detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 17 Jan 2023 16:32:38 GMT
Age: 24372
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Wed, 18 Jan 2023 02:39:25 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash afcb2f61e3333632c0f0fcb4ddc46332
aad59b1ab256b2516b3c6c0dfdc916057fb72a12
a12729d197b61e76557c1f791f0a777f99199b3af49713755d8c286c6fa9e419
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A12729D197B61E76557C1F791F0A777F99199B3AF49713755D8C286C6FA9E419"
Last-Modified: Tue, 17 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8463
Expires: Wed, 18 Jan 2023 01:39:54 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14536
Expires: Wed, 18 Jan 2023 03:21:07 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive
knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz
162.241.149.217302 Found 358 B URL HTTP/1.1 knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 9dc80158f2ead5a9752b15aa8136587f
b68726bd330824878fd1211cfd32ee65c505ae4b
aa3d4d4b0739d18f8b5bf46d25ae1688e32180aaf392bbd6bf10e4ba8f44fdaf
Analyzer Verdict Alert quad9 Sinkholed
GET /public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 23:18:49 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:49 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: http://knowlzcomp.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
34.120.5.221200 OK 42 kB URL HTTP/2 getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30
IP 34.120.5.221:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash a84a83c4fdebf8a4317ca5657c99f108
a02139a3bed16468c51e27620e4dd4efd887c1de
7859c0d2508cd29a24a13fb0a311e21793782d9f599b715e87e5580170bf8fa2
GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US®ion=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: R0BnU9qcp-R9y9FQWDms5F3zi4xuAoVNbB31XY5MV9U4HfxVKNYX3w==
content-encoding: gzip
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 23:05:44 GMT
age: 871
content-type: application/json
content-length: 41727
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: sRCj2TFEiXWDsFOTnkKCOQYsvBGjdq4vc96KxKCl7HWUiD6kgfuc2WjbHr5e3Ji/Qev60KyAbFNdm+Pz+v9U7A==
x-amz-request-id: 3WH1R14WP7WAS28K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 23:00:24 GMT
age: 1107
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13907
Expires: Wed, 18 Jan 2023 03:10:38 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 23:18:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:19 GMT
content-type: application/json
age: 2672
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
knowlzcomp.com/public
162.241.149.217301 Moved Permanently 237 B IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash ae976f07e813b2f4322c1590c5c195a2
99aa649a5a8d79d13e9c66f1873611873f58c72d
734a7e56e68c7a61ed7bf920ec6c7095c6d340230d0fda5032414d8883b928ad
Analyzer Verdict Alert quad9 Sinkholed
GET /public HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:49 GMT
Server: Apache
Location: http://knowlzcomp.com/public/
Content-Length: 237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
detectportal.firefox.com/success.txt?ipv4
34.107.221.82200 OK 8 B URL HTTP/1.1 detectportal.firefox.com/success.txt?ipv4
IP 34.107.221.82:0
Hash ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 17 Jan 2023 16:32:38 GMT
Age: 24373
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 11dc9d150eeb16db02d68bc0e7c63181
87a038b033de6fb347c3b0e5e9aeb56677072897
75ca7c4eb8492ccfb1af597dc70ad40a40a4cc97ec5e7dac919138c0c7746ad5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4514
Cache-Control: max-age=157916
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:51 GMT
Etag: "63c6e115-1d7"
Expires: Thu, 19 Jan 2023 19:10:47 GMT
Last-Modified: Tue, 17 Jan 2023 17:55:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 22:48:57 GMT
age: 1795
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
35.82.234.231200 OK 8 B URL HTTP/1.1 shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP 35.82.234.231:0
Hash 29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 17 Jan 2023 23:18:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4457
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Last-Modified: Tue, 17 Jan 2023 22:04:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
knowlzcomp.com/public/
162.241.149.217200 OK 558 B IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 94adf93572e23984379871174e166b36
96b3f5b354fbddd12354bdb2d584d8b12001c8fe
a155472ed9ec97cb00d2dc69041850e1c6df09eb8277002585e034ddc2d66387
Analyzer Verdict Alert quad9 Sinkholed
GET /public/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:50 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:50 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash acceb71d5f69e5c2bfc4fdd1e2e66e5f
ae10094a4ddf886098dcbed9107629ac67445425
12fa3bca428be2a5693520f76115593ee654b8e98eaa952212a4da94d444b9ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=154425
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Etag: "63c6db40-117"
Expires: Thu, 19 Jan 2023 18:12:37 GMT
Last-Modified: Tue, 17 Jan 2023 17:30:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash acceb71d5f69e5c2bfc4fdd1e2e66e5f
ae10094a4ddf886098dcbed9107629ac67445425
12fa3bca428be2a5693520f76115593ee654b8e98eaa952212a4da94d444b9ea
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=154425
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Etag: "63c6db40-117"
Expires: Thu, 19 Jan 2023 18:12:37 GMT
Last-Modified: Tue, 17 Jan 2023 17:30:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279
push.services.mozilla.com/
34.216.206.159101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.216.206.159:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 35HQ7x/URqfDTSaG2cPgXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hEFXetmbRMwdBqIrUVbT+jP/WK8=
knowlzcomp.com/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/
162.241.149.217301 Moved Permanently 269 B URL HTTP/1.1 knowlzcomp.com/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 2e6d1e9022bbb4821915869af93e9e12
9424afbc4e96fa42f43b6f4917db3711ad302329
44445b92884dc65cd3ef6b112ba16312bdc9f5e524122076b0b487103989709e
Analyzer Verdict Alert quad9 Sinkholed
GET /GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:50 GMT
Server: Apache
Location: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Content-Length: 269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22
35.241.9.150200 OK 21 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Hash f4179d69e693279417fceb7d3d1104de
2962b1d455fae7708a434a1568c06089fb782e15
e4aa0b54d779fe6c535ed6d147dc3e4509eac6a0ea245fcc96ae9388af65998f
GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Tue, 17 Jan 2023 22:42:03 GMT
age: 2209
last-modified: Tue, 17 Jan 2023 21:41:40 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22
35.241.9.150200 OK 13 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (13016), with no line terminators
Hash a32e722f0a6cfc53e45257e5119c3491
1a29d88c54b449466f13663eca07b97660e38daf
a2f30513add855e8c0be74bc18893abaf76c9ea2bc5e1d8dad838228a5c602de
GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 13016
via: 1.1 google
date: Tue, 17 Jan 2023 22:49:05 GMT
age: 1787
last-modified: Tue, 17 Jan 2023 18:37:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
x-amz-id-2: FbAwVbXhPxzTUtdRjJ3qYt7LjV4iDqGD4Ct/coYIGt2w2itywF6kPjdNwGiIDof7agD1S+gEH//xH0mCy19H4Q==
x-amz-request-id: W2S9TX2ZNWKXBW3N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 22:56:27 GMT
age: 1345
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:19 GMT
content-type: application/json
age: 2673
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a174b27a541fddd78d791a7b4dd4d36a
13da2172906aee67225feb1edc29c01f0cfd440e
9c6419afdf05c083a19cb78ed632363c657e55b07e471a0e7c04f5cbb1571219
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C6419AFDF05C083A19CB78ED632363C657E55B07E471A0E7C04F5CBB1571219"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7122
Expires: Wed, 18 Jan 2023 01:17:35 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
104.16.87.20200 OK 6.8 kB URL HTTP/2 cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP 104.16.87.20:0
File type ASCII text, with very long lines (2400)
Hash 51e44697183a9609af0abe3c4083eb7b
1aa723ac6b243916d17da821f8eb6155351a23d9
b4b2f05ab84ed9a590d536ec040647062191b541325a8bf14b14e6a07f68c22e
GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:52 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
x-served-by: cache-fra19138-FRA, cache-yyz4558-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZEhGGOa5OqUNgJs9Tub%2BNvtJKW88hijfQMiPtztNGKQSTlam2m9UHcI1teEb6buK7I5Sev0DH7AEX2gboT0XjXF5eEQugd92smYy7FQk6linxZFEAD4Y7a1rg0sQjDqzpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d001dd941c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
34.111.73.144200 OK 807 kB URL HTTP/2 firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP 34.111.73.144:0
Size 807 kB (807180 bytes)
Hash 914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857
GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: wjePtn4DAnNmuTkdcDkI94NmqTCeeBOL4sF+sgho/Ciznhx86pIPnXU6bfNiMkwTryCb+vofr2E=
x-amz-request-id: NKRGS5M85MVAFN2M
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Tue, 17 Jan 2023 12:42:00 GMT
age: 38213
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2
knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
162.241.149.217200 OK 60 kB URL HTTP/1.1 knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Hash 50bcdf0a4f9c3bf37ed0c5b8678bb6c5
d24e886b71ae0aca37bff5a73a491d93c3c0795f
9c0fed730eaa64c4693b1165551548ed9301d21f54c8682979e92ed99793a735
Analyzer Verdict Alert quad9 Sinkholed
NIDS Severity Alert suricata high ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS
GET /public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://knowlzcomp.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:51 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22
35.241.9.150200 OK 54 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (53737), with no line terminators
Hash ffd6f795ba120b7116af7b4a121381eb
7fd63272d67790e91a4b52b6b68b76ae5e9df4f0
f942eb8d904c087ea503fa7c0fc6e8e27cd7f06791231cb506edfda834c5b7da
GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53737
via: 1.1 google
date: Tue, 17 Jan 2023 22:49:05 GMT
age: 1788
last-modified: Tue, 17 Jan 2023 19:44:32 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
104.21.11.160401 Unauthorized 49 kB URL HTTP/2 killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
IP 104.21.11.160:0
File type JSON data\012- , ASCII text, with very long lines (48589)
Hash 0a0fc976aafb26a1778b3ecd8768e3f9
5adc920439ef07f017cffeca460b968843f2ae9f
aacc620dac24d6ce3e0cbee14c546e7f8c219350c143227d585b588b6cf0613c
GET /api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh HTTP/1.1
Host: killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 401 Unauthorized
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
access-control-allow-origin: *
access-control-allow-methods: POST, GET
set-cookie: _killbot=lq0fa7ubaqimobn5qps3775ohen0oaub; expires=Wed, 18-Jan-2023 01:18:53 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWt9EyuLuL6ZWKPBh89AxvnVRblO4wIS2i00ORnu5Ieb%2FPJrWH3YBq7GDDJdH6MI287iJVNWpv0pE6wb%2FhfJpCa1Rf%2FVbdYylNkbN12WXP%2BvXWh7a%2Fts83wpQLAT%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d006ed09b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.lr-in.com/logger-1.min.js
104.21.234.144200 OK 165 kB URL HTTP/2 cdn.lr-in.com/logger-1.min.js
IP 104.21.234.144:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 165 kB (165054 bytes)
Hash af0d4e2522cee3d80ae8ee90044766ff
0125c9f8bd721b6006443dd5e22024c4afddb800
724ebb8a2c06617ab261fa7275dd683be61e129914bb51248c4a6792b1caf269
GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"bc9af9b9c1e9dddc5b4d9dcc29140c1392ddcafa3509ecaaa26f00a87164bf09"
last-modified: Tue, 17 Jan 2023 22:13:10 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-fra-eddf8230041-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673993769.712900,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FukRcA1k9qiSbCT6C%2ByYyXdvWWHDAVUyAu12O%2FRJ55LKN6kxbVUpnFTYuzXZ%2FkG%2BGUGdkg%2BZkj9M3G7pDWLl48UhH1VmxUYpkQYkbsyt%2FKI4l%2Bjb9R9gZ7fuDpOs2CT7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d006aecc889e-LHR
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:12 GMT
age: 4781
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
35.241.9.150200 OK 1.3 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Hash a15652d2ad5a61b333b603a147df4087
f737222311cbc30f90aeacadea9f48e460710e74
c49c6ab42f400eab679ca2a696f76e8083c9ac8fa81f45716ec027a12d29fab9
GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:22 GMT
age: 2671
last-modified: Mon, 16 Jan 2023 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sevdt3pkqowmWlcF5QHU2misel_RbAc1aAd9H-hU1mRw2xb3WF7-IQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 04:00:28 GMT
age: 69505
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:17:05 GMT
age: 3708
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 4748
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 381020ef41e1bb778e6cee364695c2ff
f241897089655dd0535cd851f53e18be6a0c6ecb
7a9834c6ae61836742ae920ae26213d115911be7a1feee9baaadc986c1fc4e7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8697
x-amzn-requestid: 70c2ea6b-5bce-4628-bb4f-8394f2dcf2fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4A_YGIXIAMFilg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c64862-7d0baeb43a306fb80926a527;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:04:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eiBk-UwKhASmAgu78_GzSyWd5q2Pht2upQOckw9qilwq6ryXQUCjQg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:22 GMT
age: 57811
etag: "f241897089655dd0535cd851f53e18be6a0c6ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 32572
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
knowlzcomp.com/public/css/app.css
162.241.149.217200 OK 440 kB URL HTTP/1.1 knowlzcomp.com/public/css/app.css
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 440 kB (439658 bytes)
Hash 181990cc2279e4cea65c9363fb37fee9
b85a7ba40043b0c48a034d8382629ef7ec6a1e24
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /public/css/app.css HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 439658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
35.241.9.150200 OK 682 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Hash 668f51f448163fe951f3449c028bfd40
8d624c9419b30c8be7f62724ccd6095f7c4794ef
f3feec2c60186018c18cfcd262d851e35223e8285139c96a89335bb473972395
GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 17 Jan 2023 22:26:24 GMT
age: 3149
last-modified: Fri, 13 Jan 2023 16:36:53 GMT
etag: "1673627813356"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
172.64.169.22200 OK 13 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
IP 172.64.169.22:0
File type ASCII text, with very long lines (608)
Hash e29b309adfe8e7429aa1d1df5ace7fb8
55d07d6f9843d1c7bcf0ed1947a225d72f08c35e
fc24a9446587cbfd55d1b46bb75559ce8f491d48f477e24bb73541975f258202
GET /releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"15e2713dff942747406520edde3fd0bf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 93cfeed105500c4613cee2ee99f5f9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: m25TERZ1Y2TCsANiEqs-iB20DUrbtuoSIZAIeWMCEJ2wIEDN0376HA==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aD7mrZRxJHFJabaQdW8%2F9pPrm0alGRqJpSfIxFjcqpdysGSGmwjZASnucGYxC%2FmisGdBBlJEnPWWXlriSByaYZsLYNBwp29ZEh1mBWweB6i1wg%2FMDHKLFFhvf5EZ%2BssRdGMkCY9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b2d007089123c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
104.17.25.14200 OK 77 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 104.17.25.14:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:54 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 960962
expires: Sun, 07 Jan 2024 23:18:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5nuAXi%2FWp%2BTgz6%2Bf4x7sciTG%2BH7KeL%2Fvp7xxFJawyknH2WmcVDU5bwS%2FjrK6fmFnftXK31%2BsLh6K6d1mxEGmQTqCxwgbbIRw6TlTfB2EtKiL9MLVHjGe2YgZqKKkkGsUTxoO0bF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78b2d00bdc9cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
35.241.9.150200 OK 934 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (934), with no line terminators
Hash 20b9199d0871aa8d1f02e09fc0de6a48
874015ed48e4ccc4d1d3dc4a979d50eaeb059d8c
07214176412ea5e83b5be84ca1d401061fac8b20275e2ee7da3189de2fdba7ed
GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Tue, 17 Jan 2023 23:05:02 GMT
age: 832
last-modified: Fri, 13 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22
35.241.9.150200 OK 2.1 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (2053), with no line terminators
Hash c9dfad8fb4f66de06991e6a07810fd81
f52da6b70dcdbc23965b701d5814910db2b352f4
809ef846c4956a8fce795fe871cb2d6c5ab2746c1fc3c76c4cd182e4cbf3aded
GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2053
via: 1.1 google
date: Tue, 17 Jan 2023 23:06:14 GMT
age: 760
last-modified: Thu, 12 Jan 2023 09:54:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
172.64.169.22200 OK 11 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
IP 172.64.169.22:0
File type ASCII text, with very long lines (27377)
Hash ed6de11d667416f2ddf4c52e179020b3
4ec6ee6fa6c9d1182745030e7648c537bb2f2124
e18a28095fe2ce2db6d907550c14f756b97ca096333a833aebf97a3f45fc5510
GET /releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 674e965f3d2af64c7723a159d4fcb6b4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: rsrE7TBHG-xrmPLHTm-2ew9crm8VymDmKQzYmVZUxJwUPtK3OAq6lA==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BpFto%2FUktYiHuLOGpL%2Br%2BLw9pa8xW53CjGs1YoWF%2BZfz%2BeaGTNNGFDxzbdQOreC1Ld6VXK%2FUdI8ZRV3GQmkkCW62VoIi7%2FWS5%2BZwv6zUQIWpjjI3%2FLu5koTABvzUlIqNF%2BMb%2FvEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007088f23c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
35.241.9.150200 OK 1.5 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Hash 04e8681bd37cd9936118efcc4f31393e
c4fc04440eaabf9fd6cbb8fa329e3613c20f4af9
c30333d7ffeb2568b19b0574dfe60261a7fe5920b8cf8f3309928638dad4007c
GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Tue, 17 Jan 2023 23:08:23 GMT
age: 631
last-modified: Wed, 11 Jan 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22
35.241.9.150200 OK 15 kB URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (15184), with no line terminators
Hash 916d3ce5150a0223e7fa70a174231ae0
885d48d877af9ff31a0af142664d9716f25e816a
8e75c22521885eeab98b4cd6aae8bc2ebff94e3e5c45b4e8a0c6869e376a7e93
GET /v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 15184
via: 1.1 google
date: Tue, 17 Jan 2023 22:35:27 GMT
age: 2607
last-modified: Wed, 11 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
162.241.149.217404 Not Found 6.6 kB URL HTTP/1.1 knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
162.241.149.217404 Not Found 6.6 kB URL HTTP/1.1 knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
knowlzcomp.com/public/js/session-recorder.js
162.241.149.217200 OK 45 kB URL HTTP/1.1 knowlzcomp.com/public/js/session-recorder.js
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (44992)
Hash 701984b4995f3c29820e83c999b7eb23
a3b50104a3bfa05bf59a317273816c7d8ae1f81d
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /public/js/session-recorder.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 45066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
162.241.149.217404 Not Found 6.6 kB URL HTTP/1.1 knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:53 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
172.64.169.22200 OK 150 kB URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
IP 172.64.169.22:0
File type Web Open Font Format (Version 2), TrueType, length 150500, version 770.768\012- data
Size 150 kB (150500 bytes)
Hash 69a76555beae5c43a59559396c1aeb54
7d2759002c67a66fc38a72dd0e395e2da3d41474
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4
GET /releases/v6.2.1/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:54 GMT
content-type: font/woff2
content-length: 150500
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
etag: "69a76555beae5c43a59559396c1aeb54"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 0dd1077162fbc5ae77bb4c494a180158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: sMpd5AGW3bHlmxNQiIPGFpoMX2u7OQFd9VkO6hpjhbjRN2IYqk4Kxg==
age: 94571
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2oV6ACbMMMjxrVc5JolBGFQC5aDpTQONumKMjwmYDxecPNHqU%2F9Ev0iCPqUBCClOP%2Fi7FiyyCcWT9FDgFKjeognttZ9HJvPiisko4%2FR4btgFU%2Bjvl6Sd27REpkbUGaSWzNMJSLW3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b2d0115dc323c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
knowlzcomp.com/public/js/app.js
162.241.149.217200 OK 1.6 MB URL HTTP/1.1 knowlzcomp.com/public/js/app.js
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
Size 1.6 MB (1613806 bytes)
Hash fd900f643203761f2eeca2132fc15f1d
375f23ca9ad75b647373bda03b02e2d0f6e729be
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /public/js/app.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1613806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
34.199.40.30101 Switching Protocols 0 B URL HTTP/1.1 ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP 34.199.40.30:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://knowlzcomp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AfJy2QJlVlQG3f9wzQp3dg==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Date: Tue, 17 Jan 2023 23:18:56 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: N3DXwKlbPyiqSQRsE0ceDJzooxc=
knowlzcomp.com/images/favicon.gif
162.241.149.217200 OK 2.2 kB URL HTTP/1.1 knowlzcomp.com/images/favicon.gif
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807
Analyzer Verdict Alert urlquery phishing Phishing - DHL
quad9 Sinkholed
GET /images/favicon.gif HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-362a805e-5606-48a4-8be5-658962ba9fbb%22%2C%22lastActivity%22:1673997535886}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997535887}; _lr_uf_-mnnzup=dcb4b281-8526-4a4e-b5a5-24b5ee20cdbd
HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:54 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
ocsp.sca1b.amazontrust.com/
143.204.42.158200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.158:0
Hash 01217c49b49001928970f50dcaf57dab
91db90c37af80758cf300a155bd0999f51115eb7
c627e6f46122f492cf84c90d4ca822736480887ec0d48fd4ab9c646a20b30ba6
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147374
Date: Tue, 17 Jan 2023 23:18:56 GMT
Etag: "63c6bdde-1d7"
Expires: Thu, 19 Jan 2023 16:15:10 GMT
Last-Modified: Tue, 17 Jan 2023 15:25:18 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: adWIb20RHnF_i2wzaRYoAirXTE-5Fje77aX0posuDRLoyyyGSIAvWA==
Age: 2992
csmetrics.hotjar.com/
52.210.228.197204 No Content 0 B IP 52.210.228.197:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert urlquery phishing Phishing - DHL
POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 81
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Tue, 17 Jan 2023 23:18:56 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2
knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
162.241.149.217404 Not Found 6.6 kB URL HTTP/1.1 knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
162.241.149.217404 Not Found 6.6 kB URL HTTP/1.1 knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP 162.241.149.217:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Hash 307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c
Analyzer Verdict Alert urlquery phishing Phishing - DHL
GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-362a805e-5606-48a4-8be5-658962ba9fbb%22%2C%22lastActivity%22:1673997535886}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997535887}; _lr_uf_-mnnzup=dcb4b281-8526-4a4e-b5a5-24b5ee20cdbd
HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
IP 172.64.169.22:0
GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81bc7853cdca941dddd27cd956741044.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: OEQdsl69hvVlMYCZDgqbrWUegoLPqj9Ml61PpzFfmt6hrszyQ30Xug==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nItgPFUfufV6tlTu1iTkM14XdTqq8hBLgikUXiOcllcewDPUSNuX%2BPmecbgGIFaYVlRj9awdCyk7HFEo3AvF%2B%2F3KqEK1IbauMWs795JcrkM1SIo7iPXHL8WWVHy2OLktsyZLO0XCoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007089223c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=f7165dd215
172.64.169.22200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=f7165dd215
IP 172.64.169.22:0
GET /releases/v6.2.1/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"2dbe34367e935e2684b01124b0860d71"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa5f00ed95fd16b8d894989f7ad491ba.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: 9Qoji1saxMwUg7sjx55OgmUn-k1oDFpk3f00NMeqhmTrfXeIciz7xQ==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7SA82whtq1P2NmtGfrPPqEkHyzS5xcpG8ONlgZBekwhoSlwXnzfyUVcaWy3Qa3P%2B0WpnoYhuH8V69tqpuxDzwWmUP25QVl2sIKpx0r3sanieCvpoZP7J3ODadS6URgDy1FADoXrpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007088d23c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
static.hotjar.com/c/hotjar-2895475.js?sv=6
143.204.55.54200 OK 0 B URL HTTP/2 static.hotjar.com/c/hotjar-2895475.js?sv=6
IP 143.204.55.54:0
GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 17 Jan 2023 23:18:08 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ca40e314382246365dfb77a3d72171d9
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TiOdXHY7WZa6zQT1DChI2o6EeO3VatRQIggCCYY-kYtklJ9TnCCMrQ==
age: 48
X-Firefox-Spdy: h2
kit.fontawesome.com/f7165dd215.js
104.18.22.52200 OK 0 B URL HTTP/2 kit.fontawesome.com/f7165dd215.js
IP 104.18.22.52:0
GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fzrl33UjBR4Ky8yId-fh
cf-cache-status: HIT
age: 46
server: cloudflare
cf-ray: 78b2d0065ffcb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2