firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 18 Sep 2022 13:12:09 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5WDYw2DedbzCM688YKbaUZGaUYrpXFlRxmSNqvspWlAF3SKys9pf7g==
Age: 1166
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash adb43321efa5cd1662993b701ff25fa4
1299dcea7e9c59d9f22f39d69025484fe71098c1
2c25a6717245be3746f1412af9dd1c351e12dbb93e8e08c3ddcdacf35e419514
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2C25A6717245BE3746F1412AF9DD1C351E12DBB93E8E08C3DDCDACF35E419514"
Last-Modified: Sun, 18 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8758
Expires: Sun, 18 Sep 2022 15:57:33 GMT
Date: Sun, 18 Sep 2022 13:31:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.25200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.25:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sun, 18 Sep 2022 03:30:43 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4QsvAp-FGTN_FmSS-UnuxNZawk5x08ZR_rw-699LnhhWmHsjyjCQZw==
age: 36052
X-Firefox-Spdy: h2
10u58r.click/1809/a7/Mac7370
162.0.235.152301 Moved Permanently 707 B URL HTTP/1.1 10u58r.click/1809/a7/Mac7370
IP 162.0.235.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 1304294c0823ca486542ba408ed761e3
b2a70fb2d810ca13985882e6981f33998823e83e
3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982
Analyzer Verdict Alert fortinet Malware
GET /1809/a7/Mac7370 HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
keep-alive: timeout=5, max=100
content-type: text/html
content-length: 707
date: Sun, 18 Sep 2022 13:31:35 GMT
server: LiteSpeed
location: https://10u58r.click/1809/a7/Mac7370
x-turbo-charged-by: LiteSpeed
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 18 Sep 2022 13:31:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Sun, 18 Sep 2022 13:03:22 GMT
Cache-Control: max-age=3600
Expires: Sun, 18 Sep 2022 13:06:50 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ONZQQ_LLsUj19Jh3VrFYLIDRn14p1UVJh-SG0Q_EHIJzXQAwgh_uZg==
Age: 1694
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5fd1174f35b25298fc44a6de1af3f3d6
d45a47995ec34c7df480b3efafb13f55d9df7eb8
f60573eff255ef3d7603ca813f410c30588931b4018ffa0e07fa0bb2653c47af
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5694
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:36 GMT
Last-Modified: Sun, 18 Sep 2022 11:56:43 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 796bc46893e93c3120f870d72deabcd5
e41312287128e371fc172cf8f76b42cad0855594
160572c40d1d6cd594368955d54d66c7b8ef2bf5e1a1c698d0a9f9027b1ef0e3
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 13:31:36 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sun, 18 Sep 2022 11:03:17 GMT
Expires: Sun, 25 Sep 2022 11:03:16 GMT
Etag: "e41312287128e371fc172cf8f76b42cad0855594"
Cache-Control: max-age=595299,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 74ca715ffc540b02-OSL
push.services.mozilla.com/
52.41.252.32101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.252.32:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XJz1iQd8NUXap4PpQ6TUUg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: j00EowgEhplI4DVyCE3qcdoG1vI=
cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
104.17.25.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/2.1.3/jquery.min.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (32180)
Hash b1e4b2a99336201b37fb8cea5d57abb9
d57980f0d0eaaf57ec33ddc9ed027274cfa86027
c805bfd991983f57b5b7878b998f7529e9b7e2df4bc2d39ba493934e23ba3f8a
GET /ajax/libs/jquery/2.1.3/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 13:31:36 GMT
content-type: application/javascript; charset=utf-8
content-length: 26660
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-14983"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 8954684
expires: Fri, 08 Sep 2023 13:31:36 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cu5fV0Oi0HzcttoEtEc%2F1J9RUFyGrieOSCJFCZyFilkTf9aLX76qDSPE2FIt%2BObGRzU%2BOJv5Djfs4CMvikU%2FR2obReSnadOwU9faO1CPgPYIyyDt90gAqTbu9bQLVliOChT1lzOw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 74ca71642b33b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6096
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:36 GMT
Last-Modified: Sun, 18 Sep 2022 11:50:00 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
151.101.85.229200 OK 24 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/css/bootstrap.min.css
IP 151.101.85.229:0
File type ASCII text, with very long lines (65326)
Hash 849f3e827da80e4e4c6a8c49689f057d
035d81aaaf6da3ffa5ce241179a9e14d533e7a3b
9546dbb82c3facf833e4adb713ce7e57a34dd53f6b55697ef1e1877bdbd8bb73
GET /npm/bootstrap@4.6.0/dist/css/bootstrap.min.css HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://10u58r.click
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"27681-LKxK/BIJg5IUESlr1Oj9ipS6I34"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 13:31:36 GMT
age: 543057
x-served-by: cache-fra19142-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 24100
X-Firefox-Spdy: h2
10u58r.click/1809/a7/Mac7370
162.0.235.152200 OK 38 kB URL HTTP/2 10u58r.click/1809/a7/Mac7370
IP 162.0.235.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (304)
Hash 0fba89e729745b8727560c87231d73f8
a33ed8d95a9584178140f212cbacb2fc21889879
d3a6aaf9dc3b4d9cd4f92e11739658bca21109bf581eee42b799bc6b6eee3705
Analyzer Verdict Alert fortinet Malware
GET /1809/a7/Mac7370 HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 38306
date: Sun, 18 Sep 2022 13:31:36 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 0f56e456a8c9497fa89700552180651a
f586a3cccefc6405c939b2200b262789cc0dcca9
ce24862f8b543404faed30383e3af845bd1ecd45ba200060c21b8626861c777c
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 18 Sep 2022 13:31:37 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "F7322AC9F1F245477F7533E2FE6B164B4B6B3044"
Expires: Mon, 19 Sep 2022 00:00:00 GMT
Last-Modified: Sun, 18 Sep 2022 12:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 3342
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74ca716468abb500-OSL
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash da34e7dbb83f8ad463433a0448ffa6c3
dd822bad8f78a7072af79140293d1d622b6bb10c
e32749aefa9671ac13c2ebf45eaabb0fbabf363b07478edd0c2ffe13d2f91133
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6097
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:37 GMT
Last-Modified: Sun, 18 Sep 2022 11:50:00 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
151.101.85.229200 OK 22 kB URL HTTP/2 cdn.jsdelivr.net/npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (65299)
Hash a5cbb97cf034dd181106adecdafe3035
5fca1af6c76dd3e609f7f92841e564df1281927a
5ae018daf5df2cd903f80162efbaa3e138e0ed47ff90a315f2e2c497dc88a890
GET /npm/bootstrap@4.6.0/dist/js/bootstrap.bundle.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://10u58r.click
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 4.6.0
x-jsd-version-type: version
etag: W/"1499a-rsVR5NVzRjCI/KfRT7ZE6zifGDk"
content-encoding: gzip
accept-ranges: bytes
date: Sun, 18 Sep 2022 13:31:37 GMT
age: 9196539
x-served-by: cache-fra19162-FRA, cache-bma1675-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 21830
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-140409011-1
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-140409011-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash a976fe7ccb7a734cf27267f3048a8cd4
058a83646712e3a33cb78ca226b00d2270d0a897
70a660dc034034b87e8ec9542dc8c3a12b19ddba24a27172d8ecc205eee70001
GET /gtag/js?id=UA-140409011-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 18 Sep 2022 13:31:37 GMT
expires: Sun, 18 Sep 2022 13:31:37 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43420
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 9b19d20af774aa4c4de18c09845d54b9
cd0d41b4957edf5b2f7f66df082b7d1010acceb8
067f454a8ba17fba5f10b67b6a594edd9d9775beb5fb87cb6c98ff462a9f2fe1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
10u58r.click/1809/a7/main.css
162.0.235.152200 OK 2.4 kB URL HTTP/2 10u58r.click/1809/a7/main.css
IP 162.0.235.152:0
Hash 2bfb050680eab752d1fc23b340dc2b54
673a1a6b4894030e89c393d7fe7fba41bc4aad50
a4be4a233e1d996033c1ead0a66736c16b171c8b47e73598d74a7ff516ff428f
GET /1809/a7/main.css HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: text/css
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 2429
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/minimize.jpeg
162.0.235.152200 OK 2.2 kB URL HTTP/2 10u58r.click/1809/a7/minimize.jpeg
IP 162.0.235.152:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 180x39, components 3\012- data
Hash 1ba392dce74f8987dca48bf65d817c8f
db0b8444c46125105b52f272bd422a7f52da1f72
a05245b6f7fd752af4a7b0131bbdfdf3eaee6c5a25a81cb498e0f0759189473c
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
fortinet Phishing
GET /1809/a7/minimize.jpeg HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/jpeg
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 2247
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/microsoft.png
162.0.235.152200 OK 1.0 kB URL HTTP/2 10u58r.click/1809/a7/microsoft.png
IP 162.0.235.152:0
File type PNG image data, 47 x 46, 8-bit/color RGBA, non-interlaced\012- data
Hash bf2b460590fbb9d8e9611a6e9006b816
561e1dab259d61e798b3ce380527b71b61074ff3
ee4bc5fe81fa7c1e8497d79c9c8a96485df217092d334e9b48fa8840fed11d03
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/microsoft.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 1045
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/setting.png
162.0.235.152200 OK 364 B URL HTTP/2 10u58r.click/1809/a7/setting.png
IP 162.0.235.152:0
File type PNG image data, 12 x 12, 8-bit/color RGB, non-interlaced\012- data
Hash e144c3378090087c8ce129a30cb6cb4e
59da5466551de941d0215e45c54aa2ceaf436be1
b13a03e0db893734298cbe203bf264407636ffe5dab0a141f83c492d0034dd6a
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/setting.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 364
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/virus-scan.png
162.0.235.152200 OK 26 kB URL HTTP/2 10u58r.click/1809/a7/virus-scan.png
IP 162.0.235.152:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 2c497dfff84bd8c5af9254c9d6278ce1
667e72e7ba6f00a54629e28133317022d4b59af6
b2dc4153ee7019c70a1095d5d1304d540e3bba045d99e141f63e5b13362e5a4e
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/virus-scan.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 25871
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/que.png
162.0.235.152200 OK 349 B URL HTTP/2 10u58r.click/1809/a7/que.png
IP 162.0.235.152:0
File type PNG image data, 13 x 13, 8-bit/color RGB, non-interlaced\012- data
Hash 7454c652e0733d92de6c920c2d646ae0
34a5bd8c7401f95e346895b0e5ccffbf0e9ad638
44f752b0bd2e48052d538bc6aca5379f3630ca64da945f794690ddf47e8eaef7
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/que.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 349
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/bell.png
162.0.235.152200 OK 1.1 kB URL HTTP/2 10u58r.click/1809/a7/bell.png
IP 162.0.235.152:0
File type PNG image data, 13 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash a3555871399f1f67bfacaf437974b03a
b6337de87cd7a75a73cd804774651d14c83fe76a
2e48fef820929c21295e13444901f60e3aed61ba6f8c773ff1466e6843e76b49
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/bell.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 1108
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/pc.png
162.0.235.152200 OK 4.9 kB URL HTTP/2 10u58r.click/1809/a7/pc.png
IP 162.0.235.152:0
File type PNG image data, 166 x 92, 8-bit/color RGBA, non-interlaced\012- data
Hash cc5132b56ba46b03dd998aa1fe220106
403e007a0b17d76a9945fa5ec46a9d01733b3040
598699133be5eef63e3b9b5540609ec0dc91d7af9c7f70a3b890e57491a70ae0
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/pc.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 4949
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/def.png
162.0.235.152200 OK 3.8 kB URL HTTP/2 10u58r.click/1809/a7/def.png
IP 162.0.235.152:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 77a2ffc5545f87551d74781201de9b3b
c9c3798afd2ae95aa3bba3c428335d49c8255b06
316e6a6737bd296ab30aca2ef7fa36f119d15786a2432d01e31fdc130272f15c
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/def.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 3834
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/fullscreen.js
162.0.235.152200 OK 237 B URL HTTP/2 10u58r.click/1809/a7/fullscreen.js
IP 162.0.235.152:0
Hash 424165d04aaac003395f964590e6cb2d
3d041931a170de8ee9981122e0ae44ed05bfc29b
f04b0a0a20f05bde21b16ad9e0ea1cef1ba49eaba5bf7eed03f3a8dd115240c8
Analyzer Verdict Alert fortinet Phishing
GET /1809/a7/fullscreen.js HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: application/javascript
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 237
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/light.js
162.0.235.152200 OK 200 B URL HTTP/2 10u58r.click/1809/a7/light.js
IP 162.0.235.152:0
Hash 3688916f59b81e54a7e2ff6f51354a50
19f0911664cc5351162afc86ba0189cbc293c0dc
efee0a83672fa30ccbba4313343d6f3e18e9e549fcf9a984516c212dc5ebb3ae
Analyzer Verdict Alert fortinet Phishing
GET /1809/a7/light.js HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: application/javascript
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 200
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/before.js
162.0.235.152200 OK 157 B URL HTTP/2 10u58r.click/1809/a7/before.js
IP 162.0.235.152:0
Hash 56672789f066c6bdc879d9f5b9a5e8f8
ff49e9231b624530ed891ddb158f375267b6e669
caffd547a184810b1284ea37b4e5f2f9877567a716daf27a3dc18951400dd186
Analyzer Verdict Alert fortinet Phishing
GET /1809/a7/before.js HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: application/javascript
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 157
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/main.js
162.0.235.152200 OK 315 B URL HTTP/2 10u58r.click/1809/a7/main.js
IP 162.0.235.152:0
Hash dde2bc1b979e4302602d56b79872bd20
8d2387b592b17d7048325a51099744fdfbcc82d3
c31d2f1e5fc1fa42c82aa7045c4a100c54887787fe550ada915ca9e185102054
Analyzer Verdict Alert fortinet Phishing
GET /1809/a7/main.js HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: application/javascript
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
content-length: 315
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/cross.png
162.0.235.152200 OK 44 kB URL HTTP/2 10u58r.click/1809/a7/cross.png
IP 162.0.235.152:0
File type PNG image data, 2080 x 2080, 8-bit/color RGBA, non-interlaced\012- data
Hash 4487a588bf2a07e3d1936d705c5ceefd
db193b3e2ab9fbee6eae99ced2366b1ef5f16971
3821ef20f5904fdb993e34d87ff8fb9c5786a382efb0eeee8b4f00c91428b701
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
GET /1809/a7/cross.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 44098
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/virus-images.png
162.0.235.152200 OK 33 kB URL HTTP/2 10u58r.click/1809/a7/virus-images.png
IP 162.0.235.152:0
File type PNG image data, 200 x 191, 8-bit/color RGBA, non-interlaced\012- data
Hash 68c7d1836cf921e767b980e8ce6d845b
395fc474214809b1282fc589e4a8f0be81b16adc
870e9d768ba46521935ced4cee560acfbb4f12370e5476dc6a2a45f0141a8392
GET /1809/a7/virus-images.png HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/png
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 33366
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/1809/a7/0wa0rni0ng0.mp3
162.0.235.152206 Partial Content 8.4 kB URL HTTP/2 10u58r.click/1809/a7/0wa0rni0ng0.mp3
IP 162.0.235.152:0
File type Audio file with ID3 version 2.4.0, contains: MPEG ADTS, layer III, v1, 56 kbps, 44.1 kHz, Monaural\012- data
Hash 8618fbb0911e3b8fc96725dee8bfd81f
1bbcb78922946d0cf18fbf3a9e092e36453eb767
0589be7715d2320e559eae6bd26f3528e97450c70293da2e1e8ce45f77f99ab1
Analyzer Verdict Alert urlquery Scam / Fake AntiVirus
fortinet Phishing
GET /1809/a7/0wa0rni0ng0.mp3 HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
content-range: bytes 0-8404/8405
content-length: 8405
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11014
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 13:31:37 GMT
Connection: keep-alive
maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
104.18.11.207200 OK 6.7 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.5.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (27303)
Hash d08e79d41254e47e3515031d3f1837f0
f58c1af66e12a887d65f9111c19f7c25f8d535e4
6073ab2e9871ff2a0e1a5fcaec4aa1a95a965097b107a9c0d6574288ce7d501f
GET /font-awesome/4.5.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 18 Sep 2022 13:31:37 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 565, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 19:04:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e9a84d03a1f7c6aa17012c712a6e5dd5
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 8952145
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 74ca71644c1e0b31-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5e0d4379f6517fd75a29a3d94d9199eb
0d383b811ebe839400f04333d16a5c9d4d78f802
e64c0c03925bdfaa2520d90339c90d1f8d98c432441adb771dfe1e818220f06f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E64C0C03925BDFAA2520D90339C90D1F8D98C432441ADB771DFE1E818220F06F"
Last-Modified: Sun, 18 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11014
Expires: Sun, 18 Sep 2022 16:35:11 GMT
Date: Sun, 18 Sep 2022 13:31:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97d0fb7f2e5c544eb87b803a153d8763
a247157989727bf0d4598679f7f0cc9646299cbd
cfff9f9aaad7b3dc4949c917df6096ee65a3392d8a8dceddf94261af5480ac56
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c956a4-db39-47fc-87b0-5c576f15441b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: cb45074f-f130-41a6-b253-6bc6654e8ebb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn6KXH3gIAMFwnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263d75-32ffacde1e1eb46117c61fe9;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:34:45 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: P60MPAXw-2lxWTjCtqk9Cd1oga6yuq6lcApDeSIWfIAehDHdXsCFIw==
via: 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:10:23 GMT
age: 55274
etag: "a247157989727bf0d4598679f7f0cc9646299cbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51d067e534c477ce996b3e806f6a132e
451c1f67948e45909e636828e3d2a3099de922f0
e13318949733eb7992695c61570cc8b2961d881a8343c677a77cd035e787bbaf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F99a57f83-dfc8-4b82-ba40-2b21aa8c0f64.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6869
x-amzn-requestid: e4e424a6-6c79-405b-8d1b-d40749ae3f0e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5yLHi8oAMFpXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cda-22f6dae17ded045177976eaf;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:32:10 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: eSPLuSCIr6IOor8bQh1STKcy6i_bS6nPhndKrN_g7IrXl6U43TogYw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 22:29:35 GMT
etag: "451c1f67948e45909e636828e3d2a3099de922f0"
content-type: image/jpeg
age: 54122
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 56ade9172e883c777dd974ca879bceba
b2aaf019e083443a6404c262206ee2e981d3165c
c8407ad191143d2d947464b357d8426efb334cb165c4fa5ca01573d8f7ca7b76
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0743b1dc-9d34-4282-a031-42c70fa409f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5133
x-amzn-requestid: 01f39c0a-c86f-4057-a505-20200819203c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YioKkFrFoAMFhMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632420a9-5821f44144b61475180ec961;Sampled=0
x-amzn-remapped-date: Fri, 16 Sep 2022 07:07:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: mDe4BYbMkqkO3wq6onH6c_YOfWn32Z4L9t-QW_5mwez4bcrVkrQBuw==
via: 1.1 d042f60a962591f741406f28a8170c5a.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:38:13 GMT
age: 21204
etag: "b2aaf019e083443a6404c262206ee2e981d3165c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9a9211e94d6aa2429e9663ef317707e
ac0d1af96508d026f9a1252d358660bd5671f9bd
36663b67119ae58b665e43d86b73045472cf23d73bf2c981754f479989690791
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0418a582-b5aa-4754-a162-d731a3e53f86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5448
x-amzn-requestid: 3b63d209-af92-4d64-866a-d8f677aa62a9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn659H9DIAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263ea5-30e7f8a32603ba70671addec;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:39:49 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: JKenU-KwXFVEu-tZnc_yoDis5Lt-2tY0RcjH7ZT592hqp0tIUF25Lg==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:49:01 GMT
etag: "ac0d1af96508d026f9a1252d358660bd5671f9bd"
content-type: image/jpeg
age: 56556
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f003d8b6e12692fb16dddd6827deead8
786c333cf08456aea446a55c547520572e1c2df9
d79ea50cfc0f237b3de8f1826cbae1de0b1dbc632a5a06b08d9640abedded935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c670b93-3941-4322-a938-e74eba949ad6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11919
x-amzn-requestid: 2f547c1f-2f5d-4707-8f6c-fe9dfff51383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfS4FI9oAMFScw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145ab-3c967f2653d06c1c079f88c1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:27 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: QgOb-hraq20XpHk_0Cyz2UMxaIEjP8ilIXt2VuhiRJWJAOG5EuAb5A==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 05:49:05 GMT
age: 27752
etag: "786c333cf08456aea446a55c547520572e1c2df9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7334a6bdb209350f41e4640960c9ce2a
0b00e1a594dc88c8fb05044a69cc0ba1eafc4946
bf946afeb52d95f27e2a271486accf87a0c169e5e78f6d57cace80564e2ed668
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2512deb9-0912-4851-b376-b8bcb67ed3ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10554
x-amzn-requestid: 07497447-33e7-4f60-a3ff-974f581c5704
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yn5tlG_7IAMFaIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63263cbd-1964dc6548cb5f7c09f65b78;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 21:31:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BLfMTudduK95E9WeV9h987RYPa2RjQTtcl6jkjAZxgSWmCfUTnxU4A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 17 Sep 2022 21:43:11 GMT
age: 56906
etag: "0b00e1a594dc88c8fb05044a69cc0ba1eafc4946"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-PBCH7NTB3M>m=2oe9e0&_p=1090709681&cid=1888267437.1663507879&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663507879&sct=1&seg=0&dl=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-PBCH7NTB3M>m=2oe9e0&_p=1090709681&cid=1888267437.1663507879&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663507879&sct=1&seg=0&dl=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-PBCH7NTB3M>m=2oe9e0&_p=1090709681&cid=1888267437.1663507879&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1663507879&sct=1&seg=0&dl=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&dt=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://10u58r.click
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://10u58r.click
date: Sun, 18 Sep 2022 13:31:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Sun, 18 Sep 2022 12:41:12 GMT
expires: Sun, 18 Sep 2022 14:41:12 GMT
cache-control: public, max-age=7200
age: 3026
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mylivechat.com/chatinline.aspx?hccid=31408712
52.117.22.28302 Found 205 B URL HTTP/1.1 mylivechat.com/chatinline.aspx?hccid=31408712
IP 52.117.22.28:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 3e8f2733d85237ca0841279f3ecf2f33
866fe8f398f9161385a0958d73755e36da7ddcf7
16ca0db1eda2fe35e7b73aaf126573849082c10122953b52d0f7f49b90cb6d7a
GET /chatinline.aspx?hccid=31408712 HTTP/1.1
Host: mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://c1.mylivechat.com/livechat2/livechat2.aspx?hccid=31408712&apimode=chatinline
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:38 GMT
Content-Length: 205
10u58r.click/1809/a7/download.jpg
162.0.235.152200 OK 654 kB URL HTTP/2 10u58r.click/1809/a7/download.jpg
IP 162.0.235.152:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1920x1394, components 3\012- data
Size 654 kB (653698 bytes)
Hash 3722bd7abebdd2124f3d4d24f1823024
50b50222ea17bd754457b0d99ce9fd199e610bc6
d8a9ac3f3dc3fde6dfc7a7481aa50b2c8008f342a92cc27a5885ac84b852bd0a
GET /1809/a7/download.jpg HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: public, max-age=604800
expires: Sun, 25 Sep 2022 13:31:37 GMT
content-type: image/jpeg
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
accept-ranges: bytes
content-length: 653698
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
10u58r.click/favicon.ico
162.0.235.152404 Not Found 1.2 kB IP 162.0.235.152:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Hash 0bde7d4b3da67537eaf9188e6f8049cf
64300fc482d01d38b40ab20e15960b6509665e5a
5dc1ae0b875dc0d78dbc5532226f5f31b762b4d1229984f605d27bf895ab6807
GET /favicon.ico HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Cookie: _ga_PBCH7NTB3M=GS1.1.1663507879.1.0.1663507879.0.0.0; _ga=GA1.1.1888267437.1663507879
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
pragma: no-cache
content-type: text/html
content-length: 1238
date: Sun, 18 Sep 2022 13:31:38 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-140409011-1&cid=1888267437.1663507879&jid=218921017&gjid=1892191798&_gid=2013844658.1663507880&_u=YADAAUAAAAAAAC~&z=2142884425
142.251.1.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-140409011-1&cid=1888267437.1663507879&jid=218921017&gjid=1892191798&_gid=2013844658.1663507880&_u=YADAAUAAAAAAAC~&z=2142884425
IP 142.251.1.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-140409011-1&cid=1888267437.1663507879&jid=218921017&gjid=1892191798&_gid=2013844658.1663507880&_u=YADAAUAAAAAAAC~&z=2142884425 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://10u58r.click
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://10u58r.click
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Sun, 18 Sep 2022 13:31:38 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c2900cacb3e6b33190e657a697ca589b
102eb3b32fc710cef2b7053100454c30d097bab3
d5bad2878173240c5dbcef360dd701c4f13de4576ba5dedbe882745ae7ea2fb0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:38 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1.mylivechat.com/livechat2/livechat2.aspx?hccid=31408712&apimode=chatinline
169.55.200.20200 OK 9.9 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/livechat2.aspx?hccid=31408712&apimode=chatinline
IP 169.55.200.20:0
File type Unicode text, UTF-8 text, with very long lines (2202), with CRLF line terminators
Hash 9d91d5b9e671265f68b0077d7c97f12a
8cd227fd165265bc0f0731e2da11e2ccf59b4d71
6afd9cd4d8d1d7782c6a43fda59831652cbaeb6c619b256d08e42a09b35168fb
GET /livechat2/livechat2.aspx?hccid=31408712&apimode=chatinline HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://10u58r.click/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:38 GMT
Content-Length: 9871
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash b417168037cd02cb414797a2fe8a898f
504f56151849a7bfcd36d7e72b39ead79a69bfe8
39238b70192886874fc0362dbf5e2b017f71760665c5d1025d75e4a304ded1f9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1.mylivechat.com/livechat2/chatinline.css?&culture=ja&mlcv=3017&template=5
169.55.200.20200 OK 6.1 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/chatinline.css?&culture=ja&mlcv=3017&template=5
IP 169.55.200.20:0
File type ASCII text, with CRLF line terminators
Hash 138e2a406691164216f3d150858ea85b
f2b0272d2cb72beeb53499e7678aed84fbfe2eb2
cf149b4d17f52c1550e7fa4b26256ebc3cbef1d09ae8b8e9c86684153cff7225
GET /livechat2/chatinline.css?&culture=ja&mlcv=3017&template=5 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 03:27:35 GMT
Accept-Ranges: bytes
ETag: "80ade3816083d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:39 GMT
Content-Length: 6091
fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
142.250.74.10200 OK 8.4 kB URL HTTP/2 fonts.googleapis.com/css?family=Poppins:300,400,500,600,700
IP 142.250.74.10:0
Hash 6e4126f4f18ed9ad9903fcba89e72f18
927aa04fd3bd83fd1fa282ddd78691d08028eecd
2eeceb39fac47d9e86449c278bb63fbb7ee8a3522440eddfb7af97002f78e038
GET /css?family=Poppins:300,400,500,600,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 18 Sep 2022 13:31:39 GMT
date: Sun, 18 Sep 2022 13:31:39 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab87e1e4dc6abd919cf683dff901fe8
07cfbf03a72cb316844c48669a10484e63b7f887
d68b40168e5c06bd69b83e8529ea0b15996e7124d2c8b3c5b0be81c8946f04c0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 18 Sep 2022 13:31:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
c1.mylivechat.com/livechat2/resources2.aspx?HCCID=31408712&culture=ja&mlcv=3017&template=5
169.55.200.20200 OK 134 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/resources2.aspx?HCCID=31408712&culture=ja&mlcv=3017&template=5
IP 169.55.200.20:0
File type ASCII text, with very long lines (33406), with CRLF line terminators
Size 134 kB (134180 bytes)
Hash f4e27e0f8043986abfae69bcd9103d7e
4cf30a5d208d76780c1d165298c67d6ebc9aaa14
5eaa42187753594fd0535c290f4239ed5cd6d4b67dbb0eeb3022930d854d2cd8
GET /livechat2/resources2.aspx?HCCID=31408712&culture=ja&mlcv=3017&template=5 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: public, max-age=31536000
Content-Type: text/javascript; charset=utf-8
Expires: Mon, 18 Sep 2023 13:31:39 GMT
Last-Modified: Sun, 18 Sep 2022 05:00:00 GMT
ETag: "NOq+XNg2BWQOlZNC0Q1NtF8QpOutx3IEuTjYeUIhiNQ="
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:39 GMT
Content-Length: 134180
c1.mylivechat.com/livechat2/script/livechatinit2.js
169.55.200.20200 OK 17 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/script/livechatinit2.js
IP 169.55.200.20:0
File type ASCII text, with very long lines (63262), with no line terminators
Hash b8a16c011058f95cea5ce0aca7c7c3b5
e05df33ff7434e22f7435137d20f3fcd33a4dba7
50915d444698c032e42a58cb469e40faf08ce9dc01b0f8d8e44e125d3a2e6fba
GET /livechat2/script/livechatinit2.js HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: application/javascript
Content-Encoding: gzip
Last-Modified: Sat, 10 Jul 2021 17:55:06 GMT
Accept-Ranges: bytes
ETag: "07944b7b475d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:39 GMT
Content-Length: 16637
c1.mylivechat.com/Customization/Template/InlineChatRoundOnline_1.png
169.55.200.20200 OK 273 B URL HTTP/1.1 c1.mylivechat.com/Customization/Template/InlineChatRoundOnline_1.png
IP 169.55.200.20:0
File type PNG image data, 72 x 72, 4-bit colormap, non-interlaced\012- data
Hash 1faf0898915d582d33d412d1b9c593e3
05d2864d0360409f9235c60e349a8d232304850a
cb242a7e67be4558984ec4dd4be1225d11ec9532cc2e935f64b4dd3b1bae64d2
GET /Customization/Template/InlineChatRoundOnline_1.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Tue, 05 Dec 2017 22:01:33 GMT
Accept-Ranges: bytes
ETag: "4f34d99c146ed31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:39 GMT
Content-Length: 273
c1.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A2%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=2&culture=ja&mlcv=3017&template=5
169.55.200.20200 OK 1.5 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A2%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=2&culture=ja&mlcv=3017&template=5
IP 169.55.200.20:0
File type ASCII text, with CRLF line terminators
Hash f6bf929338bb7fd5204ea74b9b5809c5
6b2206cfd734e0d79c31cbd47a702363d205d7a7
f440576c9319b5b3b38b3989acade4f9bcae8c25d139c09cde61a39b48c4cf6a
GET /livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A2%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=2&culture=ja&mlcv=3017&template=5 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:42 GMT
Content-Length: 1534
c1.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&RSI=1&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A3%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=3&culture=ja&mlcv=3017&template=5
169.55.200.20200 OK 1.6 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&RSI=1&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A3%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=3&culture=ja&mlcv=3017&template=5
IP 169.55.200.20:0
File type ASCII text, with CRLF line terminators
Hash 143914efb799afbf2d595e62d1044d86
79d092842bdc2f2b9dc54408979e5dd4e8f5c675
083e96aa42040c911de8ac2d06ef74e32ebf75ca9d5eb6801e4840654215fad4
GET /livechat2/livechat2.aspx?apimode=sync&HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&Type=VISIT&RSI=1&Url=https%3A%2F%2F10u58r.click%2F1809%2Fa7%2FMac7370&ContextData=3%3A3%7C0%7C&ScreenSize=1280,1024&PageTitle=%E3%82%BB%E3%82%AD%E3%83%A5%E3%83%AA%E3%83%86%E3%82%A3%E3%82%BB%E3%83%B3%E3%82%BF%E3%83%BCCode0x268d3-Er07%E3%82%B5%E3%83%BC%E3%83%93%E3%82%B9&uats=3&culture=ja&mlcv=3017&template=5 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 1603
c1.mylivechat.com/Customization/Template/InlineChatOnlineLogo_a1.png
169.55.200.20200 OK 17 kB URL HTTP/1.1 c1.mylivechat.com/Customization/Template/InlineChatOnlineLogo_a1.png
IP 169.55.200.20:0
File type PNG image data, 456 x 60, 8-bit colormap, non-interlaced\012- data
Hash 52d5c3d8e52210b1b9d0b8985cd16de2
7f143827406664d77cc274ff63e861da08c386ce
0de26ee8883abcda5a49d2fe934d88e53758b251eb10f2eeaee13c946b3cc295
GET /Customization/Template/InlineChatOnlineLogo_a1.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Tue, 05 Dec 2017 22:01:31 GMT
Accept-Ranges: bytes
ETag: "f71de49b146ed31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 17141
c1.mylivechat.com/livechat2/chatdialog2.css
169.55.200.20200 OK 29 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/chatdialog2.css
IP 169.55.200.20:0
File type ASCII text, with CRLF line terminators
Hash 5b7bebac742395862feff104424386a4
c3496614e988e5b6ab9961c7441ab77883c695c8
8c2b4d33bde2e510436d424d65802e8990915c5ca278c49d3466238809f08550
GET /livechat2/chatdialog2.css HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: text/css
Last-Modified: Sat, 10 Jul 2021 05:41:16 GMT
Accept-Ranges: bytes
ETag: "0a657334e75d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 29110
c1.mylivechat.com/Customization/Template/InlineChatOfflineLogo_a1.png
169.55.200.20200 OK 17 kB URL HTTP/1.1 c1.mylivechat.com/Customization/Template/InlineChatOfflineLogo_a1.png
IP 169.55.200.20:0
File type PNG image data, 456 x 60, 8-bit colormap, non-interlaced\012- data
Hash 52d5c3d8e52210b1b9d0b8985cd16de2
7f143827406664d77cc274ff63e861da08c386ce
0de26ee8883abcda5a49d2fe934d88e53758b251eb10f2eeaee13c946b3cc295
GET /Customization/Template/InlineChatOfflineLogo_a1.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Tue, 05 Dec 2017 22:01:29 GMT
Accept-Ranges: bytes
ETag: "ac2b19a146ed31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 17141
c1.mylivechat.com/livechat2/images/icon_google.png
169.55.200.20200 OK 709 B URL HTTP/1.1 c1.mylivechat.com/livechat2/images/icon_google.png
IP 169.55.200.20:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash cc097e0e92962e94968a94f4e869f717
ca78114ddd120844c15c4069bfdb07ef177b1dd7
226ff95d2a57b2510b9bbe1cfb21707953873e8495ad6c03f3f665568e8ef18c
GET /livechat2/images/icon_google.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Thu, 13 Feb 2020 04:40:40 GMT
Accept-Ranges: bytes
ETag: "05434be27e2d51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 709
c1.mylivechat.com/livechat2/images/icon_facebook.png
169.55.200.20200 OK 597 B URL HTTP/1.1 c1.mylivechat.com/livechat2/images/icon_facebook.png
IP 169.55.200.20:0
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 4dc48d957f346d4443b8592e746df354
c8faccb5c1fa471c64db2de8b4a3dac6e0d06ac3
0ecd535511cb55e220004822308c72803635eb5a484c98cbfd0cbcdb739e1313
GET /livechat2/images/icon_facebook.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Thu, 13 Feb 2020 05:01:42 GMT
Accept-Ranges: bytes
ETag: "03f6aae2ae2d51:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 597
c1.mylivechat.com/livechat2/chatinline.css
169.55.200.20200 OK 6.1 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/chatinline.css
IP 169.55.200.20:0
File type ASCII text, with CRLF line terminators
Hash 138e2a406691164216f3d150858ea85b
f2b0272d2cb72beeb53499e7678aed84fbfe2eb2
cf149b4d17f52c1550e7fa4b26256ebc3cbef1d09ae8b8e9c86684153cff7225
GET /livechat2/chatinline.css HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://c1.mylivechat.com/livechat2/chatdialog2.css
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: text/css
Content-Encoding: gzip
Last-Modified: Wed, 28 Jul 2021 03:27:35 GMT
Accept-Ranges: bytes
ETag: "80ade3816083d71:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 6091
c1.mylivechat.com/livechat2/SVG/Thumbup.svg
169.55.200.20200 OK 357 B URL HTTP/1.1 c1.mylivechat.com/livechat2/SVG/Thumbup.svg
IP 169.55.200.20:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 1a142316635ee3de3e28412d0f0b37b2
64b930a07382d83ca4cae883025a1f507c58c583
d9790a68fd4bb9f8d029aed46db87b6b9a1d540b0e7dbb5738b3a9691f673d25
GET /livechat2/SVG/Thumbup.svg HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/svg+xml
Last-Modified: Tue, 05 Mar 2019 15:13:47 GMT
Accept-Ranges: bytes
ETag: "80c7b4766d3d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 357
c1.mylivechat.com/livechat2/poweredby.htm
169.55.200.20200 OK 1.1 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/poweredby.htm
IP 169.55.200.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash a0e8ebb40c43ce101fb3e87270ff5b81
8699083a1dc3aa5fc84aa4b0e125a03049b19650
8d149e52fefc14505abbf39bd60cefc663e1c0759d879dc436198319318a622e
GET /livechat2/poweredby.htm HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: text/html
Last-Modified: Fri, 01 Mar 2019 08:01:54 GMT
Accept-Ranges: bytes
ETag: "0c5b385d0d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 1148
c1.mylivechat.com/livechat2/SVG/Thumbdown.svg
169.55.200.20200 OK 377 B URL HTTP/1.1 c1.mylivechat.com/livechat2/SVG/Thumbdown.svg
IP 169.55.200.20:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with CRLF line terminators
Hash 5aae91c8cd800b4efe2f04270c7167d3
6ea5776272ffc38da082179779618f2f36b4f8ab
b523eee9b7baa8096419d68f1338bf8786599344bce84f59b29fd8ec05d9fac6
GET /livechat2/SVG/Thumbdown.svg HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/svg+xml
Last-Modified: Tue, 05 Mar 2019 15:13:39 GMT
Accept-Ranges: bytes
ETag: "8013f0266d3d41:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 377
c1.mylivechat.com/livechat2/images/im_blocked_busy.png
169.55.200.20200 OK 295 B URL HTTP/1.1 c1.mylivechat.com/livechat2/images/im_blocked_busy.png
IP 169.55.200.20:0
File type PNG image data, 16 x 16, 4-bit colormap, non-interlaced\012- data
Hash fe703e2eef50ea33842840a3af411e39
0194aacc46d70cc76d91ef97ca510687bbd391a1
31e2219a9ceb920c247f0f74630d585106821ba4336c9b89bfd5765777de4ff7
GET /livechat2/images/im_blocked_busy.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Tue, 05 Dec 2017 23:01:49 GMT
Accept-Ranges: bytes
ETag: "80aced71d6ed31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 295
c1.mylivechat.com/livechat2/frame2.aspx?HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&_t=1663507885257
169.55.200.20200 OK 3.8 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/frame2.aspx?HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&_t=1663507885257
IP 169.55.200.20:0
File type ASCII text, with very long lines (674), with CRLF line terminators
Hash 2a2fb9735f495bebc64c52db1a3a3db3
ebd99f02e8addfa001e67b112e7a76b95b51dddc
49e15e38fe51429106bc26f63a1574e4324f827d5ccb3ec5393496c8b965d666
GET /livechat2/frame2.aspx?HCCID=31408712&CCCustomerId=d28ed68d-5300-b616-b725-e1345099da08&_t=1663507885257 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Content-Type: text/javascript; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 3809
c1.mylivechat.com/livechat2/script/frameui2.js
169.55.200.20200 OK 20 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/script/frameui2.js
IP 169.55.200.20:0
File type ASCII text, with very long lines (20301), with no line terminators
Hash ae18434f8f9ce0f434e4b13aa058ae42
de59373b1ab2e18ebc12ecc5a21e845495297503
b3f779f8c47909abc1076a7cad4f1ce7aeaf2310b2769128ecb44e65105979fc
GET /livechat2/script/frameui2.js HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: application/javascript
Last-Modified: Sat, 10 Jul 2021 17:55:06 GMT
Accept-Ranges: bytes
ETag: "07944b7b475d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 20301
c1.mylivechat.com/livechat2/script/frameinit2.js
169.55.200.20200 OK 156 kB URL HTTP/1.1 c1.mylivechat.com/livechat2/script/frameinit2.js
IP 169.55.200.20:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 156 kB (155649 bytes)
Hash 585544a9aedc1fa62d1e5883f1e442b0
e9f803f8afbba2f8c5ee32373eeeae4ede1bd026
b4c56b29f6bcea69d5453f62c475a2845a5aa3f85e8ef0931e857a7103feb84a
GET /livechat2/script/frameinit2.js HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: application/javascript
Last-Modified: Sat, 10 Jul 2021 17:55:06 GMT
Accept-Ranges: bytes
ETag: "07944b7b475d71:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:43 GMT
Content-Length: 155649
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
142.250.74.163200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://10u58r.click
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:30:58 GMT
expires: Thu, 14 Sep 2023 19:30:58 GMT
cache-control: public, max-age=31536000
age: 324046
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
c1.mylivechat.com/Customization/Template/BrandLogo_1.png
169.55.200.20200 OK 504 B URL HTTP/1.1 c1.mylivechat.com/Customization/Template/BrandLogo_1.png
IP 169.55.200.20:0
File type PNG image data, 96 x 96, 8-bit colormap, non-interlaced\012- data
Hash 3b53c978f81f96620e5b453faefd61d9
48138293860c8437e0910437d6aa273c5e8307a7
34161715b91783476af3207acf7ab191d3816b51adffddd04ca5751b6812d796
GET /Customization/Template/BrandLogo_1.png HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=2160000
Content-Type: image/png
Last-Modified: Tue, 05 Dec 2017 22:01:28 GMT
Accept-Ranges: bytes
ETag: "f19d59a146ed31:0"
Server: Microsoft-IIS/8.5
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:44 GMT
Content-Length: 504
c1.mylivechat.com/livechat/FindAgentPhoto.aspx?hccid=31408712&uid=1&ver=0.9692286878680254
169.55.200.20302 Found 185 B URL HTTP/1.1 c1.mylivechat.com/livechat/FindAgentPhoto.aspx?hccid=31408712&uid=1&ver=0.9692286878680254
IP 169.55.200.20:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 54c3e4c4bb10c6ebe7e94c4eea8f7405
f18ceb3c6d4fba65a57914f78457bd327b822b35
a76544644151eee1f96a6956d669bb1adc29b2da5e79dc555cad9a841c13ea55
GET /livechat/FindAgentPhoto.aspx?hccid=31408712&uid=1&ver=0.9692286878680254 HTTP/1.1
Host: c1.mylivechat.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://10u58r.click/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: /Customization/Customer/31408712/AgentPhoto_1.png?637875181009099193
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Date: Sun, 18 Sep 2022 13:31:44 GMT
Content-Length: 185
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 29f4a52fb629dce4ef8038d4df7ea58a
4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0
32cee35b22110b83738f49f49edb6efcedb54fe793d5ccc900004e16e3fefda3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd1d192c6-d447-4ad9-b142-a9258211f67d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5827
x-amzn-requestid: a30d5a61-ccb2-4582-8298-1abb79830dda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yl7VSF21IAMFvGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63257288-5b79117f185617fb0f37a845;Sampled=0
x-amzn-remapped-date: Sat, 17 Sep 2022 07:08:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cYYmknnm5GHRMA69N-dqXXKHb1-tfN1PuRYB5xxtRJK5Gk3-PO0Bw==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 18 Sep 2022 07:16:15 GMT
age: 22529
etag: "4a5b84c77bd53f4c94e1af4a702f6f85b46b51b0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
10u58r.click/1809/a7/wa0lDErtm0s.mp3
162.0.235.152206 Partial Content 0 B URL HTTP/2 10u58r.click/1809/a7/wa0lDErtm0s.mp3
IP 162.0.235.152:0
Analyzer Verdict Alert fortinet Phishing
GET /1809/a7/wa0lDErtm0s.mp3 HTTP/1.1
Host: 10u58r.click
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://10u58r.click/1809/a7/Mac7370
Cookie: _ga_PBCH7NTB3M=GS1.1.1663507879.1.0.1663507879.0.0.0; _ga=GA1.1.1888267437.1663507879
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: audio/mpeg
last-modified: Sun, 18 Sep 2022 01:34:46 GMT
content-range: bytes 0-477352/477353
content-length: 477353
date: Sun, 18 Sep 2022 13:31:37 GMT
server: LiteSpeed
x-turbo-charged-by: LiteSpeed
X-Firefox-Spdy: h2