urlquery - report: i.dkundservice-postnord.hardcars.ro/public/IJOsc4pyNVf2k7wbYidsjDzif4C0DtgE

Fully Qualifying Domain Name	Rank	First Seen	Last Seen	IP	Comment
r3.o.lencr.org (7)	344	No data	No data	23.36.76.226
ocsp.digicert.com (5)	86	No data	No data	93.184.220.29
firefox.settings.services.mozilla.com (2)	867	No data	No data	34.102.187.140
ocsp.globalsign.com (1)	2075	No data	No data	104.18.20.226
push.services.mozilla.com (1)	2140	No data	No data	34.223.160.237
kit.fontawesome.com (1)	1868	No data	No data	104.18.22.52
img-getpocket.cdn.mozilla.net (6)	1631	No data	No data	34.120.237.76
static.hotjar.com (1)	641	No data	No data	143.204.55.84
i.dkundservice-postnord.hardcars.ro (18)	0	No data	No data	89.35.173.163	Unknown ranking
content-signature-2.cdn.mozilla.net (1)	1152	No data	No data	34.160.144.191
contile.services.mozilla.com (1)	1114	No data	No data	34.117.237.239
ws-mt1.pusher.com (1)	8253	No data	No data	54.236.96.55
r.lr-in.com (1)	16828	No data	No data	104.198.23.205

Scan Date	Severity	Indicator	Comment
2022-11-13	2	i.dkundservice-postnord.hardcars.ro/public	DHL Airways, Inc.

Scan Date	Severity	Indicator	Comment
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public/IJOsc4pyNVf2k7wbYidsjDzif4C0DtgE	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public/	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL/	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fontsource/roboto/files/r (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public/css/fonts/webfa-brands-400.woff2 (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fortawesome/fontawesome-f (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fontsource/roboto/files/r (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fortawesome/fontawesome-f (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fortawesome/fontawesome-f (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fortawesome/fontawesome-f (...)	Phishing
2022-11-26	2	i.dkundservice-postnord.hardcars.ro/public/js/app.js	Phishing

Date	UQ / IDS / BL	URL	IP
2022-12-29 03:26:09 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/ae (...)	89.35.173.163
2022-12-28 01:46:20 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/nL (...)	89.35.173.163
2022-12-28 01:44:10 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/X2 (...)	89.35.173.163
2022-12-28 01:44:05 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/Lx (...)	89.35.173.163
2022-12-28 01:43:59 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/NI (...)	89.35.173.163

Date	UQ / IDS / BL	URL	IP
2023-03-23 17:55:56 +0000	0 - 2 - 0	evogroup.ro/	89.35.173.28
2023-03-17 12:54:10 +0000	0 - 0 - 2	doitmagic.com/meines/ns/app/login.php	128.0.47.36
2023-03-02 00:48:05 +0000	0 - 0 - 3	185.171.184.224/wp-includes/Zoosk/index.php	185.171.184.224
2023-02-27 08:01:37 +0000	0 - 2 - 0	solardepo.ro/z/new.exe	185.171.185.95
2023-02-12 05:05:20 +0000	0 - 0 - 30	ruvix.ro	188.214.142.67

Date	UQ / IDS / BL	URL	IP
2022-12-29 03:26:09 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/ae (...)	89.35.173.163
2022-12-28 01:46:20 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/nL (...)	89.35.173.163
2022-12-28 01:44:10 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/X2 (...)	89.35.173.163
2022-12-28 01:44:05 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/Lx (...)	89.35.173.163
2022-12-28 01:43:59 +0000	0 - 0 - 9	i.dkundservice-postnord.hardcars.ro/public/NI (...)	89.35.173.163

Date	UQ / IDS / BL	URL	IP
2023-03-25 13:39:22 +0000	25 - 0 - 11	organisasi.bulungan.go.id/public/Wm8ak06d78lw (...)	103.131.61.194
2023-03-25 13:38:44 +0000	25 - 0 - 12	organisasi.bulungan.go.id/public/eYjJHspfcIgP (...)	103.131.61.194
2023-03-25 02:10:42 +0000	23 - 0 - 3	organisasi.bulungan.go.id/public/I0BW7I1qe5dV (...)	103.131.61.194
2023-03-25 02:02:17 +0000	25 - 0 - 3	organisasi.bulungan.go.id/public/vwpJH1AKxd0n (...)	103.131.61.194
2023-03-24 13:40:05 +0000	25 - 0 - 1	organisasi.bulungan.go.id/public/t9AN31BpS77a (...)	103.131.61.194

HTTP Transactions (46)

Request	Response
GET /public/IJOsc4pyNVf2k7wbYidsjDzif4C0DtgE HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ik9CRjdqM2lQejNGSjRJQU1pTGtlRkE9PSIsInZhbHVlIjoiTEVRNUpZeXNKdE9GbU4zNnYyTG5xTkh1SmpvV3YwTWhMVEtZdStjSUVJbGhXS0FTYWJJUTdQOTZ6c1lWZE5NNUUwMW1xdXhJb0lrNkxuZnI4UE44VlFIM2pic2Z5L1BwbnN4YUF4S3hsU1YyZFdtWHNVNFpid05pOVJwV2dOYnQiLCJtYWMiOiI4ZDc5Y2E4M2IxMWExNTcxZWJiMTcyOGZhM2IyNTE5Yzg0ZjI1NGY2OTgzNTE0NDQzODg1N2Q4YmVmYjg5MDliIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ilc4QnlrZlBjcDBJMkpPamFzTHZIdUE9PSIsInZhbHVlIjoiVU80UCs2ejVYM2IyNGgvQlpmTjJJbW5wTlpKOGFRdjFjVEdKbmtkUTFpbXdkVEdZalM3ZEZpMTZuTFJqZFZVUTBrcHZ6M0JVejJqejM2Q1hlQXd2KzdXK1ZoUUl6R2RUWTEzQS9jclNNOVpYWm1hZm95WkdjbmVMK05OS1gzbzciLCJtYWMiOiJjYzM0MjZiZThkZmFlYjVjNzA4OGI4ZDk5OWI3NWZjYWI3YjVhMjM2NTM3MzBjOWUzOTg0MWFmZDNlZjkwZGY4IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723} Upgrade-Insecure-Requests: 1	URL: i.dkundservice-postnord.hardcars.ro/public/IJOsc4pyNVf2 (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 6bc6367a1d22941aa5da27932a05414c413a1d4670a65673aa096dff3cfea769 89.35.173.163 HTTP/1.1 302 Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:31 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6Ing0aU9QZ2kwUzRlL3V5MVZGZHVyWUE9PSIsInZhbHVlIjoiUEp4K21lc3FOOTdSQjhKK0h3SzhaZlQ5NkZvNE0xR0dldzgyeThnQ25EVXFEVzN4L1pMeXIxUDFtaUFNYzBaOUNtU0d4ci9zMXZ4SldVNVZtUVVCaTZvdDhPc0VJV3BCaVQ3eFo2OVZoVjZYc0d0MzdqY0tCVG1adFRsV1VDclciLCJtYWMiOiI2YTk4ZmU0ZTlkZGU2NTQwNjMwZmU4MjZmYzhmZjA1YWIxZjBlNzI5M2M1MDRhZjU2MmFjNTk4NTVhMmRlNjE0IiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:31 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IjRWdmgxK3c4MFVvUGplSUlOVFkvdUE9PSIsInZhbHVlIjoiR1FmVjRDck94eStFaCtZUkNkMEJVYnhVeDJrTjBxWkh2MXBCMFlNUm1qMHR2YTNkTGdzZ3dxdEVPeWVkeER2ZTRrcHZ6T2l6WEdFaUlIMDJBa0h0STJIS1JiTzZ2NGdINllXV1d2ZnUya3oyazk4NkJzdjlrbit6NzMxbGk5ZnciLCJtYWMiOiI0ZWVlN2M5ZWE5MGY2NjEyMTIxMGI5NmY0MGQxZTdjMjYyMjY5ZDY2MmY0MTgwMjliYzQ1ODg2M2YyMGZiM2IwIiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Location: http://i.dkundservice-postnord.hardcars.ro/public Keep-Alive: timeout=2, max=150 Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 442 Md5: e981a8809a99f54f67d6abec26aadeae Sha1: a3020ac6308144727a49ca0e7a36ed7107e919b5 Sha256: 6bc6367a1d22941aa5da27932a05414c413a1d4670a65673aa096dff3cfea769 Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=10894 Expires: Sat, 26 Nov 2022 12:31:04 GMT Date: Sat, 26 Nov 2022 09:29:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: a9f1d4d98705c281fed3b60343463200 Sha1: db6f8aa98d2eda4e5473b116a222c3055568bb78 Sha256: 164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 2903 Cache-Control: max-age=93007 Date: Sat, 26 Nov 2022 09:29:30 GMT Etag: "63809972-1d7" Expires: Sun, 27 Nov 2022 11:19:37 GMT Last-Modified: Fri, 25 Nov 2022 10:31:14 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 10730f388c028d64e19b8a48d414768f Sha1: e43b104e57e5ea7ff8568835776858cf2ede6f00 Sha256: f3c30c6d139288f1bfe13fce85c6ddc1514e1639fcf4d31a6012a3309ed1d50d
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "141AC47ACC3800E5D35A82012FA4B044277ABAD3A95DC24415F66FB72C972AE6" Last-Modified: Wed, 23 Nov 2022 21:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=2173 Expires: Sat, 26 Nov 2022 10:05:43 GMT Date: Sat, 26 Nov 2022 09:29:30 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8c63b226725ca6e92e3ef586ac19e603 Sha1: d21ae42a1927501e5293ff3564f52b49f6b0decc Sha256: 141ac47acc3800e5d35a82012fa4b044277abad3a95dc24415f66fb72c972ae6
GET /v1/ HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/ FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 939 via: 1.1 google date: Sat, 26 Nov 2022 09:19:13 GMT cache-control: public,max-age=3600 age: 617 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (939), with no line terminators Size: 939 Md5: 4d7e4eed097b9c4e5d509419f1cfc85a Sha1: 290bb3d428a7c6330e2e3d73a952b16f820896c8 Sha256: 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 Host: content-signature-2.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: content-signature-2.cdn.mozilla.net/chains/remote-setti (...) FQDN: content-signature-2.cdn.mozilla.net IP: 34.160.144.191 HASH: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5 34.160.144.191 HTTP/2 200 OK content-type: binary/octet-stream x-amz-id-2: V5nLfSw+EwtZhKDi1Agjqj1OdoEU1VZ0JOg13i54PBQPvwADH7WKDEkhbj+fBtelO0/kavVVIys= x-amz-request-id: P9ZCWE718JT740TT content-disposition: attachment accept-ranges: bytes server: AmazonS3 content-length: 5348 via: 1.1 google date: Sat, 26 Nov 2022 08:44:10 GMT age: 2720 last-modified: Thu, 10 Nov 2022 09:21:27 GMT etag: "9ebddc2b260d081ebbefee47c037cb28" cache-control: public,max-age=3600 alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: PEM certificate\012- , ASCII text Size: 5348 Md5: 9ebddc2b260d081ebbefee47c037cb28 Sha1: 492bad62a7ca6a74738921ef5ae6f0be5edebf39 Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /public HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ing0aU9QZ2kwUzRlL3V5MVZGZHVyWUE9PSIsInZhbHVlIjoiUEp4K21lc3FOOTdSQjhKK0h3SzhaZlQ5NkZvNE0xR0dldzgyeThnQ25EVXFEVzN4L1pMeXIxUDFtaUFNYzBaOUNtU0d4ci9zMXZ4SldVNVZtUVVCaTZvdDhPc0VJV3BCaVQ3eFo2OVZoVjZYc0d0MzdqY0tCVG1adFRsV1VDclciLCJtYWMiOiI2YTk4ZmU0ZTlkZGU2NTQwNjMwZmU4MjZmYzhmZjA1YWIxZjBlNzI5M2M1MDRhZjU2MmFjNTk4NTVhMmRlNjE0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRWdmgxK3c4MFVvUGplSUlOVFkvdUE9PSIsInZhbHVlIjoiR1FmVjRDck94eStFaCtZUkNkMEJVYnhVeDJrTjBxWkh2MXBCMFlNUm1qMHR2YTNkTGdzZ3dxdEVPeWVkeER2ZTRrcHZ6T2l6WEdFaUlIMDJBa0h0STJIS1JiTzZ2NGdINllXV1d2ZnUya3oyazk4NkJzdjlrbit6NzMxbGk5ZnciLCJtYWMiOiI0ZWVlN2M5ZWE5MGY2NjEyMTIxMGI5NmY0MGQxZTdjMjYyMjY5ZDY2MmY0MTgwMjliYzQ1ODg2M2YyMGZiM2IwIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723} Upgrade-Insecure-Requests: 1	URL: i.dkundservice-postnord.hardcars.ro/public FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 4a42a51b0e1d439859bc7b800f0308264731291f3a9ca4ded63885ef706bb35d 89.35.173.163 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sat, 26 Nov 2022 09:29:31 GMT Server: Apache Location: http://i.dkundservice-postnord.hardcars.ro/public/ Content-Length: 258 Keep-Alive: timeout=2, max=149 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 258 Md5: 35d3bb45e7876e5b0f9a7a092651ca2f Sha1: 4d3241e56b48696bdaabfaa4b7daf7c12c10a404 Sha256: 4a42a51b0e1d439859bc7b800f0308264731291f3a9ca4ded63885ef706bb35d Alerts: urlquery: - Phishing - DHL Blocklists: - openphish: DHL Airways, Inc. - fortinet: Phishing
GET /v1/tiles HTTP/1.1 Host: contile.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: contile.services.mozilla.com/v1/tiles FQDN: contile.services.mozilla.com IP: 34.117.237.239 HASH: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3 34.117.237.239 HTTP/2 200 OK content-type: application/json server: nginx date: Sat, 26 Nov 2022 09:29:30 GMT content-length: 12 strict-transport-security: max-age=31536000 via: 1.1 google alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with no line terminators Size: 12 Md5: 23e88fb7b99543fb33315b29b1fad9d6 Sha1: a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 Host: firefox.settings.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/json Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Type: application/json Connection: keep-alive Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: firefox.settings.services.mozilla.com/v1/buckets/main/c (...) FQDN: firefox.settings.services.mozilla.com IP: 34.102.187.140 HASH: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300 34.102.187.140 HTTP/2 200 OK content-type: application/json access-control-allow-origin: * access-control-expose-headers: Backoff, Pragma, Alert, Content-Type, ETag, Retry-After, Last-Modified, Content-Length, Cache-Control, Expires content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none'; strict-transport-security: max-age=31536000 x-content-type-options: nosniff content-length: 329 via: 1.1 google date: Sat, 26 Nov 2022 09:11:12 GMT cache-control: public,max-age=3600 age: 1098 last-modified: Fri, 25 Mar 2022 17:45:46 GMT etag: "1648230346554" alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JSON data\012- , ASCII text, with very long lines (329), with no line terminators Size: 329 Md5: 0333b0655111aa68de771adfcc4db243 Sha1: 63f295a144ac87a7c8e23417626724eeca68a7eb Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /public/ HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6Ing0aU9QZ2kwUzRlL3V5MVZGZHVyWUE9PSIsInZhbHVlIjoiUEp4K21lc3FOOTdSQjhKK0h3SzhaZlQ5NkZvNE0xR0dldzgyeThnQ25EVXFEVzN4L1pMeXIxUDFtaUFNYzBaOUNtU0d4ci9zMXZ4SldVNVZtUVVCaTZvdDhPc0VJV3BCaVQ3eFo2OVZoVjZYc0d0MzdqY0tCVG1adFRsV1VDclciLCJtYWMiOiI2YTk4ZmU0ZTlkZGU2NTQwNjMwZmU4MjZmYzhmZjA1YWIxZjBlNzI5M2M1MDRhZjU2MmFjNTk4NTVhMmRlNjE0IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjRWdmgxK3c4MFVvUGplSUlOVFkvdUE9PSIsInZhbHVlIjoiR1FmVjRDck94eStFaCtZUkNkMEJVYnhVeDJrTjBxWkh2MXBCMFlNUm1qMHR2YTNkTGdzZ3dxdEVPeWVkeER2ZTRrcHZ6T2l6WEdFaUlIMDJBa0h0STJIS1JiTzZ2NGdINllXV1d2ZnUya3oyazk4NkJzdjlrbit6NzMxbGk5ZnciLCJtYWMiOiI0ZWVlN2M5ZWE5MGY2NjEyMTIxMGI5NmY0MGQxZTdjMjYyMjY5ZDY2MmY0MTgwMjliYzQ1ODg2M2YyMGZiM2IwIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723} Upgrade-Insecure-Requests: 1	URL: i.dkundservice-postnord.hardcars.ro/public/ FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 02af0df1729080f21ff89665b5735f03c44f3aa38c40a64712aa0659bd86559f 89.35.173.163 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:31 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6InJ3UElXMzkySm05M0Q1aHNuS2tKekE9PSIsInZhbHVlIjoiVzRwNnRKOUluQWxJTi9mMjlmbzJUNVJOeVRteitmbzUwTWZGWGtpN3praTRLc3NRdUhXejFPRXVjYU9CQ09FVEIzMzNMWVNzb0dpeExCTWlPNGQ2WldrbkMvdS9NMHNaN0llWGtFTVNNWDg1WW9RTVFkdzVZOFd1Z3FtMnNyVmsiLCJtYWMiOiI1YWJjZDc0YzNmNWIwOGMwYmNjN2ZkNDUwNTU5ZGI3OWZmZjNkNTA2MzkyNzRjYzIwYTAzZGIzZTg0OTA2YWM5IiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:31 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IjJpYlJGU1lxdjhZVWhhUE5KVFQxZlE9PSIsInZhbHVlIjoid1hyTG51ckRpa2hDSUdaSmtwcVRzTXRsRkpHWW1wMEE0MXNwWFJFaTh1WXQyeEJ2MjBublkwK05ScHJEMEQyRkZIQkZEWG9YU1lqd0tDWEVsSm82b1Z2cjhCYkh2NDExQWQvOHo3SDFnV3dEYm50Mk1ZSERKbEc0QWtiQ0crenAiLCJtYWMiOiJiY2EyMjk1NzQ0ZjVhMzI5MmFmMjViYjJlM2UyNWVkNDgwZTkxMTk3Y2FlZTZjZGJkNGRmMWI1MzdhNDQ0ZDA3IiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:31 GMT; Max-Age=7200; path=/; httponly; samesite=lax Keep-Alive: timeout=2, max=148 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document, ASCII text Size: 558 Md5: 50d2c19d94aae4a1abcb488401282dd4 Sha1: f945b579f4ce2b57c7c3e402fb657584c7c3ca7d Sha256: 02af0df1729080f21ff89665b5735f03c44f3aa38c40a64712aa0659bd86559f Alerts: Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4260 Cache-Control: max-age=89300 Date: Sat, 26 Nov 2022 09:29:31 GMT Etag: "638085ab-1d7" Expires: Sun, 27 Nov 2022 10:17:51 GMT Last-Modified: Fri, 25 Nov 2022 09:06:51 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: df06e70fc8a35facf1d8db463d18e231 Sha1: fa8a2975566cc792898f870e48ae7518d3657326 Sha256: 4cef7e704f4d575ce6733f6f2d803d241b597be51ff3fb03f72e5c33a893b504
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 Host: ocsp.globalsign.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1 FQDN: ocsp.globalsign.com IP: 104.18.20.226 HASH: 0035dd77abe4fab821cf0868586f22f43d4ce6a6f9bdbd4d0e97249c56b26e6c 104.18.20.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Date: Sat, 26 Nov 2022 09:29:31 GMT Transfer-Encoding: chunked Connection: keep-alive Etag: "7935D970C0B3DB9863C550BAAE3D27EB866EB507" Expires: Sat, 26 Nov 2022 20:00:00 GMT Last-Modified: Sat, 26 Nov 2022 08:00:00 UTC Cache-Control: s-maxage=3600, public, no-transform, must-revalidate CF-Cache-Status: HIT Age: 1552 Vary: Accept-Encoding Server: cloudflare CF-RAY: 770199a1ffe80b06-OSL --- Additional Info --- Magic: data Size: 1462 Md5: 60d9fdf331e9ab9f5a9ddcbbcf49224e Sha1: 76283488ae5a3b927449deca35db469067f9b45c Sha256: 0035dd77abe4fab821cf0868586f22f43d4ce6a6f9bdbd4d0e97249c56b26e6c
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: b6e379d64adcee372c42a844664d4c165ab461a7a49aeb99c5f9794baf688eb0 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3086 Cache-Control: max-age=90279 Date: Sat, 26 Nov 2022 09:29:31 GMT Etag: "63808e14-116" Expires: Sun, 27 Nov 2022 10:34:10 GMT Last-Modified: Fri, 25 Nov 2022 09:42:44 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 278 --- Additional Info --- Magic: data Size: 278 Md5: 956fc28c3ada2f06ddaecf086c3c330b Sha1: e1a2a5179796ecd9733ebbbd6d35ee4a31fc3251 Sha256: b6e379d64adcee372c42a844664d4c165ab461a7a49aeb99c5f9794baf688eb0
GET /7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL/ HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/ Cookie: XSRF-TOKEN=eyJpdiI6InJ3UElXMzkySm05M0Q1aHNuS2tKekE9PSIsInZhbHVlIjoiVzRwNnRKOUluQWxJTi9mMjlmbzJUNVJOeVRteitmbzUwTWZGWGtpN3praTRLc3NRdUhXejFPRXVjYU9CQ09FVEIzMzNMWVNzb0dpeExCTWlPNGQ2WldrbkMvdS9NMHNaN0llWGtFTVNNWDg1WW9RTVFkdzVZOFd1Z3FtMnNyVmsiLCJtYWMiOiI1YWJjZDc0YzNmNWIwOGMwYmNjN2ZkNDUwNTU5ZGI3OWZmZjNkNTA2MzkyNzRjYzIwYTAzZGIzZTg0OTA2YWM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJpYlJGU1lxdjhZVWhhUE5KVFQxZlE9PSIsInZhbHVlIjoid1hyTG51ckRpa2hDSUdaSmtwcVRzTXRsRkpHWW1wMEE0MXNwWFJFaTh1WXQyeEJ2MjBublkwK05ScHJEMEQyRkZIQkZEWG9YU1lqd0tDWEVsSm82b1Z2cjhCYkh2NDExQWQvOHo3SDFnV3dEYm50Mk1ZSERKbEc0QWtiQ0crenAiLCJtYWMiOiJiY2EyMjk1NzQ0ZjVhMzI5MmFmMjViYjJlM2UyNWVkNDgwZTkxMTk3Y2FlZTZjZGJkNGRmMWI1MzdhNDQ0ZDA3IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723} Upgrade-Insecure-Requests: 1	URL: i.dkundservice-postnord.hardcars.ro/7tVAKxyfW5hysHPZmlD (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: bc63046fe37d93a281a84156a4dab2bcf6848a9d6439e706075159eacb20bf50 89.35.173.163 HTTP/1.1 301 Moved Permanently Content-Type: text/html; charset=iso-8859-1 Date: Sat, 26 Nov 2022 09:29:32 GMT Server: Apache Location: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Content-Length: 290 Keep-Alive: timeout=2, max=147 Connection: Keep-Alive --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Size: 290 Md5: 8748696048cfec958ad0c9b3080fac9f Sha1: 443875c0166fefea491bcc00f8ebebd7a13f8fc2 Sha256: bc63046fe37d93a281a84156a4dab2bcf6848a9d6439e706075159eacb20bf50 Alerts: Blocklists: - fortinet: Phishing
GET / HTTP/1.1 Host: push.services.mozilla.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Sec-WebSocket-Version: 13 Origin: wss://push.services.mozilla.com/ Sec-WebSocket-Protocol: push-notification Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: FuEJdfu+TyBsT3B3zosgAQ== Connection: keep-alive, Upgrade Sec-Fetch-Dest: websocket Sec-Fetch-Mode: websocket Sec-Fetch-Site: cross-site Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: push.services.mozilla.com/ FQDN: push.services.mozilla.com IP: 34.223.160.237 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 34.223.160.237 HTTP/1.1 101 Switching Protocols Connection: Upgrade Upgrade: websocket Sec-WebSocket-Accept: kfqJgzo/WYqjWmJxSNxwaPMP6NM= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: baca2f37737e1b0156577860872c51a7d1522309c0e8522de639d2a814c40e01 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 3385 Cache-Control: max-age=99223 Date: Sat, 26 Nov 2022 09:29:31 GMT Etag: "6380afd9-1d7" Expires: Sun, 27 Nov 2022 13:03:14 GMT Last-Modified: Fri, 25 Nov 2022 12:06:49 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 471 --- Additional Info --- Magic: data Size: 471 Md5: 016536654580c3831dbef3be7221fdc1 Sha1: 289fc1e6d6cf0ba1ff7fbbd04ebc8c580a7428f6 Sha256: baca2f37737e1b0156577860872c51a7d1522309c0e8522de639d2a814c40e01
POST / HTTP/1.1 Host: ocsp.digicert.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 83 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: ocsp.digicert.com/ FQDN: ocsp.digicert.com IP: 93.184.220.29 HASH: 505251c589fbf18ad2f8a5a61180b5164ae2db9f349190c696d77fc07d226b8f 93.184.220.29 HTTP/1.1 200 OK Content-Type: application/ocsp-response Accept-Ranges: bytes Age: 4653 Cache-Control: max-age=106976 Date: Sat, 26 Nov 2022 09:29:31 GMT Etag: "6380c92e-118" Expires: Sun, 27 Nov 2022 15:12:27 GMT Last-Modified: Fri, 25 Nov 2022 13:54:54 GMT Server: ECS (ska/F71C) X-Cache: HIT Content-Length: 280 --- Additional Info --- Magic: data Size: 280 Md5: 0840582a42794f6dc88f56a90b71c521 Sha1: 1c752880d052854efeb8dc97f5e1a57ed324faff Sha256: 505251c589fbf18ad2f8a5a61180b5164ae2db9f349190c696d77fc07d226b8f
GET /public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://i.dkundservice-postnord.hardcars.ro/public/ Connection: keep-alive Cookie: XSRF-TOKEN=eyJpdiI6InJ3UElXMzkySm05M0Q1aHNuS2tKekE9PSIsInZhbHVlIjoiVzRwNnRKOUluQWxJTi9mMjlmbzJUNVJOeVRteitmbzUwTWZGWGtpN3praTRLc3NRdUhXejFPRXVjYU9CQ09FVEIzMzNMWVNzb0dpeExCTWlPNGQ2WldrbkMvdS9NMHNaN0llWGtFTVNNWDg1WW9RTVFkdzVZOFd1Z3FtMnNyVmsiLCJtYWMiOiI1YWJjZDc0YzNmNWIwOGMwYmNjN2ZkNDUwNTU5ZGI3OWZmZjNkNTA2MzkyNzRjYzIwYTAzZGIzZTg0OTA2YWM5IiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IjJpYlJGU1lxdjhZVWhhUE5KVFQxZlE9PSIsInZhbHVlIjoid1hyTG51ckRpa2hDSUdaSmtwcVRzTXRsRkpHWW1wMEE0MXNwWFJFaTh1WXQyeEJ2MjBublkwK05ScHJEMEQyRkZIQkZEWG9YU1lqd0tDWEVsSm82b1Z2cjhCYkh2NDExQWQvOHo3SDFnV3dEYm50Mk1ZSERKbEc0QWtiQ0crenAiLCJtYWMiOiJiY2EyMjk1NzQ0ZjVhMzI5MmFmMjViYjJlM2UyNWVkNDgwZTkxMTk3Y2FlZTZjZGJkNGRmMWI1MzdhNDQ0ZDA3IiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723} Upgrade-Insecure-Requests: 1	URL: i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hy (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 42e20c377f0ac1d5fe12bec1bda36ba8a19b168b311f104eedfd7a3cf13dc38d 89.35.173.163 HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:32 GMT Server: Apache Cache-Control: no-cache, private Set-Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:32 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; expires=Sat, 26-Nov-2022 11:29:32 GMT; Max-Age=7200; path=/; httponly; samesite=lax Keep-Alive: timeout=2, max=146 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884) Size: 60092 Md5: a0726cb69748691982ea44a8d53d8bd1 Sha1: a66b161f1760f966a37e5a754e8093db98d5bfb2 Sha256: 42e20c377f0ac1d5fe12bec1bda36ba8a19b168b311f104eedfd7a3cf13dc38d Alerts: Blocklists: - fortinet: Phishing
GET /f7165dd215.js HTTP/1.1 Host: kit.fontawesome.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: http://i.dkundservice-postnord.hardcars.ro Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/ Sec-Fetch-Dest: script Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: kit.fontawesome.com/f7165dd215.js FQDN: kit.fontawesome.com IP: 104.18.22.52 HASH: 524a1c1bb7661d5c1281877d7147b99da1af8ee7a90d5505af7e3773e381af94 104.18.22.52 HTTP/2 200 OK content-type: text/javascript date: Sat, 26 Nov 2022 09:29:31 GMT access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token access-control-allow-methods: GET, OPTIONS access-control-allow-origin: * access-control-max-age: 3000 cache-control: max-age=60, public, must-revalidate strict-transport-security: max-age=31536000; preload vary: origin, accept-encoding, access-control-request-headers, access-control-request-method x-request-id: FyfQ9eiZk1evP6MAEl6C cf-cache-status: HIT age: 26 server: cloudflare cf-ray: 770199a65943b517-OSL content-encoding: gzip X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 49071 Md5: e1cae81c0f1ee14ead0a078a6c0621fa Sha1: 2107a4d1b0aaf97bf9e108346904c5bd90b57e58 Sha256: 524a1c1bb7661d5c1281877d7147b99da1af8ee7a90d5505af7e3773e381af94
GET /public/css/app.css HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: text/css,/;q=0.1 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/public/css/app.css FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293 89.35.173.163 HTTP/1.1 200 OK Content-Type: text/css Date: Sat, 26 Nov 2022 09:29:32 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Wed, 03 Aug 2022 14:29:04 GMT Accept-Ranges: bytes Content-Length: 439658 Keep-Alive: timeout=2, max=150 --- Additional Info --- Magic: ASCII text Size: 439658 Md5: 181990cc2279e4cea65c9363fb37fee9 Sha1: b85a7ba40043b0c48a034d8382629ef7ec6a1e24 Sha256: 36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293 Alerts: urlquery: - Phishing - DHL
GET /images/all.png HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/images/all.png FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d 89.35.173.163 HTTP/1.1 200 OK Content-Type: image/png Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Last-Modified: Wed, 03 Aug 2022 14:29:04 GMT Accept-Ranges: bytes Content-Length: 12499 Keep-Alive: timeout=2, max=149 Connection: Keep-Alive --- Additional Info --- Magic: PNG image data, 123 x 84, 8-bit/color RGBA, non-interlaced\012- data Size: 12499 Md5: 2cb0b7f615faf2deb9ec6f53d3149a3b Sha1: 694a2c881c83e2ab86365bf1d16302ac5b9d500f Sha256: c1d5409eecb402a99f10718b06c266ba314d9e25f0b56c6fd063699334b8be6d Alerts: urlquery: - Phishing - DHL
GET /images/logo.png HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/images/logo.png FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756 89.35.173.163 HTTP/1.1 200 OK Content-Type: image/png Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Last-Modified: Wed, 03 Aug 2022 14:29:04 GMT Accept-Ranges: bytes Content-Length: 1998 Keep-Alive: timeout=2, max=150 --- Additional Info --- Magic: PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data Size: 1998 Md5: 5d14ab93691604e826e1319d53599eb9 Sha1: 78724360e9d25da584445b851e37bca05abe6b85 Sha256: 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756 Alerts: urlquery: - Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fonts (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 848cdfafa57dd151d72affd7635f2eff71b9c255de4767b44377f1426fa666c3 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=148 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6716 Md5: 5521088df9712d96a2408412fc0dde09 Sha1: 69474c58fd760d209f6aa070570aa797023bc777 Sha256: 848cdfafa57dd151d72affd7635f2eff71b9c255de4767b44377f1426fa666c3 Alerts: Blocklists: - fortinet: Phishing
GET /public/css/fonts/webfa-brands-400.woff2?d878b0a6a1144760244ff0665888404c HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/public/css/fonts/we (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: e18a28095fe2ce2db6d907550c14f756b97ca096333a833aebf97a3f45fc5510 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Upgrade: h2,h2c Connection: Upgrade, Keep-Alive Keep-Alive: timeout=2, max=150 Transfer-Encoding: chunked --- Additional Info --- Magic: data Size: 10941 Md5: ed6de11d667416f2ddf4c52e179020b3 Sha1: 4ec6ee6fa6c9d1182745030e7648c537bb2f2124 Sha256: e18a28095fe2ce2db6d907550c14f756b97ca096333a833aebf97a3f45fc5510 Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@forta (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=148 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@fonts (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=147 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9061 Expires: Sat, 26 Nov 2022 12:00:33 GMT Date: Sat, 26 Nov 2022 09:29:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9061 Expires: Sat, 26 Nov 2022 12:00:33 GMT Date: Sat, 26 Nov 2022 09:29:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9061 Expires: Sat, 26 Nov 2022 12:00:33 GMT Date: Sat, 26 Nov 2022 09:29:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "0E943AACB4A46480AB031EF294A0E089976EC125C331C15116B6C79F6B0F2FF0" Last-Modified: Sat, 26 Nov 2022 04:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=9061 Expires: Sat, 26 Nov 2022 12:00:33 GMT Date: Sat, 26 Nov 2022 09:29:32 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 8bb181e3f5ca898c6e31a8efc2e28291 Sha1: eda3a91f8e2cbc5467da08ad85e6f6a30702b66c Sha256: 0e943aacb4a46480ab031ef294a0e089976ec125c331c15116b6c79f6b0f2ff0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcc7a5b86-3ad1-40c7-b173-8a9ac078c227.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 8913 x-amzn-requestid: d0a9414c-eccf-44e8-adb7-92654544eeb5 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLWWXEpeIAMFnzw= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381375b-5825510666b3e80a5f83cafa;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:44:59 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: LDrq5UcFhG63XFZhmeS5Z_mEkwrvuQ2bLfT8hV9I3E1s1lJLZF5Dww== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:46:24 GMT age: 42188 etag: "0b6c9b51d10762a4747286ab5b1c2354fa39c622" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 8913 Md5: 5088223f5973e3cd56f03f50a1e84b79 Sha1: 0b6c9b51d10762a4747286ab5b1c2354fa39c622 Sha256: 8159e4f7eec7bea518bb29e3fdb070bab4fb70116205577f7b7d74ad4d0dfbc7
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@forta (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=149 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F34ec689c-96b7-450b-b77e-e0ecb4d89c3c.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9049 x-amzn-requestid: 6cbd9639-c29d-4ff4-8091-3168f64f4c78 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVGHzKoAMFSuA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135ba-100ea4235fdf1df8491041c8;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:02 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: OJZkZ18TlSgdBWsmSroQPIcYIvBFvz5-7hu9_GravTcz6zqxKXHZrg== via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:43:36 GMT age: 42356 etag: "3d32bff85cb7ec118c4496d0c3802829fdc9af3b" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9049 Md5: c8dc4b8a7e9f7f4f84f0da568b43392b Sha1: 3d32bff85cb7ec118c4496d0c3802829fdc9af3b Sha256: 4b0ffde427085c796a7a5823604b29a4af43dbb93e99ec41f34feb37f52ac7d9
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff?2285773e6b4b172f07d9b777c81b0775 HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: identity Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@forta (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=147 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f5318cc-4728-4160-afd1-9d20b79b7de9.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 9914 x-amzn-requestid: 4db4ed29-20b4-4ca7-8835-2463d0989d5b x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVVFHQYIAMFc4Q= x-content-type-options: nosniff x-amzn-trace-id: Root=1-638135b9-613da006118724124e345b29;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:38:01 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: 7cJmhEGkKqLUQUMqGuYtWBeu_1nlEUAxgTMy4ABekPJYrJP95wE6Jg== via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:59:05 GMT age: 41427 etag: "47fac81a2dd809df5c42ca1362f71d553572d2b1" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 9914 Md5: 3b1c6878914466cfece680fa7cb73502 Sha1: 47fac81a2dd809df5c42ca1362f71d553572d2b1 Sha256: 6458883dfa2bdfd483e92e5f847a229508ef00ce1dbd11f49eec369d0bd3160a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88ca6be9-2485-4243-a3fe-1e61449736dd.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: ba28f27ea906aaa6db1fbdca53ecbd4366b99d2696fb888e47b731e21c0f82da 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 6431 x-amzn-requestid: 0daa58b7-3fd8-463f-85f5-6f84fdb17661 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cLVOBEpEIAMF87A= x-content-type-options: nosniff x-amzn-trace-id: Root=1-6381358c-3f8b9c18598ba2532518668d;Sampled=0 x-amzn-remapped-date: Fri, 25 Nov 2022 21:37:16 GMT x-amz-cf-pop: HIO50-C1, SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: PuOd4PnHQfvwM2zDA15uprEEgoy7BfUUgjvkrf89DYmN43XfEfyJvg== via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google date: Fri, 25 Nov 2022 21:49:35 GMT age: 41997 etag: "6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 6431 Md5: 801dd70f0c591086062e2a9054f78efc Sha1: 6a2f4d4bfec41d16fa84b0a9b0b13f7dcff2be3d Sha256: ba28f27ea906aaa6db1fbdca53ecbd4366b99d2696fb888e47b731e21c0f82da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 4309 x-amzn-requestid: 47c2739d-73c5-4d91-914c-fe635cb09772 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: b1U8xGxgIAMF-qQ= x-content-type-options: nosniff x-amzn-trace-id: Root=1-63786851-6fbe19dc5c4c20dd657604e3;Sampled=0 x-amzn-remapped-date: Sat, 19 Nov 2022 05:23:29 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: ezHvyK3va4SioabOjSittTiLQRs_Q8k4TPxkiGp_svtZ8omDPTUN-A== via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 05:04:28 GMT age: 15904 etag: "126771b86638108050cf57c0d12faa27f80f0edb" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 4309 Md5: 841a4b110022a99ddea6f7bf66df0fa1 Sha1: 126771b86638108050cf57c0d12faa27f80f0edb Sha256: 240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcf04cc9f-ee4b-42fd-914f-cd86b9dc30eb.jpeg HTTP/1.1 Host: img-getpocket.cdn.mozilla.net User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Origin: null Connection: keep-alive Sec-Fetch-Dest: image Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: img-getpocket.cdn.mozilla.net/296x148/filters:format(jp (...) FQDN: img-getpocket.cdn.mozilla.net IP: 34.120.237.76 HASH: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de 34.120.237.76 HTTP/2 200 OK content-type: image/jpeg server: nginx content-length: 3502 x-amzn-requestid: ca3f2610-e03c-48a7-abb3-fbbab76f63d2 x-xss-protection: 1; mode=block access-control-allow-origin: * strict-transport-security: max-age=63072000; includeSubdomains; preload x-frame-options: DENY content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none' x-amz-apigw-id: cCvYUHO5IAMFqDA= x-content-type-options: nosniff x-amzn-trace-id: Root=1-637dc5ce-7e36137711dc4668278c1c94;Sampled=0 x-amzn-remapped-date: Wed, 23 Nov 2022 07:03:42 GMT x-amz-cf-pop: SEA19-C2 x-cache: Hit from cloudfront x-amz-cf-id: QS3ZKYetcm87GNwSr34eRPF2d4r8ppwf3fT19aV-u84f7ObX4bU8wQ== via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google date: Sat, 26 Nov 2022 07:13:26 GMT age: 8166 etag: "61f9bed607e81606be78285596acdc5e0e4f4994" cache-control: max-age=3600,public,public alt-svc: clear X-Firefox-Spdy: h2 --- Additional Info --- Magic: JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Size: 3502 Md5: a783df85f30f9c555f9df6b99f61744d Sha1: 61f9bed607e81606be78285596acdc5e0e4f4994 Sha256: 19db42201d0fa059f680d890ede6683c04e893e6308a2256d0203f826a7f34de
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@forta (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=146 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.ttf?527940b104eb2ea366c8630f3f038603 HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/css/app.css Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/fonts/vendor/@forta (...) FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c 89.35.173.163 HTTP/1.1 404 Not Found Content-Type: text/html; charset=UTF-8 Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Cache-Control: no-cache, private Keep-Alive: timeout=2, max=146 Connection: Keep-Alive Transfer-Encoding: chunked --- Additional Info --- Magic: HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395) Size: 6609 Md5: 307dca9c775906b8de45869cabe98fcd Sha1: 2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1 Sha256: 8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c Alerts: urlquery: - Phishing - DHL Blocklists: - fortinet: Phishing
GET /images/favicon.gif HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: image/avif,image/webp,/ Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-c63b8a13-08de-47fa-a4cd-59a2bb3a3235%22%2C%22lastActivity%22:1669454971838}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669454971840}; _lr_uf_-mnnzup=85199be1-cf96-46a9-b10b-3ecfc862fc83	URL: i.dkundservice-postnord.hardcars.ro/images/favicon.gif FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 HASH: b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807 89.35.173.163 HTTP/1.1 200 OK Content-Type: image/gif Date: Sat, 26 Nov 2022 09:29:33 GMT Server: Apache Last-Modified: Wed, 03 Aug 2022 14:29:04 GMT Accept-Ranges: bytes Content-Length: 2238 Keep-Alive: timeout=2, max=145 Connection: Keep-Alive --- Additional Info --- Magic: MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data Size: 2238 Md5: a6f1af8e79a11829ba9a66474b06bb97 Sha1: d99e3ec7747c865033a8dfad43c9f49634404bc1 Sha256: b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807 Alerts: urlquery: - Phishing - DHL
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1 Host: ws-mt1.pusher.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Sec-WebSocket-Version: 13 Origin: http://i.dkundservice-postnord.hardcars.ro Sec-WebSocket-Extensions: permessage-deflate Sec-WebSocket-Key: OJi47q2POyyulv1EAenqrg== Connection: keep-alive, Upgrade Pragma: no-cache Cache-Control: no-cache Upgrade: websocket	URL: ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&c (...) FQDN: ws-mt1.pusher.com IP: 54.236.96.55 HASH: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 54.236.96.55 HTTP/1.1 101 Switching Protocols Date: Sat, 26 Nov 2022 09:29:32 GMT Connection: upgrade Server: nginx/1.17.7 Upgrade: websocket Sec-WebSocket-Accept: pZ8uK4INfs/8VzC8+YKXkapAo8Q= --- Additional Info --- Magic: Size: 0 Md5: d41d8cd98f00b204e9800998ecf8427e Sha1: da39a3ee5e6b4b0d3255bfef95601890afd80709 Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST / HTTP/1.1 Host: r3.o.lencr.org User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: application/ocsp-request Content-Length: 85 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache	URL: r3.o.lencr.org/ FQDN: r3.o.lencr.org IP: 23.36.76.226 HASH: 5da11a65e093427c993b15240bd8e2460f58c6888d8ef23aa6e55b0c5ce6e880 23.36.76.226 HTTP/1.1 200 OK Content-Type: application/ocsp-response Server: nginx Content-Length: 503 ETag: "5DA11A65E093427C993B15240BD8E2460F58C6888D8EF23AA6E55B0C5CE6E880" Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC Cache-Control: public, no-transform, must-revalidate, max-age=8963 Expires: Sat, 26 Nov 2022 11:58:58 GMT Date: Sat, 26 Nov 2022 09:29:35 GMT Connection: keep-alive --- Additional Info --- Magic: data Size: 503 Md5: 5270dcf9efc99328f327d6faf4be88c9 Sha1: 6b764ef22e7a34dc2d2c52eb9ed21860f68d3425 Sha256: 5da11a65e093427c993b15240bd8e2460f58c6888d8ef23aa6e55b0c5ce6e880
POST /i?a=mnnzup%2Fdus&r=5-c63b8a13-08de-47fa-a4cd-59a2bb3a3235&t=598cab22-a647-46d2-b7fd-a56b0ca8e25f&s=0&rs=0%2Cu&u=d3650970-1767-43cf-890b-c04b3e910021 HTTP/1.1 Host: r.lr-in.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Content-Length: 391704 Origin: http://i.dkundservice-postnord.hardcars.ro Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/ Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: cross-site	URL: r.lr-in.com/i?a=mnnzup%2Fdus&r=5-c63b8a13-08de-47fa-a4c (...) FQDN: r.lr-in.com IP: 104.198.23.205 HASH: 9e2355266f9a82043231c76a083fde643e974fbb07d30bfe5614c71f3573297a 104.198.23.205 HTTP/2 201 Created content-type: application/json; charset=utf-8 date: Sat, 26 Nov 2022 09:29:36 GMT content-length: 104 x-powered-by: Express access-control-allow-origin: * access-control-allow-methods: GET, PUT, POST, DELETE, PATCH, OPTIONS etag: W/"68-bKW1I+6ujOEijWzRIER2LWMXtxA" strict-transport-security: max-age=15724800; includeSubDomains access-control-allow-credentials: true access-control-allow-headers: DNT,Keep-Alive,User-Agent,X-Requested-With,X-Csrftoken,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept,Origin,X-Logrocket-Url,X-Logrocket-Ignore,X-Logrocket-Secret,X-LogRocket-ClickHouse-Override,X-LogRocket-ClickHouse-Enabled-Queries access-control-max-age: 1728000 X-Firefox-Spdy: h2 --- Additional Info --- Magic: data Size: 731 Md5: 601f8a25dc1c18c790e0cb7dbdc0da4c Sha1: dbfc03eb04cc6fb0a760d802eb72f203f76d4124 Sha256: 9e2355266f9a82043231c76a083fde643e974fbb07d30bfe5614c71f3573297a
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1 Host: static.hotjar.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/ Sec-Fetch-Dest: script Sec-Fetch-Mode: no-cors Sec-Fetch-Site: cross-site	URL: static.hotjar.com/c/hotjar-2895475.js?sv=6 FQDN: static.hotjar.com IP: 143.204.55.84 143.204.55.84 HTTP/2 200 OK content-type: application/javascript; charset=UTF-8 access-control-allow-origin: * content-encoding: br cross-origin-resource-policy: cross-origin strict-transport-security: max-age=2592000; includeSubDomains x-cache-hit: 1 x-content-type-options: nosniff date: Sat, 26 Nov 2022 09:29:32 GMT cache-control: max-age=60 etag: W/0520ba2bc8f674a05fc0be00e25b43c2 vary: Accept-Encoding x-cache: RefreshHit from cloudfront via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront) x-amz-cf-pop: OSL50-C1 x-amz-cf-id: ik37T5jiQxS5FMWsCOLC38uoXddu1Y23rWG_erIMOyS7zqZRWzG6pg== X-Firefox-Spdy: h2 --- Additional Info ---
GET /public/js/app.js HTTP/1.1 Host: i.dkundservice-postnord.hardcars.ro User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0 Accept: / Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: keep-alive Referer: http://i.dkundservice-postnord.hardcars.ro/public/7tVAKxyfW5hysHPZmlDYzm7osb3UAoGL Cookie: XSRF-TOKEN=eyJpdiI6InFybzFSWVZjVzZ0K2NzeXpDQkJaRUE9PSIsInZhbHVlIjoid013K283c2grUHRWTFdXQlpDdXFDSU1iTXF5S2RHa2dCdE1BZTMvbGhTQkQ4azlmNUY5bWl3QnBqS2hkVWhiN0E5cjNXVE10Z1hqdzdUUi8vaGZtUDM5NkRhN3MrK1RzUzVDQU5kWnd6c0NSR0h4RzgzTXRjdHdLN1lIMUtCaTkiLCJtYWMiOiI3M2Q2Y2VlYjg4YmU2MThhZGZiZWMyOTdmYzllZjY4MmNmOTVjZDQ1ZmIyYTRhMjAwOTFlOGIwZjdkYTBmNjBmIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik5taHBDdDFOeENvSVVjUXFueVVVd2c9PSIsInZhbHVlIjoiRnhxVzlMb3EwanBMTGVUeVFoWG8wcEtQK3FCVGw4U3ZKMWtxMFBVdDFEMUxnVHphNUF6Z1hONkVHYVIwUjBaM1ErMmR6MXo1ZHltSUtVT2NzZ1p5L3pmRzQrTzh3SnJEQTFnYkxIbndia3VpK3lvRWdVc1pWNjdrdzRDdUt1WmoiLCJtYWMiOiI5ZTBmOWM2NjY0ODQxMDQ1NGUwMGU5MzlhMzFkOGUzMWQ4ZGUxODA1NDM3YmVhNDU2ODY0YmQ5NjZmNTExNDQxIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-9e6d9b4a-2c3b-423c-8227-b06a886a55ca%22%2C%22lastActivity%22:1669453632723}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1669453632723}	URL: i.dkundservice-postnord.hardcars.ro/public/js/app.js FQDN: i.dkundservice-postnord.hardcars.ro IP: 89.35.173.163 89.35.173.163 HTTP/1.1 200 OK Content-Type: application/javascript Date: Sat, 26 Nov 2022 09:29:32 GMT Server: Apache Last-Modified: Wed, 03 Aug 2022 14:29:04 GMT Accept-Ranges: bytes Content-Length: 1613806 Keep-Alive: timeout=2, max=145 Connection: Keep-Alive --- Additional Info --- Alerts: Blocklists: - fortinet: Phishing

URL	i.dkundservice-postnord.hardcars.ro/public/IJOsc4pyNVf2k7wbYidsjDzif4C0DtgE
IP	89.35.173.163 (Romania)
ASN	#59854 Top Level Hosting SRL
UserAgent	Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed	2022-11-26 09:29:41 UTC
Status	Loading report..
IDS alerts	0
Blocklist alert	14
urlquery alerts	15 Phishing - DHL Phishing - DHL
Tags	None

Overview

Domain Summary (13)

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 89.35.173.163

Last 5 reports on ASN: Top Level Hosting SRL

Last 5 reports on domain: hardcars.ro

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (46)

Overview

Domain Summary (13)

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro

Blocklists

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 89.35.173.163

Last 5 reports on ASN: Top Level Hosting SRL

Last 5 reports on domain: hardcars.ro

Last 5 reports with similar screenshot

JavaScript

Executed Scripts (11)

Executed Evals (0)

Executed Writes (0)

HTTP Transactions (46)

Network Intrusion Detection Systems