Report - knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz

Report Overview

Submitted URL
knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz
IP
162.241.149.217
ASN
#46606 UNIFIEDLAYER-AS-1
Submitted
2023-01-17 23:19:09
Access
Website Title
Final URL
Tags
dhl logistics phishing
urlquery detections
Phishing - DHL

Detections

urlquery
11
Network Intrusion Detection
1
Threat Detection Systems
18

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
csmetrics.hotjar.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	445 B	126 B	52.210.228.197
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	118 kB	35.241.9.150
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	840 B	12 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	391 B	34.117.237.239
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	399 B	7.9 kB	104.16.87.20
ka-f.fontawesome.com	3598	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.3 kB	180 kB	172.64.169.22
static.hotjar.com	641	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	632 B	143.204.55.54
knowlzcomp.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	15 kB	2.2 MB	162.241.149.217
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.4 kB	2.7 kB	93.184.220.29
shavar.services.mozilla.com	3602	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	453 B	204 B	35.82.234.231
killbot.org	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	451 B	50 kB	104.21.11.160
cdn.lr-in.com	13237	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	362 B	166 kB	104.21.234.144
kit.fontawesome.com	1868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	651 B	104.18.22.52
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.0 kB	8.0 kB	23.33.119.27
getpocket.cdn.mozilla.net	1369	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	435 B	42 kB	34.120.5.221
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.216.206.159
firefox-settings-attachments.cdn.mozilla.net	11509	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	412 B	808 kB	34.111.73.144
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	61 kB	34.120.237.76
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	509 B	78 kB	104.17.25.14
ws-mt1.pusher.com	8253	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	529 B	186 B	34.199.40.30
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	350 B	1.0 kB	143.204.42.158
detectportal.firefox.com	1601	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	428 B	34.107.221.82

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Timestamp	Severity	Source IP	Destination IP	Alert
2023-01-17 23:18:53	high	162.241.149.217	Client IP	ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed
2023-01-17	medium	knowlzcomp.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (11)

	URL	Size	First Seen	Last Seen
	static.hotjar.com/c/hotjar-2895475.js?sv=6	9.4 kB	2023-03-13	2023-03-13
Pretty URL static.hotjar.com/c/hotjar-2895475.js?sv=6 IP 143.204.55.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:46:40 Last Seen2023-03-13 01:46:43 Times Seen1 Hash ca40e314382246365dfb77a3d72171d9 e3037504c40000f75de63ba4ed38bcaecca63c92 fafabc655ebede449005f868c17c17e2a150719963f39e4a82f163a0d3ff679b Loading...

	cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js	2.7 kB	2023-03-07	2024-04-06
Pretty URL cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js IP 104.16.87.20 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:54:49 Last Seen2024-04-06 06:20:41 Times Seen447 Hash a652ab92584024571b6ea0f3255eb380 9266ee9ab680b63d7205d6bc65b9767513d162a5 a8831773f69697c641e349c519d162ad5afe58cc583703d96f98a79d29087ef1 Loading...

	kit.fontawesome.com/f7165dd215.js	11 kB	2023-03-08	2023-03-18
Pretty URL kit.fontawesome.com/f7165dd215.js IP 104.18.22.52 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:24:23 Last Seen2023-03-18 03:33:30 Times Seen1 Hash e5056bb4f9e1612bdf780e2ffb0f97a5 c471728fa07baccc5201a31687c0e745d933554c da3060b6585615d3c5886f83d756e8c61eb6de3520b8868bd986261b800f9314 Loading...

	knowlzcomp.com/public/js/session-recorder.js	45 kB	2023-03-07	2024-04-17
Pretty URL knowlzcomp.com/public/js/session-recorder.js IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:20:33 Last Seen2024-04-17 08:04:36 Times Seen21730 Hash 701984b4995f3c29820e83c999b7eb23 a3b50104a3bfa05bf59a317273816c7d8ae1f81d 67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee Loading...

	knowlzcomp.com/public/js/app.js	1.6 MB	2023-03-07	2024-04-17
Pretty URL knowlzcomp.com/public/js/app.js IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:06:51 Last Seen2024-04-17 08:04:36 Times Seen13729 Hash fd900f643203761f2eeca2132fc15f1d 375f23ca9ad75b647373bda03b02e2d0f6e729be 399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68 Loading...

	knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV	391 B	2023-03-07	2024-03-14
Pretty URL knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 15:24:49 Last Seen2024-03-14 09:22:15 Times Seen2262 Hash 80de9b2b722e432581322cc3c51a88f1 48ea5d8c88c33cece64863a14ba87f02f8094436 de4565f7ec2b50b5adfee37223556a4c0cb911cb4fa1057942646ee83e51051e Loading...

	knowlzcomp.com/public/	214 B	2023-03-08	2023-07-31
Pretty URL knowlzcomp.com/public/ IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:30:36 Last Seen2023-07-31 16:36:07 Times Seen183 Hash f78670a83fe6d73e2bb5491143b824e8 5c5334c46bc30c023ae97139bb51855155d3fb33 0e3cf2f662457b247bb427e42328bb76d8c70b45df152cf3e27dd750af2cf3fd Loading...

	knowlzcomp.com/public/	135 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/ IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:46:43 Last Seen2023-03-13 01:46:43 Times Seen1 Hash 201c15e83a4532001956561c972f4bac fde9c59e7a9f9797e04631ae47fc5ba95bb2c6f2 fb6925a54c508070e7a3c6bf90a1e51af04b03b1a0c1efd320badf4125d00294 Loading...

	knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV	551 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:46:43 Last Seen2023-03-13 01:46:43 Times Seen1 Hash ba1996e0677435e24039eaf101241cd3 c9bb69b4a105bb8190e05fbec78c313bbf4c61a3 0d027915d37c7e02b4fa2a501d968b28dc8eefb6f65644de58b7eb150dc59a52 Loading...

	cdn.lr-in.com/logger-1.min.js	820 kB	2023-03-13	2023-03-13
Pretty URL cdn.lr-in.com/logger-1.min.js IP 104.21.234.144 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:44:35 Last Seen2023-03-13 01:47:40 Times Seen1 Hash b36db43348acf5106c47b1fd674e61ee c9b05d2e199f3c06da23165c487a8cb72033f1ba fca9915d072c095e09e66a89345592c175d296e0c89795f9b825ed208c7c20ec Loading...

	knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV	499 B	2023-03-13	2023-03-13
Pretty URL knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV IP 162.241.149.217 ASN #46606 UNIFIEDLAYER-AS-1 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 01:46:43 Last Seen2023-03-13 01:46:43 Times Seen1 Hash d1243c946abe10cf7bf47c7ae34260a0 df39e6abc28ffe709067eb3e7dce6965d3be6c4c 4b83fbfa3b23a5ae7d69ab66a639cf802ccb63a73f5046d30cf3ee1ba537aad8 Loading...

HTTP Transactions (68)

URL IP Response Size

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 17 Jan 2023 16:32:38 GMT
Age: 24372
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
648bf42163c5d645d8a33cd0a9afebd0
9b9ac85435c4e90647e8379bca54c689058a8929
060757fb4857858d4d01a715824ea6771d0137e73a24bf75e2844d0f346380fa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "060757FB4857858D4D01A715824EA6771D0137E73A24BF75E2844D0F346380FA"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Wed, 18 Jan 2023 02:39:25 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
afcb2f61e3333632c0f0fcb4ddc46332
aad59b1ab256b2516b3c6c0dfdc916057fb72a12
a12729d197b61e76557c1f791f0a777f99199b3af49713755d8c286c6fa9e419

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A12729D197B61E76557C1F791F0A777F99199B3AF49713755D8C286C6FA9E419"
Last-Modified: Tue, 17 Jan 2023 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8463
Expires: Wed, 18 Jan 2023 01:39:54 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d38f4bb41e1264b8a1e11ff0b1499d20
21c3e36bd908df43e0d49b747e270ec75cb882b0
3ff822eb56d2218ad6244fd013a82e0d27450ae21d47e08f1e3fdf4c82a8aad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FF822EB56D2218AD6244FD013A82E0D27450AE21D47E08F1E3FDF4C82A8AAD7"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14536
Expires: Wed, 18 Jan 2023 03:21:07 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive

knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz

162.241.149.217

302 Found

358 B

URL HTTP/1.1
knowlzcomp.com/public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
358 B (358 bytes)
Hash
9dc80158f2ead5a9752b15aa8136587f
b68726bd330824878fd1211cfd32ee65c505ae4b
aa3d4d4b0739d18f8b5bf46d25ae1688e32180aaf392bbd6bf10e4ba8f44fdaf

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /public/lGdJt6kY3QG40uj3gmN27r3Wv1i4wRSz HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
Date: Tue, 17 Jan 2023 23:18:49 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:49 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:49 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Location: http://knowlzcomp.com/public
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30

34.120.5.221

200 OK

42 kB

URL HTTP/2
getpocket.cdn.mozilla.net/v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30
IP
34.120.5.221:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size
42 kB (41727 bytes)
Hash
a84a83c4fdebf8a4317ca5657c99f108
a02139a3bed16468c51e27620e4dd4efd887c1de
7859c0d2508cd29a24a13fb0a311e21793782d9f599b715e87e5580170bf8fa2

HTTP Headers

GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1
Host: getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Hit from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: R0BnU9qcp-R9y9FQWDms5F3zi4xuAoVNbB31XY5MV9U4HfxVKNYX3w==
content-encoding: gzip
via: 1.1 73b60e9a9fd08eae9e034cedba707280.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 23:05:44 GMT
age: 871
content-type: application/json
content-length: 41727
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: sRCj2TFEiXWDsFOTnkKCOQYsvBGjdq4vc96KxKCl7HWUiD6kgfuc2WjbHr5e3Ji/Qev60KyAbFNdm+Pz+v9U7A==
x-amz-request-id: 3WH1R14WP7WAS28K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 23:00:24 GMT
age: 1107
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
bb0c8d0984a1f09a012961a54cda03c6
1a8ad450a0241554ee4fc7d02fac7b83529e60f6
eee3ca879a67cc25ea89cb83de9521eea1b82845705c3e82169d4787ecb7dd3a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EEE3CA879A67CC25EA89CB83DE9521EEA1B82845705C3E82169D4787ECB7DD3A"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13907
Expires: Wed, 18 Jan 2023 03:10:38 GMT
Date: Tue, 17 Jan 2023 23:18:51 GMT
Connection: keep-alive

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 17 Jan 2023 23:18:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:19 GMT
content-type: application/json
age: 2672
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

knowlzcomp.com/public

162.241.149.217

301 Moved Permanently

237 B

URL HTTP/1.1
knowlzcomp.com/public
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
237 B (237 bytes)
Hash
ae976f07e813b2f4322c1590c5c195a2
99aa649a5a8d79d13e9c66f1873611873f58c72d
734a7e56e68c7a61ed7bf920ec6c7095c6d340230d0fda5032414d8883b928ad

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /public HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:49 GMT
Server: Apache
Location: http://knowlzcomp.com/public/
Content-Length: 237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

detectportal.firefox.com/success.txt?ipv4

34.107.221.82

200 OK

8 B

URL HTTP/1.1
detectportal.firefox.com/success.txt?ipv4
IP
34.107.221.82:0
ASN
#15169 GOOGLE

File type
ASCII text
Size
8 B (8 bytes)
Hash
ae780585f49b94ce1444eb7d28906123
7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5

HTTP Headers

GET /success.txt?ipv4 HTTP/1.1
Host: detectportal.firefox.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Tue, 17 Jan 2023 16:32:38 GMT
Age: 24373
Content-Type: text/plain
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
11dc9d150eeb16db02d68bc0e7c63181
87a038b033de6fb347c3b0e5e9aeb56677072897
75ca7c4eb8492ccfb1af597dc70ad40a40a4cc97ec5e7dac919138c0c7746ad5

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4514
Cache-Control: max-age=157916
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:51 GMT
Etag: "63c6e115-1d7"
Expires: Thu, 19 Jan 2023 19:10:47 GMT
Last-Modified: Tue, 17 Jan 2023 17:55:33 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Expires, Pragma, Content-Type, Backoff, Last-Modified, Cache-Control, ETag
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 17 Jan 2023 22:48:57 GMT
age: 1795
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2

35.82.234.231

200 OK

8 B

URL HTTP/1.1
shavar.services.mozilla.com/downloads?client=Firefox&appver=96.0a&pver=2.2
IP
35.82.234.231:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
8 B (8 bytes)
Hash
29fc57841962e407cb50c1be60284bf7
ce968a77e2996da5eee8925182318f171ccdce47
ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b

HTTP Headers

POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1
Host: shavar.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/octet-stream
Date: Tue, 17 Jan 2023 23:18:52 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
8720730dce33d0026a1a354ac93d4a7d
ed5f086bc646a4d93d2344b19ff7821c96e44f7c
b2892fda88242fbc4d58dd1f3bb159ca02cbf98b77c57dde66fba98d183c0136

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4457
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Last-Modified: Tue, 17 Jan 2023 22:04:35 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

knowlzcomp.com/public/

162.241.149.217

200 OK

558 B

URL HTTP/1.1
knowlzcomp.com/public/
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text
Size
558 B (558 bytes)
Hash
94adf93572e23984379871174e166b36
96b3f5b354fbddd12354bdb2d584d8b12001c8fe
a155472ed9ec97cb00d2dc69041850e1c6df09eb8277002585e034ddc2d66387

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /public/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IktHZ1pPaVpyNlBkTnpZWHJEQnZoa1E9PSIsInZhbHVlIjoidGo5OFUxcXVibmRYRVIvTnNqVFZ6dVRscEVJWjFZNFYvMlpRTFUvZk8zMjhaR2FGMlhWeTBMYlVNdEtIMlNzbWl4TVpCbFR5YS9jNGxGcnA1L2dNVS9QNStnTFZ4aHlZREpYSHB2bWJadXU2eXpseXA0QWFzck5YUWlINk41b2IiLCJtYWMiOiI4MzJlNzgxY2Y1MTdhMTA1NDZhYzJhMjkxZGE2YWM4MDJjZDEwNmE1YjNkMWI0YTBkYTlhMTkzOTMxZDI2MzVhIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IkxwZHJwcnljMGl3RTQwQ0RydjhtZkE9PSIsInZhbHVlIjoicENSTjBWQzZyUTBucGs2bGZsOXAvd3ZhMWtmQS8xejI5VXN5eFc0YlAwNm5iZFRQNG5sWUt2cEZRMmpLcncyeTlOUlp6K0FWcWdENWFTVlhvQXpMUTNBSVZTZEZxVmEzTTFTa1U4ZlozWjExQ00wVWpiV290Y1pHSXA2K0V6VVEiLCJtYWMiOiI1NmZlY2JjMDQ5ODEzOGIyMTkwYzc3YzA2MGM1NTYxZmY1M2MzZGMwYmIwMWUwN2ZjOGQwZDIzNjdiMTNjZjhhIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:50 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:50 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:50 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
acceb71d5f69e5c2bfc4fdd1e2e66e5f
ae10094a4ddf886098dcbed9107629ac67445425
12fa3bca428be2a5693520f76115593ee654b8e98eaa952212a4da94d444b9ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=154425
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Etag: "63c6db40-117"
Expires: Thu, 19 Jan 2023 18:12:37 GMT
Last-Modified: Tue, 17 Jan 2023 17:30:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
acceb71d5f69e5c2bfc4fdd1e2e66e5f
ae10094a4ddf886098dcbed9107629ac67445425
12fa3bca428be2a5693520f76115593ee654b8e98eaa952212a4da94d444b9ea

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2517
Cache-Control: max-age=154425
Content-Type: application/ocsp-response
Date: Tue, 17 Jan 2023 23:18:52 GMT
Etag: "63c6db40-117"
Expires: Thu, 19 Jan 2023 18:12:37 GMT
Last-Modified: Tue, 17 Jan 2023 17:30:40 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

push.services.mozilla.com/

34.216.206.159

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.216.206.159:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 35HQ7x/URqfDTSaG2cPgXA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hEFXetmbRMwdBqIrUVbT+jP/WK8=

knowlzcomp.com/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/

162.241.149.217

301 Moved Permanently

269 B

URL HTTP/1.1
knowlzcomp.com/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
269 B (269 bytes)
Hash
2e6d1e9022bbb4821915869af93e9e12
9424afbc4e96fa42f43b6f4917db3711ad302329
44445b92884dc65cd3ef6b112ba16312bdc9f5e524122076b0b487103989709e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /GBbbQxZoaBXyhSrPMuejarvpRBOFWweV/ HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Date: Tue, 17 Jan 2023 23:18:50 GMT
Server: Apache
Location: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Content-Length: 269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1

firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22

35.241.9.150

200 OK

21 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (20973), with no line terminators
Size
21 kB (20973 bytes)
Hash
f4179d69e693279417fceb7d3d1104de
2962b1d455fae7708a434a1568c06089fb782e15
e4aa0b54d779fe6c535ed6d147dc3e4509eac6a0ea245fcc96ae9388af65998f

HTTP Headers

GET /v1/buckets/monitor/collections/changes/changeset?_expected=%221673991700316%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 20973
via: 1.1 google
date: Tue, 17 Jan 2023 22:42:03 GMT
age: 2209
last-modified: Tue, 17 Jan 2023 21:41:40 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22

35.241.9.150

200 OK

13 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (13016), with no line terminators
Size
13 kB (13016 bytes)
Hash
a32e722f0a6cfc53e45257e5119c3491
1a29d88c54b449466f13663eca07b97660e38daf
a2f30513add855e8c0be74bc18893abaf76c9ea2bc5e1d8dad838228a5c602de

HTTP Headers

GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1673980634436&_since=%221666204638208%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 13016
via: 1.1 google
date: Tue, 17 Jan 2023 22:49:05 GMT
age: 1787
last-modified: Tue, 17 Jan 2023 18:37:14 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
x-amz-id-2: FbAwVbXhPxzTUtdRjJ3qYt7LjV4iDqGD4Ct/coYIGt2w2itywF6kPjdNwGiIDof7agD1S+gEH//xH0mCy19H4Q==
x-amz-request-id: W2S9TX2ZNWKXBW3N
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 17 Jan 2023 22:56:27 GMT
age: 1345
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:19 GMT
content-type: application/json
age: 2673
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a174b27a541fddd78d791a7b4dd4d36a
13da2172906aee67225feb1edc29c01f0cfd440e
9c6419afdf05c083a19cb78ed632363c657e55b07e471a0e7c04f5cbb1571219

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C6419AFDF05C083A19CB78ED632363C657E55B07E471A0E7C04F5CBB1571219"
Last-Modified: Mon, 16 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7122
Expires: Wed, 18 Jan 2023 01:17:35 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive

cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js

104.16.87.20

200 OK

6.8 kB

URL HTTP/2
cdn.jsdelivr.net/gh/killbot-org/Killbot-JS@latest/dist/main.min.js
IP
104.16.87.20:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (2400)
Size
6.8 kB (6806 bytes)
Hash
51e44697183a9609af0abe3c4083eb7b
1aa723ac6b243916d17da821f8eb6155351a23d9
b4b2f05ab84ed9a590d536ec040647062191b541325a8bf14b14e6a07f68c22e

HTTP Headers

GET /gh/killbot-org/Killbot-JS@latest/dist/main.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:52 GMT
content-type: application/javascript; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"a7c-kmbumraAtj1yBda8Zbl2dRPRYqU"
x-served-by: cache-fra19138-FRA, cache-yyz4558-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
cf-cache-status: HIT
age: 1525
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JZEhGGOa5OqUNgJs9Tub%2BNvtJKW88hijfQMiPtztNGKQSTlam2m9UHcI1teEb6buK7I5Sev0DH7AEX2gboT0XjXF5eEQugd92smYy7FQk6linxZFEAD4Y7a1rg0sQjDqzpw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d001dd941c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2

firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin

34.111.73.144

200 OK

807 kB

URL HTTP/2
firefox-settings-attachments.cdn.mozilla.net/staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin
IP
34.111.73.144:0
ASN
#15169 GOOGLE

File type
data
Size
807 kB (807180 bytes)
Hash
914be443bdfbe8a1c3ded61e1c114bd6
4fe7c5ff83f6a29e6699f4cebc17550891504661
41b036d0c889509d547296b238027a063c313261ad52d5f7bb81922011791857

HTTP Headers

GET /staging/addons-bloomfilters/8038652a-6557-460a-858c-84f19a5a0987.bin HTTP/1.1
Host: firefox-settings-attachments.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: wjePtn4DAnNmuTkdcDkI94NmqTCeeBOL4sF+sgho/Ciznhx86pIPnXU6bfNiMkwTryCb+vofr2E=
x-amz-request-id: NKRGS5M85MVAFN2M
x-amz-version-id: K1ODzappZsD35qeu0OM5zvs_BP1eybj7
accept-ranges: bytes
server: AmazonS3
content-length: 807180
via: 1.1 google
date: Tue, 17 Jan 2023 12:42:00 GMT
age: 38213
last-modified: Tue, 10 Jan 2023 12:38:46 GMT
etag: "914be443bdfbe8a1c3ded61e1c114bd6"
content-type: application/octet-stream
cache-control: public,max-age=604800
alt-svc: clear
X-Firefox-Spdy: h2

knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV

162.241.149.217

200 OK

60 kB

URL HTTP/1.1
knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- assembler source text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (39884)
Size
60 kB (60029 bytes)
Hash
50bcdf0a4f9c3bf37ed0c5b8678bb6c5
d24e886b71ae0aca37bff5a73a491d93c3c0795f
9c0fed730eaa64c4693b1165551548ed9301d21f54c8682979e92ed99793a735

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

NIDS	Severity	Alert
suricata	high	ET EXPLOIT_KIT TDS Sutra - page redirecting to a SutraTDS

HTTP Headers

GET /public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://knowlzcomp.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImxNRzFIVlQrU1l2b2ZyVlAzU0lMVGc9PSIsInZhbHVlIjoiOWNrRTJaaUdzcWlXVG5FcnFLc1FLdnQ1QXdUZkcrRUVTU0czUU9TYy9YSmwvNnBnajFJMHVKOGhFaTR2VVNubFdiK2ZYVWVRMElDQ2JXYndOcEtnSkM3Y2Fvc3JEQWVYbXFkeHRnR2d1RWNqU1B2RXFWejdwaXROVGFOL0x0M00iLCJtYWMiOiI4ZGMzMjE0MjdjNjIxZWNiOTg2ODBiMmRjN2ZlMWViMzc2MTA5OGYxOGUzYjUzMzIyZTIzOWQ0NDAwMDVmMTZkIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InlkK0NPMFpURXlzbWRhb2VaU3hWQ3c9PSIsInZhbHVlIjoibGZwczJ1R25EckYvVHRQYk1GNkxkbUhCMk9ZWVpRSDdPWnFJMXhkNk1YYUo4eU9SWkZOdElQVjdRN05PK04xVzdLQmo3QjhSYUVxeDJiOUFJNW5BYm9kdWgzSVFqWWlDdzdMeU5XbG1EMVB2NnpzdXFqbWs1dkNETFpCdWNmOE0iLCJtYWMiOiI5YTBiZjgzZjIxMWFhY2Y2MDA1ODAzMzc5YjZmYjQ4ZTU2NTJiZjE0M2Q3ZmMwNWM5YjYwNTYyNjViNjY1N2JlIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:51 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; expires=Wed, 18-Jan-2023 01:18:51 GMT; Max-Age=7200; path=/; httponly; samesite=lax
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22

35.241.9.150

200 OK

54 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (53737), with no line terminators
Size
54 kB (53737 bytes)
Hash
ffd6f795ba120b7116af7b4a121381eb
7fd63272d67790e91a4b52b6b68b76ae5e9df4f0
f942eb8d904c087ea503fa7c0fc6e8e27cd7f06791231cb506edfda834c5b7da

HTTP Headers

GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1673984672079&_since=%221666483264567%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 53737
via: 1.1 google
date: Tue, 17 Jan 2023 22:49:05 GMT
age: 1788
last-modified: Tue, 17 Jan 2023 19:44:32 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh

104.21.11.160

401 Unauthorized

49 kB

URL HTTP/2
killbot.org/api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh
IP
104.21.11.160:0
ASN
#13335 CLOUDFLARENET

File type
JSON data\012- , ASCII text, with very long lines (48589)
Size
49 kB (48671 bytes)
Hash
0a0fc976aafb26a1778b3ecd8768e3f9
5adc920439ef07f017cffeca460b968843f2ae9f
aacc620dac24d6ce3e0cbee14c546e7f8c219350c143227d585b588b6cf0613c

HTTP Headers

GET /api/v2/whois?apikey=KACXfkKCpcbZJJlzB3D415S561r_pTsXlmE5Qt9SnpHoh HTTP/1.1
Host: killbot.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 401 Unauthorized
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-max-age: 86400
bug-bounty: Report to live chat :)
access-control-allow-origin: *
access-control-allow-methods: POST, GET
set-cookie: _killbot=lq0fa7ubaqimobn5qps3775ohen0oaub; expires=Wed, 18-Jan-2023 01:18:53 GMT; Max-Age=7200; path=/; SameSite=Lax; secure; HttpOnly
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BWt9EyuLuL6ZWKPBh89AxvnVRblO4wIS2i00ORnu5Ieb%2FPJrWH3YBq7GDDJdH6MI287iJVNWpv0pE6wb%2FhfJpCa1Rf%2FVbdYylNkbN12WXP%2BvXWh7a%2Fts83wpQLAT%2Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d006ed09b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.lr-in.com/logger-1.min.js

104.21.234.144

200 OK

165 kB

URL HTTP/2
cdn.lr-in.com/logger-1.min.js
IP
104.21.234.144:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (65536), with no line terminators
Size
165 kB (165054 bytes)
Hash
af0d4e2522cee3d80ae8ee90044766ff
0125c9f8bd721b6006443dd5e22024c4afddb800
724ebb8a2c06617ab261fa7275dd683be61e129914bb51248c4a6792b1caf269

HTTP Headers

GET /logger-1.min.js HTTP/1.1
Host: cdn.lr-in.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=14400
cross-origin-resource-policy: cross-origin
etag: W/"bc9af9b9c1e9dddc5b4d9dcc29140c1392ddcafa3509ecaaa26f00a87164bf09"
last-modified: Tue, 17 Jan 2023 22:13:10 GMT
strict-transport-security: max-age=31556926
x-served-by: cache-fra-eddf8230041-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1673993769.712900,VS0,VE1
vary: x-fh-requested-host, accept-encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 130
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FukRcA1k9qiSbCT6C%2ByYyXdvWWHDAVUyAu12O%2FRJ55LKN6kxbVUpnFTYuzXZ%2FkG%2BGUGdkg%2BZkj9M3G7pDWLl48UhH1VmxUYpkQYkbsyt%2FKI4l%2Bjb9R9gZ7fuDpOs2CT7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d006aecc889e-LHR
content-encoding: br
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7db9f11a1c6ab0117ed3dd1d36e3aecc
61a4de77803ce4ad730c21dd88b5b55a196f26d6
b52c568528f72c5653bad85a1f72fb22f43dcb5d96ad234ab2772a7f95ca6cc2

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B52C568528F72C5653BAD85A1F72FB22F43DCB5D96AD234AB2772A7F95CA6CC2"
Last-Modified: Tue, 17 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13896
Expires: Wed, 18 Jan 2023 03:10:29 GMT
Date: Tue, 17 Jan 2023 23:18:53 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg

34.120.237.76

200 OK

7.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.9 kB (7871 bytes)
Hash
8069887e5e81584380ef3f819bcfab6e
3794126935a3e08de469ea37d29cba7be412d408
934e0982c1d49f06c64f524698b93fb1abf3b8833785d633bad104d052dd3ef0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a6337c-ea71-4474-ba67-803997f0f17d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7871
x-amzn-requestid: 212d220f-c590-4c72-9508-e481cd5045ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A1UGmeoAMFzpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c714ee-273c8bb54acc0f2b6d12b567;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zGNahizGhnMhpQxlxsexepYOI7y_40It8BrZjAd041J8Ws-jBYL0Ng==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:12 GMT
age: 4781
etag: "3794126935a3e08de469ea37d29cba7be412d408"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22

35.241.9.150

200 OK

1.3 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1251), with no line terminators
Size
1.3 kB (1251 bytes)
Hash
a15652d2ad5a61b333b603a147df4087
f737222311cbc30f90aeacadea9f48e460710e74
c49c6ab42f400eab679ca2a696f76e8083c9ac8fa81f45716ec027a12d29fab9

HTTP Headers

GET /v1/buckets/main/collections/language-dictionaries/changeset?_expected=1673270322227&_since=%221569410800356%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1251
via: 1.1 google
date: Tue, 17 Jan 2023 22:34:22 GMT
age: 2671
last-modified: Mon, 16 Jan 2023 16:36:42 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.9 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.9 kB (8853 bytes)
Hash
3f112ea3865f38cbbcc8400b58320fa0
dacc584338546bf60f26b2a0bec48e9b584640dc
7feb3c0691f40354701d1cb0bf3c834d1eeead4a7297fac3afc0f4a7ca2c94cb

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1a78cd6d-1eab-47b0-b5c7-f2d1f91acc3a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8853
x-amzn-requestid: ff98ec33-294a-4a13-b064-3cd4744cd2b2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0LLKHPnIAMF0vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4bf14-233cbc6407c6b138144d7abb;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:05:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Sevdt3pkqowmWlcF5QHU2misel_RbAc1aAd9H-hU1mRw2xb3WF7-IQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 04:00:28 GMT
age: 69505
etag: "dacc584338546bf60f26b2a0bec48e9b584640dc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.7 kB (7741 bytes)
Hash
f491398239265c63ac162d47ab006ce6
c95e1bba76e910100e86f8abf789e5b5c1a2baa6
cdada2d9608e9d3f8e03cf9ced211550b6f7c8f7e0b5ee027a96f45af38523f1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F873f34de-bef8-46f1-9dc4-d277bf6c1c65.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7741
x-amzn-requestid: 9af04340-5be9-42b0-96be-0264661c6dae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6A6LEMtoAMFW_w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c7150d-2348c8846249175e74efc226;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:37:17 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: _7YOm38n8-T2LAL-cRA7R8KvEUBhXEM0dOXjOZ6HyPRNfMu6Z0Fh3g==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 22:17:05 GMT
age: 3708
etag: "c95e1bba76e910100e86f8abf789e5b5c1a2baa6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (13848 bytes)
Hash
8656702f08344d3a4658bc43a9074a1f
fba424e1d09cbdc839ca320458b51715dafbbccc
0b0ac963c377b07f843637348f3d7c41d2aca89540ab8c2b80ef5fbbf466fee8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe52164e3-afec-433e-87ab-adb17222f1cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 13848
x-amzn-requestid: 93bbdd19-aa04-49ec-858f-9fa1d6b736d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e6BKCGEtoAMFgsQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c71573-008911af44c3998d7b27b837;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 21:38:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: adtKl3gOcesaXNHcRbi71-1Wz6caEgtXrAvbhB9qhId7eJEkd7d7pQ==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 21:59:45 GMT
age: 4748
etag: "fba424e1d09cbdc839ca320458b51715dafbbccc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.7 kB (8697 bytes)
Hash
381020ef41e1bb778e6cee364695c2ff
f241897089655dd0535cd851f53e18be6a0c6ecb
7a9834c6ae61836742ae920ae26213d115911be7a1feee9baaadc986c1fc4e7f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0849835-6202-4dec-862f-f4aa0cd0ed30.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8697
x-amzn-requestid: 70c2ea6b-5bce-4628-bb4f-8394f2dcf2fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e4A_YGIXIAMFilg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c64862-7d0baeb43a306fb80926a527;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 07:04:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: eiBk-UwKhASmAgu78_GzSyWd5q2Pht2upQOckw9qilwq6ryXQUCjQg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 07:15:22 GMT
age: 57811
etag: "f241897089655dd0535cd851f53e18be6a0c6ecb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7361 bytes)
Hash
26fa7bd40b5c3a3b5a6f95e7fca843b9
d8064f74f1e40bf6be4ea8ab4e319db22026c462
3e7744acf3e7ace6931c28cb5a5d3d7a77d9b97855b864c5c774368f2d0719c1

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd03bc60-bcfc-42c6-a1a0-0631c979fdd4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7361
x-amzn-requestid: 54e3621a-ec24-4d56-85bf-84239fa7811e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e23ZvGtnIAMFivg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c5d2a4-7ce0e7924c03aeaa3ea684c3;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 22:41:40 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hamm4_4ud3QWXK2EeTcYUSN7ot6m-d-1z_NN29tSFYP25Itmz25jaA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 17 Jan 2023 14:16:01 GMT
age: 32572
etag: "d8064f74f1e40bf6be4ea8ab4e319db22026c462"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

knowlzcomp.com/public/css/app.css

162.241.149.217

200 OK

440 kB

URL HTTP/1.1
knowlzcomp.com/public/css/app.css
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text
Size
440 kB (439658 bytes)
Hash
181990cc2279e4cea65c9363fb37fee9
b85a7ba40043b0c48a034d8382629ef7ec6a1e24
36839348d4cd3d5ffcb15317bc5e8f32b77c644d0c6c0f8f19bdf216caf49293

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /public/css/app.css HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 439658
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258

35.241.9.150

200 OK

682 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size
682 B (682 bytes)
Hash
668f51f448163fe951f3449c028bfd40
8d624c9419b30c8be7f62724ccd6095f7c4794ef
f3feec2c60186018c18cfcd262d851e35223e8285139c96a89335bb473972395

HTTP Headers

GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 682
via: 1.1 google
date: Tue, 17 Jan 2023 22:26:24 GMT
age: 3149
last-modified: Fri, 13 Jan 2023 16:36:53 GMT
etag: "1673627813356"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215

172.64.169.22

200 OK

13 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (608)
Size
13 kB (12794 bytes)
Hash
e29b309adfe8e7429aa1d1df5ace7fb8
55d07d6f9843d1c7bcf0ed1947a225d72f08c35e
fc24a9446587cbfd55d1b46bb75559ce8f491d48f477e24bb73541975f258202

HTTP Headers

GET /releases/v6.2.1/css/free-v5-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"15e2713dff942747406520edde3fd0bf"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 93cfeed105500c4613cee2ee99f5f9a6.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: m25TERZ1Y2TCsANiEqs-iB20DUrbtuoSIZAIeWMCEJ2wIEDN0376HA==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3aD7mrZRxJHFJabaQdW8%2F9pPrm0alGRqJpSfIxFjcqpdysGSGmwjZASnucGYxC%2FmisGdBBlJEnPWWXlriSByaYZsLYNBwp29ZEh1mBWweB6i1wg%2FMDHKLFFhvf5EZ%2BssRdGMkCY9DQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b2d007089123c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

104.17.25.14

200 OK

77 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Size
77 kB (77160 bytes)
Hash
af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

HTTP Headers

GET /ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: https://cdnjs.cloudflare.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:54 GMT
content-type: application/octet-stream; charset=utf-8
content-length: 77160
access-control-allow-origin: *
cache-control: public, max-age=30672000
etag: "5eb03e5f-12d68"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 960962
expires: Sun, 07 Jan 2024 23:18:54 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z5nuAXi%2FWp%2BTgz6%2Bf4x7sciTG%2BH7KeL%2Fvp7xxFJawyknH2WmcVDU5bwS%2FjrK6fmFnftXK31%2BsLh6K6d1mxEGmQTqCxwgbbIRw6TlTfB2EtKiL9MLVHjGe2YgZqKKkkGsUTxoO0bF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 78b2d00bdc9cb512-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22

35.241.9.150

200 OK

934 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (934), with no line terminators
Size
934 B (934 bytes)
Hash
20b9199d0871aa8d1f02e09fc0de6a48
874015ed48e4ccc4d1d3dc4a979d50eaeb059d8c
07214176412ea5e83b5be84ca1d401061fac8b20275e2ee7da3189de2fdba7ed

HTTP Headers

GET /v1/buckets/main/collections/message-groups/changeset?_expected=1670425599656&_since=%221665698079854%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 934
via: 1.1 google
date: Tue, 17 Jan 2023 23:05:02 GMT
age: 832
last-modified: Fri, 13 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22

35.241.9.150

200 OK

2.1 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (2053), with no line terminators
Size
2.1 kB (2053 bytes)
Hash
c9dfad8fb4f66de06991e6a07810fd81
f52da6b70dcdbc23965b701d5814910db2b352f4
809ef846c4956a8fce795fe871cb2d6c5ab2746c1fc3c76c4cd182e4cbf3aded

HTTP Headers

GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1673517253376&_since=%221657747510534%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 2053
via: 1.1 google
date: Tue, 17 Jan 2023 23:06:14 GMT
age: 760
last-modified: Thu, 12 Jan 2023 09:54:13 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215

172.64.169.22

200 OK

11 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (27377)
Size
11 kB (10941 bytes)
Hash
ed6de11d667416f2ddf4c52e179020b3
4ec6ee6fa6c9d1182745030e7648c537bb2f2124
e18a28095fe2ce2db6d907550c14f756b97ca096333a833aebf97a3f45fc5510

HTTP Headers

GET /releases/v6.2.1/css/free-v4-shims.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"0d00741459c51dd7330d97cd19326a7b"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 674e965f3d2af64c7723a159d4fcb6b4.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR52-C1
x-amz-cf-id: rsrE7TBHG-xrmPLHTm-2ew9crm8VymDmKQzYmVZUxJwUPtK3OAq6lA==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t%2BpFto%2FUktYiHuLOGpL%2Br%2BLw9pa8xW53CjGs1YoWF%2BZfz%2BeaGTNNGFDxzbdQOreC1Ld6VXK%2FUdI8ZRV3GQmkkCW62VoIi7%2FWS5%2BZwv6zUQIWpjjI3%2FLu5koTABvzUlIqNF%2BMb%2FvEvw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007088f23c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22

35.241.9.150

200 OK

1.5 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (1506), with no line terminators
Size
1.5 kB (1506 bytes)
Hash
04e8681bd37cd9936118efcc4f31393e
c4fc04440eaabf9fd6cbb8fa329e3613c20f4af9
c30333d7ffeb2568b19b0574dfe60261a7fe5920b8cf8f3309928638dad4007c

HTTP Headers

GET /v1/buckets/main/collections/cfr/changeset?_expected=1666894461944&_since=%221659547595259%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 1506
via: 1.1 google
date: Tue, 17 Jan 2023 23:08:23 GMT
age: 631
last-modified: Wed, 11 Jan 2023 16:36:47 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22

35.241.9.150

200 OK

15 kB

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (15184), with no line terminators
Size
15 kB (15184 bytes)
Hash
916d3ce5150a0223e7fa70a174231ae0
885d48d877af9ff31a0af142664d9716f25e816a
8e75c22521885eeab98b4cd6aae8bc2ebff94e3e5c45b4e8a0c6869e376a7e93

HTTP Headers

GET /v1/buckets/main/collections/search-config/changeset?_expected=1672778333687&_since=%221661199949574%22 HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 15184
via: 1.1 google
date: Tue, 17 Jan 2023 22:35:27 GMT
age: 2607
last-modified: Wed, 11 Jan 2023 16:36:44 GMT
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80

162.241.149.217

404 Not Found

6.6 kB

URL HTTP/1.1
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?1551f4f60c37af51121f106501f69b80 HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2

162.241.149.217

404 Not Found

6.6 kB

URL HTTP/1.1
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff?eeccf4f66002c6f2ba24d3d22f2434c2 HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

knowlzcomp.com/public/js/session-recorder.js

162.241.149.217

200 OK

45 kB

URL HTTP/1.1
knowlzcomp.com/public/js/session-recorder.js
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
ASCII text, with very long lines (44992)
Size
45 kB (45066 bytes)
Hash
701984b4995f3c29820e83c999b7eb23
a3b50104a3bfa05bf59a317273816c7d8ae1f81d
67ad94e12a745b1b09c6cd616e20a2ad283ed68f8060bd1dd0d9a2b6ad9dc7ee

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /public/js/session-recorder.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:52 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 45066
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript

knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f

162.241.149.217

404 Not Found

6.6 kB

URL HTTP/1.1
knowlzcomp.com/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.ttf?be9ee23c0c6390141475d519c2c5fb8f HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:53 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2

172.64.169.22

200 OK

150 kB

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/webfonts/free-fa-solid-900.woff2
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type
Web Open Font Format (Version 2), TrueType, length 150500, version 770.768\012- data
Size
150 kB (150500 bytes)
Hash
69a76555beae5c43a59559396c1aeb54
7d2759002c67a66fc38a72dd0e395e2da3d41474
1494e2691e1c13a3f35cbc3e1b56c5187c10ffe220d1fdc58d99494a666244d4

HTTP Headers

GET /releases/v6.2.1/webfonts/free-fa-solid-900.woff2 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:54 GMT
content-type: font/woff2
content-length: 150500
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:15:23 GMT
etag: "69a76555beae5c43a59559396c1aeb54"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
x-cache: Hit from cloudfront
via: 1.1 0dd1077162fbc5ae77bb4c494a180158.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: sMpd5AGW3bHlmxNQiIPGFpoMX2u7OQFd9VkO6hpjhbjRN2IYqk4Kxg==
age: 94571
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f2oV6ACbMMMjxrVc5JolBGFQC5aDpTQONumKMjwmYDxecPNHqU%2F9Ev0iCPqUBCClOP%2Fi7FiyyCcWT9FDgFKjeognttZ9HJvPiisko4%2FR4btgFU%2Bjvl6Sd27REpkbUGaSWzNMJSLW3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 78b2d0115dc323c9-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

knowlzcomp.com/public/js/app.js

162.241.149.217

200 OK

1.6 MB

URL HTTP/1.1
knowlzcomp.com/public/js/app.js
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
Unicode text, UTF-8 text
Size
1.6 MB (1613806 bytes)
Hash
fd900f643203761f2eeca2132fc15f1d
375f23ca9ad75b647373bda03b02e2d0f6e729be
399e233cea4e5468820e5c5f98ddbb156de729983710cf576a6508f076326c68

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /public/js/app.js HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:51 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 1613806
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false

34.199.40.30

101 Switching Protocols

0 B

URL HTTP/1.1
ws-mt1.pusher.com/app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false
IP
34.199.40.30:0
ASN
#14618 AMAZON-AES

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1
Host: ws-mt1.pusher.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://knowlzcomp.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: AfJy2QJlVlQG3f9wzQp3dg==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Date: Tue, 17 Jan 2023 23:18:56 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: N3DXwKlbPyiqSQRsE0ceDJzooxc=

knowlzcomp.com/images/favicon.gif

162.241.149.217

200 OK

2.2 kB

URL HTTP/1.1
knowlzcomp.com/images/favicon.gif
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size
2.2 kB (2238 bytes)
Hash
a6f1af8e79a11829ba9a66474b06bb97
d99e3ec7747c865033a8dfad43c9f49634404bc1
b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL
quad9	Sinkholed

HTTP Headers

GET /images/favicon.gif HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://knowlzcomp.com/public/GBbbQxZoaBXyhSrPMuejarvpRBOFWweV
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-362a805e-5606-48a4-8be5-658962ba9fbb%22%2C%22lastActivity%22:1673997535886}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997535887}; _lr_uf_-mnnzup=dcb4b281-8526-4a4e-b5a5-24b5ee20cdbd

HTTP/1.1 200 OK
Date: Tue, 17 Jan 2023 23:18:54 GMT
Server: Apache
Last-Modified: Wed, 03 Aug 2022 20:29:04 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif

ocsp.sca1b.amazontrust.com/

143.204.42.158

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.158:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
01217c49b49001928970f50dcaf57dab
91db90c37af80758cf300a155bd0999f51115eb7
c627e6f46122f492cf84c90d4ca822736480887ec0d48fd4ab9c646a20b30ba6

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=147374
Date: Tue, 17 Jan 2023 23:18:56 GMT
Etag: "63c6bdde-1d7"
Expires: Thu, 19 Jan 2023 16:15:10 GMT
Last-Modified: Tue, 17 Jan 2023 15:25:18 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: adWIb20RHnF_i2wzaRYoAirXTE-5Fje77aX0posuDRLoyyyGSIAvWA==
Age: 2992

csmetrics.hotjar.com/

52.210.228.197

204 No Content

0 B

URL HTTP/2
csmetrics.hotjar.com/
IP
52.210.228.197:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

POST / HTTP/1.1
Host: csmetrics.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 81
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 204 No Content
date: Tue, 17 Jan 2023 23:18:56 GMT
vary: Origin
access-control-allow-origin: *
X-Firefox-Spdy: h2

knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b

162.241.149.217

404 Not Found

6.6 kB

URL HTTP/1.1
knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /fonts/vendor/@fontsource/roboto/files/roboto-latin-400-normal.woff2?4673b4537a84c7f7a130799aa6af329b HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D

HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c

162.241.149.217

404 Not Found

6.6 kB

URL HTTP/1.1
knowlzcomp.com/fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c
IP
162.241.149.217:0
ASN
#46606 UNIFIEDLAYER-AS-1

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5395)
Size
6.6 kB (6609 bytes)
Hash
307dca9c775906b8de45869cabe98fcd
2b80c3a2fd4a235b2cc9f89315a554d0721c0dd1
8437bd0ef46a19c9a7c294c53e0429b40e76ebbd5fe9fd73a9025752495ddb1c

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - DHL

HTTP Headers

GET /fonts/vendor/@fontsource/roboto/files/roboto-all-400-normal.woff?376ea5d93f71583052f65de4e0c6a92c HTTP/1.1
Host: knowlzcomp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://knowlzcomp.com/public/css/app.css
Cookie: XSRF-TOKEN=eyJpdiI6InlNR2cySEpiOXI4amw1Zm9nZkgrM3c9PSIsInZhbHVlIjoia0t0d1Zjd2pTT1g0WjBMRVd3UVhrQ29hdFVsblExOEdJMDUyVTZRRHpDc0MyYzE5azlhQzBoUlRLd1pXT1JvaWhReGZDbDliU0hYcjhyL2FQaE9zSGJNVE9PVStRdk1aODNBajFqTW5LeDZIS1oycVJVMnREWUZsMDVpcXk0ZlYiLCJtYWMiOiJlOWZhYzlmNGU1Yjg5NjM4OGU5NDExMGNkZTA0NzEyZmFlYzdlZWJjOGY5NTc0YWYzMzk4ZGI5ZjU0Y2M2NWMzIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InF5a01LTC9ubTltTk9YSGsyM2lGdlE9PSIsInZhbHVlIjoiYkR4Kzc5ZlpqTGxFQ0kzSnJVR0Y0WWF2WGMxaERVc1Zoa2hIY0QxQTRYdWdCVkJOWU9JRTB5REU0YmNiS0ZKanZOQmRPTXNjdVk0VGdLTjEwY3JhZTRTckdPUmsxblRERUN4M2V3Vm0ySXUzM21wTnppNWZnanVGMHcyRXVNUzEiLCJtYWMiOiI4ZjQ3NzNhZWYxNmVlMTQ1MWY2N2ZiMWZkZmY2ZGQzZmE4ZjA2ZWMwZWY3ZTIyY2Y0ZGUwMzE0OTEwNTc1MjFiIiwidGFnIjoiIn0%3D; _lr_tabs_-mnnzup%2Fdus={%22sessionID%22:0%2C%22recordingID%22:%225-362a805e-5606-48a4-8be5-658962ba9fbb%22%2C%22lastActivity%22:1673997535886}; _lr_hb_-mnnzup%2Fdus={%22heartbeat%22:1673997535887}; _lr_uf_-mnnzup=dcb4b281-8526-4a4e-b5a5-24b5ee20cdbd

HTTP/1.1 404 Not Found
Date: Tue, 17 Jan 2023 23:18:56 GMT
Server: Apache
Cache-Control: no-cache, private
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.2.1/css/free-v4-font-face.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:07 GMT
etag: W/"075b2106ba08d32bc88fff3724503b1e"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 81bc7853cdca941dddd27cd956741044.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: OEQdsl69hvVlMYCZDgqbrWUegoLPqj9Ml61PpzFfmt6hrszyQ30Xug==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nItgPFUfufV6tlTu1iTkM14XdTqq8hBLgikUXiOcllcewDPUSNuX%2BPmecbgGIFaYVlRj9awdCyk7HFEo3AvF%2B%2F3KqEK1IbauMWs795JcrkM1SIo7iPXHL8WWVHy2OLktsyZLO0XCoQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007089223c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=f7165dd215

172.64.169.22

200 OK

0 B

URL HTTP/2
ka-f.fontawesome.com/releases/v6.2.1/css/free.min.css?token=f7165dd215
IP
172.64.169.22:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /releases/v6.2.1/css/free.min.css?token=f7165dd215 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://knowlzcomp.com/
Origin: http://knowlzcomp.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Mon, 14 Nov 2022 15:06:08 GMT
etag: W/"2dbe34367e935e2684b01124b0860d71"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 aa5f00ed95fd16b8d894989f7ad491ba.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR61-P1
x-amz-cf-id: 9Qoji1saxMwUg7sjx55OgmUn-k1oDFpk3f00NMeqhmTrfXeIciz7xQ==
age: 93297
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n7SA82whtq1P2NmtGfrPPqEkHyzS5xcpG8ONlgZBekwhoSlwXnzfyUVcaWy3Qa3P%2B0WpnoYhuH8V69tqpuxDzwWmUP25QVl2sIKpx0r3sanieCvpoZP7J3ODadS6URgDy1FADoXrpg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78b2d007088d23c9-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

static.hotjar.com/c/hotjar-2895475.js?sv=6

143.204.55.54

200 OK

0 B

URL HTTP/2
static.hotjar.com/c/hotjar-2895475.js?sv=6
IP
143.204.55.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /c/hotjar-2895475.js?sv=6 HTTP/1.1
Host: static.hotjar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 17 Jan 2023 23:18:08 GMT
access-control-allow-origin: *
cache-control: max-age=60
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: W/ca40e314382246365dfb77a3d72171d9
strict-transport-security: max-age=2592000; includeSubDomains
x-cache-hit: 1
x-content-type-options: nosniff
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: TiOdXHY7WZa6zQT1DChI2o6EeO3VatRQIggCCYY-kYtklJ9TnCCMrQ==
age: 48
X-Firefox-Spdy: h2

kit.fontawesome.com/f7165dd215.js

104.18.22.52

200 OK

0 B

URL HTTP/2
kit.fontawesome.com/f7165dd215.js
IP
104.18.22.52:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /f7165dd215.js HTTP/1.1
Host: kit.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://knowlzcomp.com
Connection: keep-alive
Referer: http://knowlzcomp.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 17 Jan 2023 23:18:53 GMT
content-type: text/javascript
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 3000
cache-control: max-age=60, public, must-revalidate
strict-transport-security: max-age=31536000; preload
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
x-request-id: Fzrl33UjBR4Ky8yId-fh
cf-cache-status: HIT
age: 46
server: cloudflare
cf-ray: 78b2d0065ffcb4f7-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML