r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 09a973de929ab7452edc342c780d3668
3f14f6e0a36f76863c0aea6fb561c266404a7ea3
e82ca5f310e37267fbf792427747e65c2bb35e684d3f629c0aa302f688bc4f80
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E82CA5F310E37267FBF792427747E65C2BB35E684D3F629C0AA302F688BC4F80"
Last-Modified: Fri, 23 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4736
Expires: Sun, 25 Sep 2022 03:28:47 GMT
Date: Sun, 25 Sep 2022 02:09:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.35200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sun, 25 Sep 2022 01:14:42 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: qvExhNDsyaEZs4A3DAYmSNJKREWcnUr3fZJiAI61-jp-gC_KyL5Ekg==
Age: 3309
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b3e81b5bd7bd8e12288a8159e44ceb3f
977945964ffcbf49ac78f840db9da822c50c82f0
4721814da286852318f7ebf9857bd4bf01f0beea2c9eb7ddb9f290e3fa472232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4721814DA286852318F7EBF9857BD4BF01F0BEEA2C9EB7DDB9F290E3FA472232"
Last-Modified: Fri, 23 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11449
Expires: Sun, 25 Sep 2022 05:20:40 GMT
Date: Sun, 25 Sep 2022 02:09:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XWh5vWz1tD7g786M3M6gx3Xxl/vXWZjnI4q4nwUkaE7B8N5M9/LFoF2LrrTCC2xB3SPMLP3iQy6BS21Bl6ODEQ==
x-amz-request-id: VTNT09PD63S91RPN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 25 Sep 2022 01:47:50 GMT
age: 1321
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
abx.myweightlosssystem.com/std/app/loading_auth.php
50.87.150.176200 OK 2.8 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/app/loading_auth.php
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (2904), with CRLF line terminators
Hash 5f9f229f353fded0dca813f96d125b99
4d950d63ecff3a6d3c18748ceb9d1a909f73916a
6198084ab05dc02f769514c155c5545d8a9c1ec4ed7820c807fad6be405aad5c
Analyzer Verdict Alert fortinet Phishing
GET /std/app/loading_auth.php HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487; path=/
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2762
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 25 Sep 2022 02:09:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
abx.myweightlosssystem.com/std/libraries/css/app.min.css
50.87.150.176200 OK 10 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min.css
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65212)
Hash 97d8bd13bc9d3dd347116b24d938ea80
b272950aec3ab27c6856ee863149f7bff5b31a96
b3418aa24ff1ba2ad31d700d9bfa3ee5efcd9ebabfa2735e7a03d00f1c5b403f
GET /std/libraries/css/app.min.css HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9983
Keep-Alive: timeout=5, max=75
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.35200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.35:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sun, 25 Sep 2022 02:04:17 GMT
Expires: Sun, 25 Sep 2022 03:03:11 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 f00e3524edcdf61801454f2bb21e71ce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: G_pidTNr0B2DQplfYLcJ0G7QNs_IcAYZFFh1sUVcpwEODFDLAMT47w==
Age: 334
abx.myweightlosssystem.com/std/libraries/img/icon_email_white.png
50.87.150.176200 OK 795 B URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/img/icon_email_white.png
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 26 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 6070e3ce9cbf09cc71464b833fc9521c
3168a304ee9052834f3595ac31170cc0b61d4bc3
2daf53b1d65351e31f6c8513731bec5ecd65fd1c072d8ddd5521e35cc31a73de
GET /std/libraries/img/icon_email_white.png HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Content-Length: 795
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
abx.myweightlosssystem.com/std/libraries/img/sb_logo.png
50.87.150.176200 OK 6.9 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/img/sb_logo.png
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 116 x 134, 8-bit colormap, non-interlaced\012- data
Hash 3577140395dbe02972a42a09126ca0f9
7e2fa7ef7cb1c6ed6e207cc0720adbcdb37ab36c
5e03e8a2ea184c5c68a1d0e1446b7ea7c57d60a4d18400267136ff423ac9633e
GET /std/libraries/img/sb_logo.png HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Content-Length: 6899
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/png
abx.myweightlosssystem.com/std/libraries/img/icon_south_africa_white.png
50.87.150.176200 OK 850 B URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/img/icon_south_africa_white.png
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 26 x 22, 8-bit/color RGBA, non-interlaced\012- data
Hash c127d3145cf161974bc5b86ecf705c6b
3ee94a38c70107611168f5c7570fa6be89157736
659ec5c9f365d3e03d205766dcf6103fdb716dae3e99d8742d33f1e31eb37b2d
GET /std/libraries/img/icon_south_africa_white.png HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Aug 2022 23:29:58 GMT
Accept-Ranges: bytes
Content-Length: 850
Keep-Alive: timeout=5, max=75
Content-Type: image/png
abx.myweightlosssystem.com/std/libraries/img/icon_global_white.png
50.87.150.176200 OK 1.1 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/img/icon_global_white.png
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 26 x 24, 8-bit/color RGBA, non-interlaced\012- data
Hash fa84956901e030193422bde03f7c7c26
2084f5489d4897356ba4569004d214f35b560cbd
a98db87f78fe65c1c150fe8eddba301a4040bec74b19304bcad6405dbc323d9d
GET /std/libraries/img/icon_global_white.png HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Content-Length: 1090
Keep-Alive: timeout=5, max=75
Content-Type: image/png
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a7809de115ea73f8b61f3d20a9978493
01fc65a2b694d7aadd5204d21801e87b2b55b73e
72692486033feeb149424c59576c6c75b17228dfc89b4c369d2e17cc4bff3d52
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1881
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 02:09:51 GMT
Etag: "632eba95-1d7"
Last-Modified: Sun, 25 Sep 2022 01:38:30 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed45.css?z=1612885494473
50.87.150.176200 OK 36 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed45.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 70f587613209156e842ddbc0279e6e2f
ad3ca84fdc780fdfa6be61df291de6f2e8fb4b0c
3282675ad529105f83044d341fadda48d8703940183c6d0cab800005c1e397c1
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed45.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
push.services.mozilla.com/
52.89.17.198101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.17.198:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: wtTavFWOvb4VW9HgMktTww==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 10WpFA4XYm3o0Ixxp2/5Mp+k7Fw=
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed41.css?z=1612885494473
50.87.150.176200 OK 49 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed41.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65533), with no line terminators
Hash 41fe61091ebb917b6ce8d029ae5ce437
a19de102187ceb74ab809672eaaeabdced24ba77
f8a0bdad8a5ae0be773afda62c49e4a9af98af05c5c309608c6cc409d51aaa02
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed41.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed39.css?z=1612885494473
50.87.150.176200 OK 42 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed39.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash c7331a1f9f2d446d94191f32da861bf1
65dfb1ac4e1e900182f01fd8f532369666cf0806
4a084e2dd49b1ac295f0969989422b92ac883415201a7306befa0c2df4d551fc
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed39.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed40.css?z=1612885494473
50.87.150.176200 OK 47 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed40.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (53215), with CRLF line terminators
Hash b8eb697cd328c95ff36e9ae12314557a
7e8ad0364f107c9238ab4cbe15003f16cb275522
3f155080a1701f535a2d84ea5bbac2dea4f4b7a41c0e141305d4924c8fb94cae
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed40.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed49.css?z=1612885494473
50.87.150.176200 OK 50 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed49.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Unicode text, UTF-8 (with BOM) text, with very long lines (62909)
Hash 730253da002f058556fbb43cc8a5ab5b
426742ffdf8589871776d59c50df15f6abb13385
21e04ebe547dda9ce7b65b0280c1df4365320a5292e4b6f7b028f15228e83307
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed49.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
abx.myweightlosssystem.com/std/libraries/css/app.min-blessed44.css?z=1612885494473
50.87.150.176200 OK 19 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/css/app.min-blessed44.css?z=1612885494473
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8487e8ec4722f8856cbe398d2d8fceff
599f7539a37b72b816a4d2baa0b33f9b7b6f21aa
1a13116d57db34907d2ce58c113501e63947c3ea0c3ecc37fd39dcaf60b96544
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/css/app.min-blessed44.css?z=1612885494473 HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min.css
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:51 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18766
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15368
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 02:09:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15368
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 02:09:52 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7038cca95198779d8bb479045eb56652
e9dcf9451e849f4d55b0909b33a51bd0b1a35296
0fc47dba3f2789b7c509a4916b1fe3c7b6b30c6778e5354742256125730310f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0FC47DBA3F2789B7C509A4916B1FE3C7B6B30C6778E5354742256125730310F3"
Last-Modified: Fri, 23 Sep 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15368
Expires: Sun, 25 Sep 2022 06:26:00 GMT
Date: Sun, 25 Sep 2022 02:09:52 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 00c09f267aacde9465a329542463b9e5
1534aa8a5158dfa9592d65e6fb761b41c0852c58
276ff24598159f62fd7333992575834f901eea7c75a228b9c12d1c049f1df558
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9c4875ff-4140-470a-943a-bc27f68957a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7642
x-amzn-requestid: b0fc9bea-7735-43c0-a176-eae4d5000a6e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y2ZPtHajIAMF8zQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632c08ca-391092bd30ae5bf9692e93ba;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 07:03:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: JHbRgCQOZp244YWkU4o78m9HhC77v7LOWAvwnc2eRTW2vHnv99ygaA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:31:45 GMT
age: 67087
etag: "1534aa8a5158dfa9592d65e6fb761b41c0852c58"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
34.120.237.76200 OK 4.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8abddb2cad9c262667f358ecb9b084ae
2d97861b35e3d0ffe6a614037e4ff7946018b4ef
9b4878cf451b7bc5c7467d1e35e2fa12f54e516c878dd54d0293a4ef4947ba5b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30df3bb6-8eae-49ae-ba75-f6dd462463ac.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4237
x-amzn-requestid: ae2729cb-a956-4214-b3be-b510a3f62698
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y9FNDGu7oAMF7oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632eb586-097d52637dc131002d4ac57d;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 07:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: TUT-wNEcMOArWarvrWvtkVVf4ZfrTv6CtG7a_aBZN9mZ6L-GawZkZA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 25 Sep 2022 01:14:25 GMT
age: 3327
etag: "2d97861b35e3d0ffe6a614037e4ff7946018b4ef"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d35df1f57d0736995615b0d8f50b8a3
8324b383c89771a2b1155ec6d069bf5a47338acd
9f381d59d2e4b086d43d784d7660e27f6f7760dc2b4eb9beee4b6e94801cb6db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0693f3eb-ed7b-4594-b2db-7432590f4d49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4723
x-amzn-requestid: 4be5e73a-e648-40a4-8566-cb3417e5843b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EKHYcoAMFgMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7880-4682134275162910149d09ec;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NdyoW-aALNbALUNnUAWgJafG47WQBKHxeOEQhLHWS1ie8YlUH9z9uA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:58:11 GMT
age: 15101
etag: "8324b383c89771a2b1155ec6d069bf5a47338acd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
abx.myweightlosssystem.com/std/libraries/img/favicon.ico
50.87.150.176200 OK 1.7 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/img/favicon.ico
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 28 x 32, 8-bit colormap, non-interlaced\012- data
Hash cff6d25200ce4df3384aad7f60a9b72d
4acf14fbe08d15f4686b42bb51549d6abfca961d
0cf12dd7a3a2b4f033305b361d7de7007a3a783d97724590107d2e5b4e75a276
GET /std/libraries/img/favicon.ico HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/app/loading_auth.php
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:52 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:58 GMT
Accept-Ranges: bytes
Content-Length: 1729
Cache-Control: max-age=604800
Expires: Sun, 02 Oct 2022 02:09:52 GMT
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: image/x-icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 3-257, spot sensor temperature 0.000000, unit celsius, color scheme 0, show scale bar, calibration: offset 0.000000, slope 241253891388563521536.000000\012- data
Hash b3a72e81317074689a71dac7059e4b6a
b6d56333d7f1ea7ddc8838d84de498ff913c5464
e665a8821b5e7b2e78787647a08d629bf70cbf4cbfee2057c8601cf0565154a1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1deb918e-bcb0-4629-aaa7-0ae0322969be.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12826
x-amzn-requestid: f075cf62-acfc-4bc1-be14-7c3dafb7aaed
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfVRNFP-oAMFgrA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322cf3a-184b678042d64ac9266b1128;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:07:38 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: W6ZD1652Yn1xqZG7ehDcirlYoG8Hcsrdj11Fzfgj7zb-OiU8xHj1gw==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:32 GMT
age: 16340
etag: "b6d56333d7f1ea7ddc8838d84de498ff913c5464"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dfdacc8edea3c24dad020d7e9c11b3f4
2b6e37596e88b62f288dc8e8c937fd904fae28d5
338a44f3bcc01bdd197f037dd8f8bf58a18dea00127465488efe76fb72a6fdff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c48523c-250d-4030-8145-14c8967dc600.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8914
x-amzn-requestid: 8cfdc32e-f04a-4fd6-a1f1-632934a682fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_EUHqJoAMF7MQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f7881-14a6d8ef126409964607e0aa;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:37:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kdF6En2vbJhRH1bkYMOuNm5XOIsT1qs3FE281N1SKn1FbyW-oNZsEw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:37:06 GMT
age: 16366
etag: "2b6e37596e88b62f288dc8e8c937fd904fae28d5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9d59e1bbd58ff8c5fe5faecb58149601
ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd
c16a2adaeaabbe45801ab5d12ceaeab587b525b4959933f53a9c8dcdb12aec68
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b4f012b-e562-4fc6-aab8-ec2ffc328b6d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7757
x-amzn-requestid: 3092c81c-f703-403a-b718-e18f035f9464
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YpOJQFUWIAMF7Pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6326c3d4-565f665c7e34294079703141;Sampled=0
x-amzn-remapped-date: Sun, 18 Sep 2022 07:08:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hc0cpj1kMbAQqcM0ooSgEdS8nPP0m4FJD1bHdY7jN2OENNsJF_gluA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 07:19:33 GMT
age: 67819
etag: "ad7f5ed3a5f6923a0b1bb093bbc0f31a44fd0bcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
abx.myweightlosssystem.com/std/libraries/fonts/bentonsans/regular/bentonsans-regular-webfont.woff
50.87.150.176200 OK 12 kB URL HTTP/1.1 abx.myweightlosssystem.com/std/libraries/fonts/bentonsans/regular/bentonsans-regular-webfont.woff
IP 50.87.150.176:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 11864, version 1.0\012- data
Hash 90c8551151f406b6cc3f53ea70e84d06
016fdd1e48560897281ba28c4219491b856a44ce
0402b8e6e3b789ffec9618f6baea5b80a5c7d20a44394327a4d5a8e5ee369acf
Analyzer Verdict Alert fortinet Phishing
GET /std/libraries/fonts/bentonsans/regular/bentonsans-regular-webfont.woff HTTP/1.1
Host: abx.myweightlosssystem.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/std/libraries/css/app.min-blessed41.css?z=1612885494473
Cookie: PHPSESSID=f4cdd7136e395c87423cf8c307b88487
HTTP/1.1 200 OK
Date: Sun, 25 Sep 2022 02:09:52 GMT
Server: Apache
Last-Modified: Tue, 09 Aug 2022 23:29:58 GMT
Accept-Ranges: bytes
Content-Length: 11864
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: font/woff
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3d067ed4eb64039d49ea737fd07d77d6
839d6ce936dd29d595470f3ff2989cb548f0f58b
80cf6dbb6a82998d0fcfc5018904e4ca9a6d4027f2410787b0ca7b0cbaa04c70
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6280
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 25 Sep 2022 02:09:52 GMT
Last-Modified: Sun, 25 Sep 2022 00:25:12 GMT
Server: ECS (amb/6BC7)
X-Cache: HIT
Content-Length: 279
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a89e7161745036637a66e8ab5b7efdf9
79c83cc27996b2339bd63764dbb2ae9744db6d70
13b990c3c6a9bee6def25d007e14628c52e427b6f4c718895b1817d5e8e59760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0737a7ae-3ae7-4fe5-b739-e988b295c795.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 8715
x-amzn-requestid: d5e237f4-4c0e-4e3b-b3ae-ea1eb5b7cafc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y5JmTEAwIAMF_Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632d22f4-48a975a866edc1755858600f;Sampled=0
x-amzn-remapped-date: Fri, 23 Sep 2022 03:07:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: IVWTWArqWNBCHmVFP9mQm4bAi4f5pq7wJX2ve-ksyx2xmNqHz5pX8A==
via: 1.1 44cd593d82a2d200a94217033c614c6a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 03:28:42 GMT
age: 81677
etag: "79c83cc27996b2339bd63764dbb2ae9744db6d70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14f002009f65f578b930d04203ba700a
7191af2da71fc0c7e3ca17b9f0b0132fc3cdc5b5
fafe43cbdfc56b72318d77bd5d30886bc4370a3f087df3bbbcb61b18ea0bbf81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ff2e4f2-f486-42c3-8a19-b33169da91f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10627
x-amzn-requestid: f765ace2-73b4-493e-bf09-de605d64f283
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y-_Z3EfXoAMFRFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632f790b-564393940c6453de719f30a0;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 21:39:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zYwkYYb6vxPU2kAKvbKNpWkil9OsWKTDOgSlI79kR4Ysvo5BE6PTlw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 24 Sep 2022 21:56:29 GMT
age: 15211
etag: "7191af2da71fc0c7e3ca17b9f0b0132fc3cdc5b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
onlinebanking.standardbank.co.za/assets/images/moving_forward/welcome_background.jpg
104.17.173.38200 OK 0 B URL HTTP/2 onlinebanking.standardbank.co.za/assets/images/moving_forward/welcome_background.jpg
IP 104.17.173.38:0
GET /assets/images/moving_forward/welcome_background.jpg HTTP/1.1
Host: onlinebanking.standardbank.co.za
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://abx.myweightlosssystem.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 25 Sep 2022 02:09:53 GMT
content-type: image/jpeg
cache-control: max-age=0, must-revalidate
cf-bgj: h2pri
content-security-policy: default-src 'self' https: 'unsafe-inline' https://*.standardbank.co.za:* https://unpkg.com https://*.advanced-web-analytics.com; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*.standardbank.co.za:* https://accstandardbank.d1.sc.omtrdc.net https://monstat.com https://maps.googleapis.com https://*.google.com https://unpkg.com https://*.gstatic.com https://*.krxd.net https://*.demdex.net https://www.googletagmanager.com https://*.facebook.net https://*.facebook.com https://assets.adobedtm.com; img-src 'self' https://*.standardbank.co.za:* https://monstat.com https://accstandardbank.d1.sc.omtrdc.net https://*.krxd.net data: https://cm.everesttech.net https://*.demdex.net https://*.google.com https://*.gstatic.com https://*.atdmt.com https://*.facebook.net https://*.facebook.com;
etag: "13b29-5e54059835480"
expires: Wed, 11 Jan 1984 05:00:00 GMT
last-modified: Tue, 02 Aug 2022 11:23:46 GMT
referrer-policy: strict-origin
strict-transport-security: max-age=31536000; includeSubDomains
x-backside-transport: OK OK
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-global-transaction-id: 5bf4314a63162c81bec02e0d
x-xss-protection: 1; mode=block
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7500385f2b290b02-OSL
X-Firefox-Spdy: h2