp1.digitaloceanspaces.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ekuity.biofarmint.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-length: 781908
accept-ranges: bytes
last-modified: Fri, 16 Sep 2022 14:41:10 GMT
x-rgw-object-type: Normal
etag: "51b97915388321be64b739bd85c498fa"
x-amz-request-id: tx000000000000060252e8c-00633e3f3b-1cd01b00-sgp1b
content-type: text/html
date: Thu, 06 Oct 2022 02:36:43 GMT
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
strict-transport-security: max-age=15552000; includeSubDomains; preload
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js

104.17.25.14

200 OK

27 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/jquery/3.3.1/jquery.min.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65451)
Size
27 kB (27433 bytes)
Hash
77bd61b98f7b67af56639229724f8dd4
f04f07dd8ff53e58c32b738f81b71a014bca441d
8ce54c3b77bf31899b27b29188ff4936b580f2bd2b3222d43dda2851ba272e24

HTTP Headers

GET /ajax/libs/jquery/3.3.1/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:36:45 GMT
content-type: application/javascript; charset=utf-8
content-length: 27433
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1538f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 27415
expires: Tue, 26 Sep 2023 02:36:45 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hkmm3%2FtYCXZVr4CgXZoZDUm7hCEYBcRVPHqREYISQnAsNd51WaJChqqyDcb5BkDZXH0%2BKTCg6NeOglLj7NR7lgqsQSgr02XuTdpbcPGXwgDJkZvs5m%2BJ0bNTLqzF4J1ZsQvgSHSt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 755b02de595db4f9-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

logincdn.msauth.net/16.000/Converged_v22057_egJPTAx_byK-yF_CMCKFeg2.css

192.229.221.185

200 OK

20 kB

URL HTTP/2
logincdn.msauth.net/16.000/Converged_v22057_egJPTAx_byK-yF_CMCKFeg2.css
IP
192.229.221.185:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (61112)
Size
20 kB (19747 bytes)
Hash
188e30fb13c8b65731faa2f83b3acf03
9e39f20b6748307ca4d9ad258a2971ba7c803431
ccd7769091243219557bc2b5330ecaada1344c91a6a640b5aac89ba0b951cb0d

HTTP Headers

GET /16.000/Converged_v22057_egJPTAx_byK-yF_CMCKFeg2.css HTTP/1.1
Host: logincdn.msauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 5035931
cache-control: public, max-age=31536000
content-md5: GI4w+xPItlcx+qL4OzrPAw==
content-type: text/css
date: Thu, 06 Oct 2022 02:36:45 GMT
etag: 0x8D903C3B3CCE6D8
last-modified: Tue, 20 Apr 2021 06:15:31 GMT
server: ECAcc (ska/F6E5)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 6b73d4a3-e01e-005b-7c5f-ab4940000000
x-ms-version: 2009-09-19
content-length: 19747
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

142.250.74.42

200 OK

34 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32077)
Size
34 kB (33951 bytes)
Hash
fd2b58574f9637ba7ef639267349d848
6eda5ea93f549ceb5693f6f1c038893fa56a510d
75627d4b97e5e6294a8f88f5eeaf9b616696dc8600db9701c47ef05f067880ec

HTTP Headers

GET /ajax/libs/jquery/1.12.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33951
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 13:29:12 GMT
expires: Thu, 05 Oct 2023 13:29:12 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
age: 47253
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js

142.250.74.42

200 OK

30 kB

URL HTTP/2
ajax.googleapis.com/ajax/libs/jquery/2.2.4/jquery.min.js
IP
142.250.74.42:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (32065)
Size
30 kB (30028 bytes)
Hash
6d973c8b7e2439d958e09c0a1ab9fe50
05ae0830200c20b9a2dfd5a825adc400481a60fb
f3c122dc227e829ed96b2a754296809201bd78abbad7ba50ef5079654e1cc894

HTTP Headers

GET /ajax/libs/jquery/2.2.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30028
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:06:53 GMT
expires: Thu, 05 Oct 2023 21:06:53 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 19792
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
b0e8a79f3e381ab34a44278947ac7c7e
70d01e6fdc8565c661b6ae8c5a043ddf2da16530
885a8c234fca85e6f6bb3e8fcab6672b9a9742b5d3f74681b17a330fa295d549

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 02:36:45 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

40.126.32.75

200 OK

132 kB

URL HTTP/1.1
login.microsoftonline.com/logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392
IP
40.126.32.75:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33882), with CRLF, LF line terminators
Size
132 kB (131570 bytes)
Hash
9f01fa36e46c12c36d0da55af9e01c9f
73efb6c25a324c18afdafc62313488d4ae218e19
830fb51d9fdea7b8ec1859100b4f18964fa5c257019286e14ad76a9da15fc555

HTTP Headers

GET /logout.srf?ct=1548343592&rver=64.4.6456.0&lc=1033&id=501392 HTTP/1.1
Host: login.microsoftonline.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Cookie: brcap=0; MSFPC=GUID=27491a5fca0c436896bdbf20a1588da0&HASH=2749&LV=202205&V=4&LU=1652883922743; ESTSSSOTILES=1; AADSSOTILES=1
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: no-store, no-cache
Pragma: no-cache
Content-Type: text/html; charset=utf-8
Content-Encoding: gzip
Expires: -1
Vary: Accept-Encoding
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
Link: <https://aadcdn.msftauth.net>; rel=preconnect; crossorigin, <https://aadcdn.msftauth.net>; rel=dns-prefetch, <https://aadcdn.msauth.net>; rel=dns-prefetch
X-DNS-Prefetch-Control: on
P3P: CP="DSP CUR OTPi IND OTRi ONL FIN"
x-ms-request-id: bf454cec-3e3a-4270-bb0b-9c460d414000
x-ms-ests-server: 2.1.13777.6 - WEULR1 ProdSlices
Referrer-Policy: strict-origin-when-cross-origin
X-XSS-Protection: 0
Set-Cookie: SignInStateCookie=CAgABAAIAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P-xkJEW-2Byoz5QkrKgBz0LaR1aI9CD6vWWPGqOgwpf9L-XdN-D0EwE-t69ea4n1WkQOqQIH--XzA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSSSOTILES=1; expires=Wed, 06-Oct-2032 02:36:45 GMT; path=/; secure; SameSite=None
AADSSOTILES=1; expires=Wed, 06-Oct-2032 02:36:45 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHPERSISTENT=AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P9Cgqxtuwd-CYAu_MulFQ0fpS90HuEhQDOnQhbSVwujYfhzxQX_AcA8SpKSz7TguuRH_RLdL0sHlg; domain=.login.microsoftonline.com; expires=Wed, 04-Jan-2023 02:36:45 GMT; path=/; secure; HttpOnly; SameSite=None
ESTSAUTH=AgABAAQAAAD--DLA3VO7QrddgJg7WevrAgDs_wQA9P84U69h0R9iX2CdLAVxCzdK48ZOTaBR5xUJGmJsmKi1yi904wWtRon9rTOZiPSaHdcXCwIzqpD3MA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
ESTSAUTHLIGHT=+; path=/; secure; SameSite=None
ch=WE6yHnaOp1VPtxPsevVmX2lQGMhaxE2GrLm6ESIVWds; domain=.login.microsoftonline.com; expires=Wed, 04-Jan-2023 02:36:45 GMT; path=/; secure; SameSite=None
ESTSSC=00; path=/; secure; HttpOnly; SameSite=None
buid=AQABAAEAAAD--DLA3VO7QrddgJg7Wevr4mjzzwLOcP9A4NgNVeLFimz8vKRg_lkT2i9aUImNmXIcMwGuzR57zkM1w_FdXygYZEIeYscbQxsa9UZDSe41bEArfbNlZ0S08q0Kr_TOToEgAA; expires=Sat, 05-Nov-2022 02:36:45 GMT; path=/; secure; HttpOnly; SameSite=None
fpc=AiDzXAiq1JNMtjj1Ka483cY; expires=Sat, 05-Nov-2022 02:36:45 GMT; path=/; secure; HttpOnly; SameSite=None
esctx=AQABAAAAAAD--DLA3VO7QrddgJg7WevrZ1k-90fUgVAxF6tkonbqcxqcXgruvxMgJl8gMs4lZij-QJXg85wszy-0SCgH0-oOkWs6ndwNRydDFaDrZFimIvcTAyPmnnCTKUX2MJOSanRBJmXJiLHf8LCRyZT3lvwbDNOwM5QxCEheXQLG1uYI2t_tqpe8y6_8-1SyDZZiez5WejWtOuNe6yy5B0v6qTQozG6AvWWNFPTh4trf6DiZy-caIpNQSDw4tbTxMznwYgEgAA; domain=.login.microsoftonline.com; path=/; secure; HttpOnly; SameSite=None
x-ms-gateway-slice=estsfd; path=/; secure; samesite=none; httponly
stsservicecookie=estsfd; path=/; secure; samesite=none; httponly
Date: Thu, 06 Oct 2022 02:36:44 GMT
Content-Length: 131570

ocsp.comodoca.com/

172.64.155.188

200 OK

471 B

URL HTTP/1.1
ocsp.comodoca.com/
IP
172.64.155.188:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
ed82c652e78be79073b379e7e965e1f3
27948400d1c778db265e77860b7971d29a92ffa7
390d1ede1c4b96e52bdd9ffd752696765c69e9a5a0a04c1188a4cf29ea0068bc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 02:36:45 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Wed, 05 Oct 2022 06:49:46 GMT
Expires: Wed, 12 Oct 2022 06:49:45 GMT
Etag: "27948400d1c778db265e77860b7971d29a92ffa7"
Cache-Control: max-age=564157,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: REVALIDATED
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 755b02e0ccb2b51e-OSL

leepsolutions.co.za/wp-includes/css/wp-muter.css

196.41.122.224

200 OK

1.4 kB

URL HTTP/1.1
leepsolutions.co.za/wp-includes/css/wp-muter.css
IP
196.41.122.224:0
ASN
#36874 Cybersmart

File type
ASCII text, with CRLF line terminators
Size
1.4 kB (1397 bytes)
Hash
681ec0d3178c938364e66debb1b4d299
7074a5209a35fdbdb9d7e0ac79973b2c7d556090
01c5170f0704fabc9588118ccbee06864e2446e515e2ddc03d5bfc8f93102d80

HTTP Headers

GET /wp-includes/css/wp-muter.css HTTP/1.1
Host: leepsolutions.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:36:45 GMT
Content-Type: text/css
Content-Length: 1397
Connection: keep-alive
Last-Modified: Tue, 23 Aug 2022 14:00:23 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg

152.199.23.37

200 OK

987 B

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data
Size
987 B (987 bytes)
Hash
e58aafc980614a9cd7796bea7b5ea8f0
d4cac92dcde0caf7c571e6d791101da94fdbd2ca
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 5429835
cache-control: public, max-age=31536000
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
content-type: image/jpeg
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D7B007295267C8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F6CE)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 39300d17-001e-0069-61ca-a78554000000
x-ms-version: 2009-09-19
content-length: 987
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg

152.199.23.37

200 OK

18 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
18 kB (17453 bytes)
Hash
7916a894ebde7d29c2cc29b267f1299f
78345ca08f9e2c3c2cc9b318950791b349211296
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 9160369
cache-control: public, max-age=31536000
content-md5: eRaolOvefSnCzCmyZ/Epnw==
content-type: image/jpeg
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D7B007294E20F8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F7A6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68c81a87-901e-0041-4edc-85dc2a000000
x-ms-version: 2009-09-19
content-length: 17453
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png

152.199.23.37

200 OK

1.1 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /ests/2.1/content/images/microsoft_logo.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 435381
cache-control: public, max-age=604800
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D641014F7D2A46
last-modified: Fri, 02 Nov 2018 20:25:20 GMT
server: ECAcc (ska/F6A9)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 16102045-301e-009f-5d36-d5a60b000000
x-ms-version: 2009-09-19
content-length: 1057
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png

152.199.23.37

200 OK

1.3 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
0f72b5950600f24e7f9a604b186f3945
3ccaf80771c291cc03facd493f8ee9c03f1f238d
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40

HTTP Headers

GET /shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 5104768
cache-control: public, max-age=31536000
content-md5: D3K1lQYA8k5/mmBLGG85RQ==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D79A1B9F5B2B36
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ska/F6E5)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82adfd9a-701e-0075-7ebf-aaf6ff000000
x-ms-version: 2009-09-19
content-length: 1335
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png

152.199.23.37

200 OK

1.5 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1487 bytes)
Hash
1963c6b1926b773986f53f844ce4c32e
1324fa13fb62d6dccdcfa258f205c01da41409b7
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e

HTTP Headers

GET /shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 7513542
cache-control: public, max-age=31536000
content-md5: GWPGsZJrdzmG9T+ETOTDLg==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D79A1BA1ED720E
last-modified: Thu, 16 Jan 2020 00:32:56 GMT
server: ECAcc (ska/F6AE)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c039d5c1-801e-004b-4ed6-94f668000000
x-ms-version: 2009-09-19
content-length: 1487
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

152.199.23.37

200 OK

20 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (61177)
Size
20 kB (19970 bytes)
Hash
f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 5303669
cache-control: public, max-age=31536000
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
content-type: text/css
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8DA7650B375AC9B
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ska/F7A0)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5ecbd986-101e-0042-39ef-a82f4a000000
x-ms-version: 2009-09-19
content-length: 19970
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

152.199.23.37

200 OK

40 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
40 kB (40454 bytes)
Hash
1d65bddae4eaeefc77cb9cfecc565b5d
a7d87150da1df6ae6db87d98760db7d753dbf6b9
b98d5ba052230db0abc1b0e7b09d814114f6b7c316836beb88e7b49057dafec0

HTTP Headers

GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 6214598
cache-control: public, max-age=31536000
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
content-type: application/x-javascript
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8D8DA1D9D23143A
last-modified: Fri, 26 Feb 2021 06:13:19 GMT
server: ECAcc (ska/F6C8)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 96e65c3e-001e-0081-27a6-a0d8cd000000
x-ms-version: 2009-09-19
content-length: 40454
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js

152.199.23.37

200 OK

45 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (778)
Size
45 kB (44785 bytes)
Hash
ba923b68f3b3b1d5d278bf95bfca39c3
c603387d21972de4efc759ce791c17772675eb75
87c1a50807ed5c994c8d54f6b096f9dded633102e097eb3c5793dffb38fd257e

HTTP Headers

GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
X-Moz: prefetch
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 14490147
cache-control: public, max-age=31536000
content-md5: upI7aPOzsdXSeL+Vv8o5ww==
content-type: application/x-javascript
date: Thu, 06 Oct 2022 02:36:46 GMT
etag: 0x8DA2286D5C4F576
last-modified: Wed, 20 Apr 2022 04:32:53 GMT
server: ECAcc (ska/F7AA)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d99079b3-001e-0087-5c62-553e0c000000
x-ms-version: 2009-09-19
content-length: 44785
X-Firefox-Spdy: h2

voicelogic.com/wp-content/uploads/2017/04/vmcmicrosoft680435.mp3

18.190.15.219

206 Partial Content

138 kB

URL HTTP/1.1
voicelogic.com/wp-content/uploads/2017/04/vmcmicrosoft680435.mp3
IP
18.190.15.219:0
ASN
#16509 AMAZON-02

File type
MPEG ADTS, layer III, v2, 64 kbps, 16 kHz, Monaural\012- data
Size
138 kB (138332 bytes)
Hash
5efe474fa2a8d270ded8bc652879783e
00ea68ec28f2ebe5593d5bf92190729034b28dc0
13b6d87c2e839fd6dbb100e02242345cea790497a319f18ec5ab7047549735b3

HTTP Headers

GET /wp-content/uploads/2017/04/vmcmicrosoft680435.mp3 HTTP/1.1
Host: voicelogic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 206 Partial Content
Date: Thu, 06 Oct 2022 02:36:45 GMT
Server: Apache
Last-Modified: Thu, 10 Jun 2021 17:04:22 GMT
Accept-Ranges: bytes
Content-Length: 138332
Cache-Control: max-age=2592000, public
Expires: Sat, 05 Nov 2022 02:36:45 GMT
Vary: Accept-Encoding
Content-Range: bytes 0-138331/138332
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: audio/mpeg

leepsolutions.co.za/wp-includes/images/one/favicon.ico

196.41.122.224

200 OK

17 kB

URL HTTP/1.1
leepsolutions.co.za/wp-includes/images/one/favicon.ico
IP
196.41.122.224:0
ASN
#36874 Cybersmart

File type
MS Windows icon resource - 6 icons, -128x-128, 16 colors, 72x72, 16 colors\012- data
Size
17 kB (17174 bytes)
Hash
12e3dac858061d088023b2bd48e2fa96
e08ce1a144eceae0c3c2ea7a9d6fbc5658f24ce5
90cdaf487716184e4034000935c605d1633926d348116d198f355a98b8c6cd21

HTTP Headers

GET /wp-includes/images/one/favicon.ico HTTP/1.1
Host: leepsolutions.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 06 Oct 2022 02:36:46 GMT
Content-Type: image/x-icon
Content-Length: 17174
Connection: keep-alive
Last-Modified: Wed, 06 Jul 2022 11:44:58 GMT
Vary: Accept-Encoding
Accept-Ranges: bytes

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg

152.199.23.37

200 OK

987 B

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=4, xresolution=62, yresolution=70, resolutionunit=2, software=paint.net 4.2.9], baseline, precision 8, 50x28, components 3\012- data
Size
987 B (987 bytes)
Hash
e58aafc980614a9cd7796bea7b5ea8f0
d4cac92dcde0caf7c571e6d791101da94fdbd2ca
8b34a475187302935336bf43a2bf2a4e0adb9a1e87953ea51f6fcf0ef52a4a1d

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2-small_e58aafc980614a9cd7796bea7b5ea8f0.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 5429839
cache-control: public, max-age=31536000
content-md5: 5YqvyYBhSpzXeWvqe16o8A==
content-type: image/jpeg
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D7B007295267C8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F6CE)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 39300d17-001e-0069-61ca-a78554000000
x-ms-version: 2009-09-19
content-length: 987
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg

152.199.23.37

200 OK

18 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size
18 kB (17453 bytes)
Hash
7916a894ebde7d29c2cc29b267f1299f
78345ca08f9e2c3c2cc9b318950791b349211296
d8f5ab3e00202fd3b45be1acd95d677b137064001e171bc79b06826d98f1e1d3

HTTP Headers

GET /shared/1.0/content/images/backgrounds/2_7916a894ebde7d29c2cc29b267f1299f.jpg HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 9160373
cache-control: public, max-age=31536000
content-md5: eRaolOvefSnCzCmyZ/Epnw==
content-type: image/jpeg
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D7B007294E20F8
last-modified: Wed, 12 Feb 2020 22:01:50 GMT
server: ECAcc (ska/F7A6)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 68c81a87-901e-0041-4edc-85dc2a000000
x-ms-version: 2009-09-19
content-length: 17453
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png

152.199.23.37

200 OK

1.1 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/images/microsoft_logo.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 108 x 24, 8-bit/color RGBA, non-interlaced\012- data
Size
1.1 kB (1057 bytes)
Hash
ed9c9eb0dce17d752bedea6b5acda6d9
eca56c4904354eed5da0debcd6bd66856ab4784d
f664b8138c2da6ec7565500a7cc839da6372614a31dc04c5a2169a26b8d9767c

HTTP Headers

GET /ests/2.1/content/images/microsoft_logo.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 435385
cache-control: public, max-age=604800
content-md5: 7ZyesNzhfXUr7eprWs2m2Q==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D641014F7D2A46
last-modified: Fri, 02 Nov 2018 20:25:20 GMT
server: ECAcc (ska/F6A9)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 16102045-301e-009f-5d36-d5a60b000000
x-ms-version: 2009-09-19
content-length: 1057
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png

152.199.23.37

200 OK

1.5 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
1.5 kB (1487 bytes)
Hash
1963c6b1926b773986f53f844ce4c32e
1324fa13fb62d6dccdcfa258f205c01da41409b7
9fc929be7892b2f4498627d22bc1b3990dc380efcfe40fe6c3cac2dea7565c8e

HTTP Headers

GET /shared/1.0/content/images/work_account_1963c6b1926b773986f53f844ce4c32e.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 7513546
cache-control: public, max-age=31536000
content-md5: GWPGsZJrdzmG9T+ETOTDLg==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D79A1BA1ED720E
last-modified: Thu, 16 Jan 2020 00:32:56 GMT
server: ECAcc (ska/F6AE)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: c039d5c1-801e-004b-4ed6-94f668000000
x-ms-version: 2009-09-19
content-length: 1487
X-Firefox-Spdy: h2

aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png

152.199.23.37

200 OK

1.3 kB

URL HTTP/2
aadcdn.msftauth.net/shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
PNG image data, 51 x 51, 8-bit/color RGBA, non-interlaced\012- data
Size
1.3 kB (1335 bytes)
Hash
0f72b5950600f24e7f9a604b186f3945
3ccaf80771c291cc03facd493f8ee9c03f1f238d
0b874f4ccfac9ff5264f1f7c29c4c016fde7e4e032512bac1bb43d145a44ea40

HTTP Headers

GET /shared/1.0/content/images/personal_account_0f72b5950600f24e7f9a604b186f3945.png HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 5104772
cache-control: public, max-age=31536000
content-md5: D3K1lQYA8k5/mmBLGG85RQ==
content-type: image/png
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D79A1B9F5B2B36
last-modified: Thu, 16 Jan 2020 00:32:52 GMT
server: ECAcc (ska/F6E5)
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 82adfd9a-701e-0075-7ebf-aaf6ff000000
x-ms-version: 2009-09-19
content-length: 1335
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css

152.199.23.37

200 OK

20 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (61177)
Size
20 kB (19970 bytes)
Hash
f4adbf9c60a3ef95809a6008f6764d08
b55c98c403b111b494c1ece263dc06eabc0ab075
6a59a4f890ea26ef050b83d0722aafc3ad70ddbce706806381c4f159a5db7497

HTTP Headers

GET /ests/2.1/content/cdnbundles/converged.v2.login.min_8owwt4u-33ps0wawi7tmow2.css HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 5303673
cache-control: public, max-age=31536000
content-md5: 9K2/nGCj75WAmmAI9nZNCA==
content-type: text/css
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8DA7650B375AC9B
last-modified: Thu, 04 Aug 2022 19:37:00 GMT
server: ECAcc (ska/F7A0)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 5ecbd986-101e-0042-39ef-a82f4a000000
x-ms-version: 2009-09-19
content-length: 19970
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js

152.199.23.37

200 OK

40 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
40 kB (40454 bytes)
Hash
1d65bddae4eaeefc77cb9cfecc565b5d
a7d87150da1df6ae6db87d98760db7d753dbf6b9
b98d5ba052230db0abc1b0e7b09d814114f6b7c316836beb88e7b49057dafec0

HTTP Headers

GET /ests/2.1/content/cdnbundles/jquery.3.5.min_dc940oomzau4rsu8qesnvg2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
age: 6214602
cache-control: public, max-age=31536000
content-md5: HWW92uTq7vx3y5z+zFZbXQ==
content-type: application/x-javascript
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8D8DA1D9D23143A
last-modified: Fri, 26 Feb 2021 06:13:19 GMT
server: ECAcc (ska/F6C8)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 96e65c3e-001e-0081-27a6-a0d8cd000000
x-ms-version: 2009-09-19
content-length: 40454
X-Firefox-Spdy: h2

aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js

152.199.23.37

200 OK

45 kB

URL HTTP/2
aadcdn.msftauth.net/ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js
IP
152.199.23.37:0
ASN
#15133 EDGECAST

File type
ASCII text, with very long lines (778)
Size
45 kB (44785 bytes)
Hash
ba923b68f3b3b1d5d278bf95bfca39c3
c603387d21972de4efc759ce791c17772675eb75
87c1a50807ed5c994c8d54f6b096f9dded633102e097eb3c5793dffb38fd257e

HTTP Headers

GET /ests/2.1/content/cdnbundles/aad.login.min_kx1da7l2dz6nhe9kugk19a2.js HTTP/1.1
Host: aadcdn.msftauth.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://login.microsoftonline.com/
Origin: https://login.microsoftonline.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
age: 14490151
cache-control: public, max-age=31536000
content-md5: upI7aPOzsdXSeL+Vv8o5ww==
content-type: application/x-javascript
date: Thu, 06 Oct 2022 02:36:50 GMT
etag: 0x8DA2286D5C4F576
last-modified: Wed, 20 Apr 2022 04:32:53 GMT
server: ECAcc (ska/F7AA)
vary: Accept-Encoding
x-cache: HIT
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: d99079b3-001e-0087-5c62-553e0c000000
x-ms-version: 2009-09-19
content-length: 44785
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.3.1/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:36:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 2021-04-23 06:42:10
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 9f77a8320c556613cd1db316f0f748d4
cdn-cache: HIT
cf-cache-status: HIT
age: 13134120
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755b02de6b74b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.bundle.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.3.1/js/bootstrap.bundle.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:36:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 601, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-cachedat: 2021-04-23 05:36:00
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: f6dbf836646a5a5c703639910ac45cc7
cdn-cache: HIT
cf-cache-status: HIT
age: 13134087
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755b02de6b75b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js

104.18.11.207

200 OK

0 B

URL HTTP/2
stackpath.bootstrapcdn.com/bootstrap/4.1.3/js/bootstrap.min.js
IP
104.18.11.207:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/4.1.3/js/bootstrap.min.js HTTP/1.1
Host: stackpath.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sgp1.digitaloceanspaces.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Thu, 06 Oct 2022 02:36:45 GMT
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
access-control-allow-origin: *
cache-control: public, max-age=31919000
last-modified: Mon, 25 Jan 2021 22:04:06 GMT
cdn-cachedat: 11/15/2021 23:30:00
cdn-proxyver: 1.0
cdn-requestpullcode: 200
cdn-requestpullsuccess: True
cdn-edgestorageid: 723
cdn-status: 200
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
cdn-requestid: a35b0179a28ed953258d0fb41376a09c
cdn-cache: HIT
cf-cache-status: HIT
age: 8067653
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 755b02de6b72b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (21)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations