Report - phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See

Report Overview

Submitted URL
phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See
IP
104.26.11.234
ASN
#13335 CLOUDFLARENET
Submitted
2023-03-23 13:02:52
Access
public
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
7
Threat Detection Systems
0

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-29T05:09:03Z	782 B	2.4 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-29T05:09:31Z	413 B	5.9 kB	34.160.144.191
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-29T05:09:31Z	333 B	391 B	34.117.237.239
static-exp1.licdn.com	3079	2017-09-11T07:11:26Z	2023-03-25T06:52:07Z	2.8 kB	95 kB	23.36.76.121
phishtest.xyz	unknown	2020-04-22T13:38:13Z	2023-03-24T15:17:04Z	2.1 kB	33 kB	104.26.10.234
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-29T05:09:32Z	606 B	127 B	52.26.112.186
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-29T05:09:12Z	3.2 kB	50 kB	34.120.237.76
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-29T05:09:11Z	2.7 kB	7.1 kB	23.36.76.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-03-23 13:02:51	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:51	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:51	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:52	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:53	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:54	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)
2023-03-23 13:02:57	high	Client IP	64.233.163.127	ET INFO Session Traversal Utilities for NAT (STUN Binding Request On Non-Standard High Port)

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (3)

	URL	Size	First Seen	Last Seen
	phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See	1.5 kB	2023-03-14	2023-04-12
Pretty URL phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See IP 104.26.10.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-14 10:30:10 Last Seen2023-04-12 22:37:29 Times Seen33 Hash 7ecbdb19c87be1be73593c760af536dc 72fcdd189ec4f2c73a4cb460a386e91e577d3b7e a2773c6bf327adb849fd145e9e721f50df1654d78a1b81767bef6ef7b0a6c513 Loading...

	static-exp1.licdn.com/sc/h/eifp0ukycgmm5y0uay3omxuap	1.2 kB	2023-03-08	2023-06-17
Pretty URL static-exp1.licdn.com/sc/h/eifp0ukycgmm5y0uay3omxuap IP 23.36.76.121 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:02:14 Last Seen2023-06-17 02:41:16 Times Seen18 Hash ca1b08b8354344a2fbe2b2f297f5232e fded4fe94f42277baef369125b4466b179d95520 99c52046d1df362721eb275cabcd169c7e105d0bbaf374a7c9f96ddf6c1216f2 Loading...

	phishtest.xyz/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGlua2VkSW4lMjBMb2dpbiUyQyUyMFNpZ24lMjBpbiUyMCU3QyUyMExpbmtlZEluJTIyJTJDJTIyeCUyMiUzQTAuNjQwNTQ0NDA5ODg2MTE5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MzklMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBoaXNodGVzdC54eXolMkZodW1hbiUyRmxua2QucGhwJTNGY2FtcGFpZ24lM0ROalF4WW1OaU5HSm1ZVE01TkRWak9UUTBOekZqT1dFd09qWTBNV014WmpCaFptRXpPVFExWXprME5EY3hZemxpWWclM0QlM0QlMjUyMiUyQyUyNTIyUmVwb3J0ZXJDYXNlSUQlMjUyMiUzQSUyNTIyNDA1NTEzNTglMjUyMiUyQyUyNTIyU291cmNlSXAlMjUyMiUzQSUyNTIyMTA0LjI2LjExLjIzNCUyNTIyJTJDJTI1MjJEYXRlJTI1MjIlM0ElMjUyMjIwMjMtMDMtMjNUMDklM0E0NyUzQTI0WiUyNTIyJTJDJTI1MjJSZXBvcnRUeXBlJTI1MjIlM0ElMjUyMlBoaXNoaW5nJTI1MjIlMkMlMjUyMlJlcG9ydENsYXNzJTI1MjIlM0ElMjUyMkNvbnRlbnQlMjUyMiUyQyUyNTIyUmVwb3J0ZXJOb3RlcyUyNTIyJTNBJTI1MjJTZWUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE	5.0 kB	2023-03-29	2023-03-29
Pretty URL phishtest.xyz/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGlua2VkSW4lMjBMb2dpbiUyQyUyMFNpZ24lMjBpbiUyMCU3QyUyMExpbmtlZEluJTIyJTJDJTIyeCUyMiUzQTAuNjQwNTQ0NDA5ODg2MTE5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MzklMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBoaXNodGVzdC54eXolMkZodW1hbiUyRmxua2QucGhwJTNGY2FtcGFpZ24lM0ROalF4WW1OaU5HSm1ZVE01TkRWak9UUTBOekZqT1dFd09qWTBNV014WmpCaFptRXpPVFExWXprME5EY3hZemxpWWclM0QlM0QlMjUyMiUyQyUyNTIyUmVwb3J0ZXJDYXNlSUQlMjUyMiUzQSUyNTIyNDA1NTEzNTglMjUyMiUyQyUyNTIyU291cmNlSXAlMjUyMiUzQSUyNTIyMTA0LjI2LjExLjIzNCUyNTIyJTJDJTI1MjJEYXRlJTI1MjIlM0ElMjUyMjIwMjMtMDMtMjNUMDklM0E0NyUzQTI0WiUyNTIyJTJDJTI1MjJSZXBvcnRUeXBlJTI1MjIlM0ElMjUyMlBoaXNoaW5nJTI1MjIlMkMlMjUyMlJlcG9ydENsYXNzJTI1MjIlM0ElMjUyMkNvbnRlbnQlMjUyMiUyQyUyNTIyUmVwb3J0ZXJOb3RlcyUyNTIyJTNBJTI1MjJTZWUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE IP 104.26.10.234 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-29 20:59:30 Last Seen2023-03-29 20:59:30 Times Seen1 Hash 7615e90db2397b8dc4b923e18ddcd2c0 d7b407ea0ab38827e4827f6c2795fcadb7bc6745 083444a892eb54db8a3c4bd3d28a292643589778f2bf90ee65bf31b2d90c8316 Loading...

HTTP Transactions (28)

	URL	IP	Response	Size
	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash bea3185dd820a31c1981317f37c3456d 1a548a5d27270fc11df9011837a7149571cedd78 469b97bf9f57401b3c9571039483589f2815f4794212b75c7c85cfefe0ae71e9 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "469B97BF9F57401B3C9571039483589F2815F4794212B75C7C85CFEFE0AE71E9" Last-Modified: Wed, 22 Mar 2023 14:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2202 Expires: Thu, 23 Mar 2023 13:39:24 GMT Date: Thu, 23 Mar 2023 13:02:42 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 210a2a42cfc4f4aced144f5de9babcc6 ece6ecfb2db8d036c3bfc7f02f8ea387e3f965db 59553a312d3fb34f1f0aea469f7e7cc810ff9993481ddbd73ea5d461cf97ed51 HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "59553A312D3FB34F1F0AEA469F7E7CC810FF9993481DDBD73EA5D461CF97ED51" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2931 Expires: Thu, 23 Mar 2023 13:51:33 GMT Date: Thu, 23 Mar 2023 13:02:42 GMT Connection: keep-alive`

	firefox.settings.services.mozilla.com/v1/	35.241.9.150	200 OK	939 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/ IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size 939 B (939 bytes) Hash bc86ef2a0cee04915bc360f5821adc8f 3658f9028cce204d38f7f48fcfaa2a8e4f54383a aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454 HTTP Headers `GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Thu, 23 Mar 2023 12:27:32 GMT content-type: application/json age: 2110 cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 51a5d4696a6090c295850554508b51ce c44e143c2223546e64b19f543b8101aaf3b11e97 8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF" Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=14133 Expires: Thu, 23 Mar 2023 16:58:15 GMT Date: Thu, 23 Mar 2023 13:02:42 GMT Connection: keep-alive`

	content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain	34.160.144.191	200 OK	5.3 kB
URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain IP 34.160.144.191:0 ASN #15169 GOOGLE File type PEM certificate\012- , ASCII text Size 5.3 kB (5348 bytes) Hash e7bace7c1e04d44012e37ddffe36e5d5 3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2 6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2 HTTP Headers `GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK x-amz-id-2: Z8psencSTSzr+UgPddzt3X8eO8/QIR6U7pF3ZvQVNevsfr1gZLURUhmnMy5yVJ9vbreGOKIrAsY= x-amz-request-id: 1H7M8NF4MRTKPFAW x-amz-server-side-encryption: AES256 content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Thu, 23 Mar 2023 12:54:03 GMT age: 519 last-modified: Sat, 11 Mar 2023 16:53:15 GMT etag: "e7bace7c1e04d44012e37ddffe36e5d5" content-type: binary/octet-stream cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2

	contile.services.mozilla.com/v1/tiles	34.117.237.239	200 OK	12 B
URL HTTP/2 contile.services.mozilla.com/v1/tiles IP 34.117.237.239:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with no line terminators Size 12 B (12 bytes) Hash 23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 HTTP Headers `GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` `HTTP/2 200 OK server: nginx date: Thu, 23 Mar 2023 13:02:42 GMT content-type: application/json content-length: 12 access-control-allow-credentials: true vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers access-control-expose-headers: content-type strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2`

	firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US	35.241.9.150	200 OK	329 B
URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP 35.241.9.150:0 ASN #15169 GOOGLE File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size 329 B (329 bytes) Hash 0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 HTTP Headers `GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK access-control-allow-origin: * access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Thu, 23 Mar 2023 12:17:23 GMT age: 2720 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" content-type: application/json cache-control: max-age=3600,public alt-svc: clear X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/eifp0ukycgmm5y0uay3omxuap	23.36.76.121	200 OK	460 B
URL HTTP/2 static-exp1.licdn.com/sc/h/eifp0ukycgmm5y0uay3omxuap IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type ASCII text, with very long lines (1150), with no line terminators Size 460 B (460 bytes) Hash f52081b161cd013f1cd8ea4f6bcefda1 1fe096a68d7fd288d60b8903686ef1792521e0e8 9bcdd10d583b61967be42112ca83a3b7057a8da00c8d57b254ac85d365293c24 HTTP Headers `GET /sc/h/eifp0ukycgmm5y0uay3omxuap HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Play expires: Fri, 22 Mar 2024 13:02:43 GMT cache-control: max-age=31536000, immutable last-modified: Mon, 05 Nov 2012 04:00:51 GMT content-encoding: br x-li-static-content: 1 content-type: text/javascript x-fs-uuid: 0005f790e468e831b074abb16a72d732 x-li-fabric: prod-ltx1 x-content-type-options: nosniff x-li-pop: prod-ltx1-x x-li-proto: http/1.1 access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-uuid: AAX3kORo6DGwdKuxanLXMg== content-length: 460 x-edgeconnect-midmile-rtt: 16 x-edgeconnect-origin-mex-latency: 135 date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_MISS x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/by7tszj31b09w3igr1qvu94j3	23.36.76.121	200 OK	19 kB
URL HTTP/2 static-exp1.licdn.com/sc/h/by7tszj31b09w3igr1qvu94j3 IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type Unicode text, UTF-8 text, with very long lines (32015) Size 19 kB (18700 bytes) Hash c9dba881d36d8dfd3ed80e969f02192f 721a3c52f96f4bede13cf2dd7f7481353e6f1201 88b1b29d100b3f10288d13eab2f7d1c427f280c5c88f8bbb191e9dad7ce3b709 HTTP Headers `GET /sc/h/by7tszj31b09w3igr1qvu94j3 HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Play expires: Fri, 22 Mar 2024 13:02:42 GMT cache-control: max-age=31536000, immutable last-modified: Mon, 05 Nov 2012 04:00:51 GMT content-encoding: br x-li-static-content: 1 content-type: text/javascript x-fs-uuid: 0005f790e468aff1d4db33aa3848588b x-li-fabric: prod-lva1 x-content-type-options: nosniff report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop: prod-lva1-x x-li-proto: http/1.1 access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-uuid: AAX3kORor/HU2zOqOEhYiw== content-length: 18700 x-edgeconnect-midmile-rtt: 18 x-edgeconnect-origin-mex-latency: 110 date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_MISS x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See	104.26.10.234	200 OK	32 kB
URL HTTP/2 phishtest.xyz/human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See IP 104.26.10.234:0 ASN #13335 CLOUDFLARENET File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (29426), with CRLF line terminators Size 32 kB (31568 bytes) Hash 9d29da620e1120b8aa028c707ed8ac97 133458a566e80fe4d0d6245205c1b921aae14453 2bcd1487321a9fe43bd1693a2fd493aac09b5a723339e2318f88a1fa056e3c38 HTTP Headers GET /human/lnkd.php?campaign=NjQxYmNiNGJmYTM5NDVjOTQ0NzFjOWEwOjY0MWMxZjBhZmEzOTQ1Yzk0NDcxYzliYg==%22,%22ReporterCaseID%22:%2240551358%22,%22SourceIp%22:%22104.26.11.234%22,%22Date%22:%222023-03-23T09:47:24Z%22,%22ReportType%22:%22Phishing%22,%22ReportClass%22:%22Content%22,%22ReporterNotes%22:%22See HTTP/1.1 Host: phishtest.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: none Sec-Fetch-User: ?1 HTTP/2 200 OK date: Thu, 23 Mar 2023 13:02:42 GMT content-type: text/html; charset=UTF-8 cf-ray: 7ac6dec9ebbab50b-OSL cf-cache-status: DYNAMIC report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XKoItyHI8ZAutnyuk8AZUuUyHMlG0dv3sjDU33opiHBPAYqmlvPbPLHtefdmu6ZMso4OXnLzv3zAYVZ%2FW3NmQZahMNxZJJnBc1YlOtexZqAYHTFTGSrDkSC5EJZzSnY%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} vary: Accept-Encoding server: cloudflare content-encoding: br X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/6jblk5oqhlo45xbkmcr7s4zix	23.36.76.121	200 OK	14 kB
URL HTTP/2 static-exp1.licdn.com/sc/h/6jblk5oqhlo45xbkmcr7s4zix IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type C source, Unicode text, UTF-8 text, with very long lines (65072) Size 14 kB (13554 bytes) Hash 6e69c639ec0dd3d191d516b31af354d9 4bd7bd64d8ad858957ff2c9a4589aad037d92d03 6738cb86d559d2273c229de7e86c8de9f1fb60b10ba2f3be91e89f365a1323c3 HTTP Headers `GET /sc/h/6jblk5oqhlo45xbkmcr7s4zix HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Play expires: Fri, 22 Mar 2024 13:02:43 GMT cache-control: max-age=31536000, immutable last-modified: Mon, 05 Nov 2012 04:00:51 GMT content-encoding: br x-li-static-content: 1 content-type: text/javascript x-fs-uuid: 0005f790e469097f37ee6f39f79cefa2 x-li-fabric: prod-ltx1 x-content-type-options: nosniff report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop: prod-ltx1-x x-li-proto: http/1.1 access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-uuid: AAX3kORpCX837m8595zvog== content-length: 13554 x-edgeconnect-midmile-rtt: 17 x-edgeconnect-origin-mex-latency: 136 date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_MISS x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/6ayc84t9lzjjrm5wqbu8erie4	23.36.76.121	200 OK	18 kB
URL HTTP/2 static-exp1.licdn.com/sc/h/6ayc84t9lzjjrm5wqbu8erie4 IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type ASCII text, with very long lines (65536), with no line terminators Size 18 kB (18128 bytes) Hash 6a7c9cd48f4bd6aa4985a972852a23dc 543b4c0d340f29441350fdd1b90112044bbf8cf6 6d1998f461e2d7329a66d7a2cbc7e1e497d1f006b115f302c96243372b049245 HTTP Headers `GET /sc/h/6ayc84t9lzjjrm5wqbu8erie4 HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: style Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Play expires: Fri, 22 Mar 2024 13:02:43 GMT cache-control: max-age=31536000, immutable last-modified: Mon, 05 Nov 2012 04:00:51 GMT content-encoding: br x-li-static-content: 1 content-type: text/css x-fs-uuid: 0005f790e4695d1f1524d894c9499a63 x-li-fabric: prod-lva1 x-content-type-options: nosniff x-li-pop: prod-lva1-x x-li-proto: http/1.1 access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-uuid: AAX3kORpXR8VJNiUyUmaYw== content-length: 18128 x-edgeconnect-midmile-rtt: 18 x-edgeconnect-origin-mex-latency: 111 date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_MISS x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/1t2x1trk70w5eiw6yoj75607e	23.36.76.121	200 OK	32 kB
URL HTTP/2 static-exp1.licdn.com/sc/h/1t2x1trk70w5eiw6yoj75607e IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type Unicode text, UTF-8 text, with very long lines (32037) Size 32 kB (32144 bytes) Hash 1e893991bedbbfe400176788e9bd178a 1cdb45466677307647a63fcf0fda085915f6fa1c 5c8b297facb3887987b493b80f969be1981a390ac9843569ae8402cc4f2958a1 HTTP Headers `GET /sc/h/1t2x1trk70w5eiw6yoj75607e HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site` HTTP/2 200 OK server: Play expires: Fri, 22 Mar 2024 13:02:43 GMT cache-control: max-age=31536000, immutable last-modified: Mon, 05 Nov 2012 04:00:51 GMT content-encoding: br x-li-static-content: 1 content-type: text/javascript x-fs-uuid: 0005f790e468f1350d465876419e368b x-li-fabric: prod-ltx1 x-content-type-options: nosniff report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true} nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true} x-li-pop: prod-ltx1-x x-li-proto: http/1.1 access-control-expose-headers: X-CDN, X-CDN-Client-IP-Version, X-CDN-Proto, X-Cache, X-CDN-RCODE x-li-uuid: AAX3kORo8TUNRlh2QZ42iw== content-length: 32144 x-edgeconnect-midmile-rtt: 16 x-edgeconnect-origin-mex-latency: 149 date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_MISS x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash 050ca4dc2182e0a27573b0d9f32b7834 bec14dc5af0d0b32210470673511acd8db404308 b6129b9d1848f75265dca4446c5399927bdaf15c7b49c083765847b0fe276eaf HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "B6129B9D1848F75265DCA4446C5399927BDAF15C7B49C083765847B0FE276EAF" Last-Modified: Wed, 22 Mar 2023 06:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2176 Expires: Thu, 23 Mar 2023 13:38:59 GMT Date: Thu, 23 Mar 2023 13:02:43 GMT Connection: keep-alive`

	static-exp1.licdn.com/sc/h/55ggxxse8uyjdh2x78ht3j40q	23.36.76.121	200 OK	5.5 kB
URL HTTP/2 static-exp1.licdn.com/sc/h/55ggxxse8uyjdh2x78ht3j40q IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data Size 5.5 kB (5491 bytes) Hash 570444c1d08879f7fa18c069df4c221a feb1d03978df22f0981eab5bc769c90e7e781ff5 517d2aa829f04ab4d8bf778b71de5e7817a7705c24d3d8db4616002091392a6e HTTP Headers `GET /sc/h/55ggxxse8uyjdh2x78ht3j40q HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK expires: Mon, 13 Nov 2023 10:13:14 GMT last-modified: Mon, 05 Nov 2012 04:00:51 GMT cache-control: max-age=31536000, immutable unused62: 8096267 server: Play content-encoding: br x-li-static-content: 1 content-type: image/png x-fs-uuid: 04c00bc5fda47716f0f06b3bc32a0000 x-li-fabric: prod-ltx1 x-li-pop: prod-eda6 x-li-proto: http/1.1 x-li-uuid: BMALxf2kdxbw8Gs7wyoAAA== content-length: 5491 remote-cache-status: TCP_HIT date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_HIT x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	static-exp1.licdn.com/sc/h/9lb1g1kp916tat669q9r5g2kz	23.36.76.121	200 OK	799 B
URL HTTP/2 static-exp1.licdn.com/sc/h/9lb1g1kp916tat669q9r5g2kz IP 23.36.76.121:0 ASN #20940 Akamai International B.V. File type MS Windows icon resource - 4 icons, 64x64, 32 bits/pixel, 32x32, 32 bits/pixel\012- data Size 799 B (799 bytes) Hash a2049549507b80977c2ac1598de5f213 aed7836a4e77428e1ec69b63a4515488e58d79fe e0504e067c92c5439a98951c7ad9319fe3da9106afc0dec4ebfa6a5788bf0a7a HTTP Headers `GET /sc/h/9lb1g1kp916tat669q9r5g2kz HTTP/1.1 Host: static-exp1.licdn.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: https://phishtest.xyz/ Sec-Fetch-Dest: image Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site TE: trailers` HTTP/2 200 OK expires: Sat, 28 Oct 2023 23:04:06 GMT last-modified: Mon, 05 Nov 2012 04:00:51 GMT cache-control: max-age=31536000, immutable unused62: 8096267 server: Play content-encoding: br x-li-static-content: 1 content-type: image/x-icon x-fs-uuid: a74a955909787716b02ac8cbcd2a0000 x-li-fabric: prod-ltx1 x-li-pop: prod-eda6 x-li-proto: http/1.1 x-li-uuid: p0qVWQl4dxawKsjLzSoAAA== content-length: 799 remote-cache-status: TCP_HIT date: Thu, 23 Mar 2023 13:02:43 GMT x-cache: TCP_HIT x-cdn-proto: HTTP2 x-cdn-client-ip-version: IPV4 timing-allow-origin: * access-control-allow-origin: * x-cdn: AKAM X-Firefox-Spdy: h2

	push.services.mozilla.com/	52.26.112.186	101 Switching Protocols	0 B
URL HTTP/1.1 push.services.mozilla.com/ IP 52.26.112.186:0 ASN #16509 AMAZON-02 File type Size 0 B (0 bytes) Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP Headers GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: cO3s881H9WG/C4gd4UqPQA== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket `HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: Bd7na1+rya6VU4p2Wtr+RxgLHD0=`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3435 Expires: Thu, 23 Mar 2023 13:59:59 GMT Date: Thu, 23 Mar 2023 13:02:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3435 Expires: Thu, 23 Mar 2023 13:59:59 GMT Date: Thu, 23 Mar 2023 13:02:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3435 Expires: Thu, 23 Mar 2023 13:59:59 GMT Date: Thu, 23 Mar 2023 13:02:44 GMT Connection: keep-alive`

	r3.o.lencr.org/	23.36.76.226	200 OK	503 B
URL HTTP/1.1 r3.o.lencr.org/ IP 23.36.76.226:0 ASN #20940 Akamai International B.V. File type data Size 503 B (503 bytes) Hash a0d3d7099bbc5fed74a6e78e1a3096bf 96afaf8b3ac053577c56aca5f4a20d8655ecb771 c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba HTTP Headers `POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache` `HTTP/1.1 200 OK Server: nginx Content-Type: application/ocsp-response Content-Length: 503 ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA" Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=3435 Expires: Thu, 23 Mar 2023 13:59:59 GMT Date: Thu, 23 Mar 2023 13:02:44 GMT Connection: keep-alive`

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg	34.120.237.76	200 OK	4.9 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 4.9 kB (4912 bytes) Hash f4a771935927950222124e14b56046df d07fe53e4ac41048497b2732c017f6666c3eda9e 4e8388626074646c2336711be0a170ceab367c343648a32d2389dd87640251d0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a816157-9568-4e7f-a034-14b2f1982949.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 4912 x-amzn-requestid: d8fcf495-12af-42ae-ad69-0ea07b1a8669 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM8H3Fl1IAMFYgA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b73cb-01cbd1981a57e53b3d3cde93;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:31:55 GMT x-amz-cf-pop: HIO50-C1, SEA19-C1 x-cache: Miss from cloudfront x-amz-cf-id: 4xGMCVWy2EXLLN8keteGLQvQjOp6KH97rkn_FK10eyng0-5EudcOig== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 174acb08636ac7d9e9a778bbf1bcbc52.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:33 GMT etag: "d07fe53e4ac41048497b2732c017f6666c3eda9e" content-type: image/jpeg age: 55151 cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg	34.120.237.76	200 OK	6.7 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 6.7 kB (6692 bytes) Hash c05bfdf1411a931d8ea9adc64b07bc74 156ef59e53564a4f2b27002b2695fafecd578d82 15d17c0df2d2b0625ecf5f576a7ff630ae8b923b28be354ad23aec6a284a801a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5be1b286-007a-44a5-a6fd-872190ecfa0b.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 6692 x-amzn-requestid: 3a0f6a8d-89b1-43f4-8a15-8749bdbc047b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM9d9FcOoAMFaFQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b75f2-3540256d6be3d4f85bba65ea;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:41:06 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: PNAVsyfdAHjn5F6Rt1uz1U46QCIGvTCqZatbAurr6Ilu0quHWExuSw== via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 aabd01c4a20dae837d162bd972422efc.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:34 GMT age: 55150 etag: "156ef59e53564a4f2b27002b2695fafecd578d82" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg	34.120.237.76	200 OK	5.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 5.6 kB (5556 bytes) Hash c831201ad81f55c63c1b101ce854a810 0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5 c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 5556 x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM69eHE3IAMF0Yw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw== via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 06:24:31 GMT age: 23893 etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg	34.120.237.76	200 OK	8.6 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 8.6 kB (8627 bytes) Hash 7698afd0a4ca88c4243fc3aa2dd9a73d 53196f685136a144065ec98e3e14d0a7f43ceb8f 5afee347cacdbf5eedee36e2724daa66593d683cd8fb229e1f0630bbe69654ed HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc53a798-a34a-42ab-8422-1c44bdb2eb10.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 8627 x-amzn-requestid: 80010893-2a19-4aba-840e-1f0ddf1a7ab7 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: B9xYBHN7oAMFltQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-64156299-627689412a2fd5ee55261a59;Sampled=0 x-amzn-remapped-date: Sat, 18 Mar 2023 07:04:57 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: c5OCkDugFqDzfYgE3qzFFPCpU0WqAvTEhM1CnDv6rGwrxc1I5qVsgQ== via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 00:14:16 GMT age: 46108 etag: "53196f685136a144065ec98e3e14d0a7f43ceb8f" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg	34.120.237.76	200 OK	10 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 10 kB (10284 bytes) Hash 4e89d0b1281259e7399294fb5fa19d2b 5035ed41f497c97faefae9cdaf42dc07ab468557 f404d286deab5b4759be6e554e6488faab3b4f7988a86eb57520dac4e0d6a192 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F261caab9-983c-4eb1-9fca-fd73dc738e9e.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 10284 x-amzn-requestid: e4d2c324-d0b0-436d-9739-29269e62aed0 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CM6hjEqtIAMFvXA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-641b713c-5a5bd6b60c1f52ab580f1757;Sampled=0 x-amzn-remapped-date: Wed, 22 Mar 2023 21:21:00 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: g53sZY66fiEL8H79MzI7c7rqI-c-XxMvgB3myz79aw_lE9Aqgc66LQ== via: 1.1 ffc1e24c06bfbb135c0a4d240b382048.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google date: Thu, 23 Mar 2023 07:32:23 GMT age: 19821 etag: "5035ed41f497c97faefae9cdaf42dc07ab468557" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg	34.120.237.76	200 OK	7.4 kB
URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg IP 34.120.237.76:0 ASN #15169 GOOGLE File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size 7.4 kB (7424 bytes) Hash 05c7970e81559904d05b6e8cf693f085 709b01a360624eceafb1876f56378824aa4936b3 a4fd80c9bdce27961560d7c31e216706e9e32d42d1edd883e283c149505b3db0 HTTP Headers GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6cff797b-5560-422b-9907-7a2fbe8dd123.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site HTTP/2 200 OK server: nginx content-length: 7424 x-amzn-requestid: 4d4097db-ae95-4a34-8f92-a56c29e836e2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: CENb6FKDoAMF_cg= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6417f5e5-772b562b3176f7ca0740db72;Sampled=0 x-amzn-remapped-date: Mon, 20 Mar 2023 05:57:57 GMT x-amz-cf-pop: SEA19-C1 x-cache: Hit from cloudfront x-amz-cf-id: d_lhTrmtXesTfnCpReJoiiv68EudX-RCSzr3fwqOe3ouJv-M0IOLtw== via: 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 efcf7b9d0f917f9ebf314db03e52d9b6.cloudfront.net (CloudFront), 1.1 google date: Wed, 22 Mar 2023 21:43:22 GMT age: 55162 etag: "709b01a360624eceafb1876f56378824aa4936b3" content-type: image/jpeg cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2

	phishtest.xyz/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGlua2VkSW4lMjBMb2dpbiUyQyUyMFNpZ24lMjBpbiUyMCU3QyUyMExpbmtlZEluJTIyJTJDJTIyeCUyMiUzQTAuNjQwNTQ0NDA5ODg2MTE5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MzklMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBoaXNodGVzdC54eXolMkZodW1hbiUyRmxua2QucGhwJTNGY2FtcGFpZ24lM0ROalF4WW1OaU5HSm1ZVE01TkRWak9UUTBOekZqT1dFd09qWTBNV014WmpCaFptRXpPVFExWXprME5EY3hZemxpWWclM0QlM0QlMjUyMiUyQyUyNTIyUmVwb3J0ZXJDYXNlSUQlMjUyMiUzQSUyNTIyNDA1NTEzNTglMjUyMiUyQyUyNTIyU291cmNlSXAlMjUyMiUzQSUyNTIyMTA0LjI2LjExLjIzNCUyNTIyJTJDJTI1MjJEYXRlJTI1MjIlM0ElMjUyMjIwMjMtMDMtMjNUMDklM0E0NyUzQTI0WiUyNTIyJTJDJTI1MjJSZXBvcnRUeXBlJTI1MjIlM0ElMjUyMlBoaXNoaW5nJTI1MjIlMkMlMjUyMlJlcG9ydENsYXNzJTI1MjIlM0ElMjUyMkNvbnRlbnQlMjUyMiUyQyUyNTIyUmVwb3J0ZXJOb3RlcyUyNTIyJTNBJTI1MjJTZWUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE	104.26.10.234	200 OK	0 B
URL HTTP/2 phishtest.xyz/cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGlua2VkSW4lMjBMb2dpbiUyQyUyMFNpZ24lMjBpbiUyMCU3QyUyMExpbmtlZEluJTIyJTJDJTIyeCUyMiUzQTAuNjQwNTQ0NDA5ODg2MTE5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MzklMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBoaXNodGVzdC54eXolMkZodW1hbiUyRmxua2QucGhwJTNGY2FtcGFpZ24lM0ROalF4WW1OaU5HSm1ZVE01TkRWak9UUTBOekZqT1dFd09qWTBNV014WmpCaFptRXpPVFExWXprME5EY3hZemxpWWclM0QlM0QlMjUyMiUyQyUyNTIyUmVwb3J0ZXJDYXNlSUQlMjUyMiUzQSUyNTIyNDA1NTEzNTglMjUyMiUyQyUyNTIyU291cmNlSXAlMjUyMiUzQSUyNTIyMTA0LjI2LjExLjIzNCUyNTIyJTJDJTI1MjJEYXRlJTI1MjIlM0ElMjUyMjIwMjMtMDMtMjNUMDklM0E0NyUzQTI0WiUyNTIyJTJDJTI1MjJSZXBvcnRUeXBlJTI1MjIlM0ElMjUyMlBoaXNoaW5nJTI1MjIlMkMlMjUyMlJlcG9ydENsYXNzJTI1MjIlM0ElMjUyMkNvbnRlbnQlMjUyMiUyQyUyNTIyUmVwb3J0ZXJOb3RlcyUyNTIyJTNBJTI1MjJTZWUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE IP 104.26.10.234:0 ASN #13335 CLOUDFLARENET File type Size 0 B (0 bytes) Hash HTTP Headers GET /cdn-cgi/zaraz/s.js?z=JTdCJTIyZXhlY3V0ZWQlMjIlM0ElNUIlNUQlMkMlMjJ0JTIyJTNBJTIyTGlua2VkSW4lMjBMb2dpbiUyQyUyMFNpZ24lMjBpbiUyMCU3QyUyMExpbmtlZEluJTIyJTJDJTIyeCUyMiUzQTAuNjQwNTQ0NDA5ODg2MTE5JTJDJTIydyUyMiUzQTEyODAlMkMlMjJoJTIyJTNBMTAyNCUyQyUyMmolMjIlM0E5MzklMkMlMjJlJTIyJTNBMTI4MCUyQyUyMmwlMjIlM0ElMjJodHRwcyUzQSUyRiUyRnBoaXNodGVzdC54eXolMkZodW1hbiUyRmxua2QucGhwJTNGY2FtcGFpZ24lM0ROalF4WW1OaU5HSm1ZVE01TkRWak9UUTBOekZqT1dFd09qWTBNV014WmpCaFptRXpPVFExWXprME5EY3hZemxpWWclM0QlM0QlMjUyMiUyQyUyNTIyUmVwb3J0ZXJDYXNlSUQlMjUyMiUzQSUyNTIyNDA1NTEzNTglMjUyMiUyQyUyNTIyU291cmNlSXAlMjUyMiUzQSUyNTIyMTA0LjI2LjExLjIzNCUyNTIyJTJDJTI1MjJEYXRlJTI1MjIlM0ElMjUyMjIwMjMtMDMtMjNUMDklM0E0NyUzQTI0WiUyNTIyJTJDJTI1MjJSZXBvcnRUeXBlJTI1MjIlM0ElMjUyMlBoaXNoaW5nJTI1MjIlMkMlMjUyMlJlcG9ydENsYXNzJTI1MjIlM0ElMjUyMkNvbnRlbnQlMjUyMiUyQyUyNTIyUmVwb3J0ZXJOb3RlcyUyNTIyJTNBJTI1MjJTZWUlMjIlMkMlMjJyJTIyJTNBJTIyJTIyJTJDJTIyayUyMiUzQTI0JTJDJTIybiUyMiUzQSUyMlVURi04JTIyJTJDJTIybyUyMiUzQTAlMkMlMjJxJTIyJTNBJTVCJTVEJTdE HTTP/1.1 Host: phishtest.xyz User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Referer: https://phishtest.xyz/ Connection: keep-alive Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: same-origin TE: trailers HTTP/2 200 OK date: Thu, 23 Mar 2023 13:02:43 GMT content-type: text/javascript access-control-allow-origin: https://phishtest.xyz vary: Origin, Accept-Encoding access-control-allow-credentials: true access-control-allow-headers: Content-Type, Set-Cookie, Cache-Control access-control-allow-methods: GET, HEAD, POST, OPTIONS access-control-max-age: 600 report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uvN%2Fhk3V7e51pg5hgBc0rpTpooVvTjM514NuJjfCbgSYbEhgiX64iNWwB3GY7jE3EQv1CJ8jZD88Nxu5qVJTuXxeBlWTuQ9zb4rLkZTe7WUckF55GYVtr9QqxWpJszA%3D"}],"group":"cf-nel","max_age":604800} nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800} server: cloudflare cf-ray: 7ac6ded0be7ab50b-OSL content-encoding: br X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (3)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

HTTP Transactions (28)

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

File type

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

File type