Report - labreled25.temp.swtest.ru/AG/Pr

Report Overview

Submitted URL
labreled25.temp.swtest.ru/AG/Pr
IP
77.222.61.35
ASN
#44112 SpaceWeb Ltd
Submitted
2022-11-09 09:16:10
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
22

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-10T05:10:00Z	333 B	229 B	34.117.237.239
labreled25.temp.swtest.ru	unknown			6.9 kB	738 kB	77.222.61.35
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-10T05:09:10Z	2.0 kB	5.3 kB	23.36.76.226
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-10T13:49:44Z	682 B	1.6 kB	93.184.220.29
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-10T14:37:36Z	1.0 kB	95 kB	216.58.207.195
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-10T05:10:02Z	606 B	127 B	44.236.232.139
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-10T05:10:04Z	3.2 kB	64 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-10T12:25:49Z	439 B	746 B	142.250.74.10
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-10T05:12:35Z	413 B	5.9 kB	34.160.144.191
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-10T05:11:10Z	2.1 kB	4.2 kB	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-09	medium	labreled25.temp.swtest.ru/AG/Pr	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/jquery.CardValidator.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/jquery.validate.min.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/jquery.mask.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/style.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/jquery.min.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/angular.min.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/popper.min.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/main.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/bootstrap.min.js	Phishing
2022-11-09	medium	labreled25.temp.swtest.ru/AG/style/js/fontawesome.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (10)

	URL	Size	First Seen	Last Seen
	labreled25.temp.swtest.ru/AG/style/js/jquery.validate.min.js	23 kB	2023-03-07	2024-04-04
Pretty URL labreled25.temp.swtest.ru/AG/style/js/jquery.validate.min.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:18:59 Last Seen2024-04-04 19:10:32 Times Seen88 Hash ab0a010d6c19ed9c1459ba158e015b5e 95b47b9252cc7a585417c6546df4e81d2c158647 cd8873d8c03fd90eacd976f57b300327972964a89c7ac37d27e369d0324b9999 Loading...

	labreled25.temp.swtest.ru/AG/style/js/jquery.mask.js	18 kB	2023-03-07	2024-04-18
Pretty URL labreled25.temp.swtest.ru/AG/style/js/jquery.mask.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06:19 Last Seen2024-04-18 14:41:17 Times Seen3564 Hash 219d169a80568884a3d6baab3e5e7def 61d00104de8c972c820cd9b527d8e2edb30e5c4a cf1f0d954cbbbcb32d170b1ff68c5b082a1086f34f2bbee825ca88b7c9fb213a Loading...

	labreled25.temp.swtest.ru/AG/style/js/bootstrap.min.js	59 kB	2023-03-07	2024-04-09
Pretty URL labreled25.temp.swtest.ru/AG/style/js/bootstrap.min.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:33:40 Last Seen2024-04-09 18:17:54 Times Seen1849 Hash 0f9ea8d6bb66dbed6e0966f9da35b7fd 8095a33f75ca53aa5409b8bf00ea30372755092d 306ab8dd287ef041231a510b7e4c027a11e28b20c3408a9185d895c091dc72a4 Loading...

	labreled25.temp.swtest.ru/AG/style/js/jquery.CardValidator.js	6.4 kB	2023-03-07	2024-04-15
Pretty URL labreled25.temp.swtest.ru/AG/style/js/jquery.CardValidator.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:35 Last Seen2024-04-15 09:41:25 Times Seen437 Hash fb905575d35b1762182c0bdb0156a8e7 5d7364bb8423174608a55975e985138b09ef16f0 2e31f31633d04598c60731878851d821eaa4403af63b930d58bb10bc9c0428a2 Loading...

	labreled25.temp.swtest.ru/AG/style/js/angular.min.js	167 kB	2023-03-07	2024-04-18
Pretty URL labreled25.temp.swtest.ru/AG/style/js/angular.min.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:29 Last Seen2024-04-18 14:41:17 Times Seen3424 Hash be6af23e2a716c006da75d0291784254 9c923313eabc56d715a7c07bf855feb26a72f671 8c50aa8567731858e81bcfd2027718d9a7c8fd7bf54cf496499adbf5da5741b9 Loading...

	labreled25.temp.swtest.ru/AG/style/js/popper.min.js	20 kB	2023-03-07	2024-04-18
Pretty URL labreled25.temp.swtest.ru/AG/style/js/popper.min.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:57 Last Seen2024-04-18 11:38:27 Times Seen1793 Hash a22f3f7e61af6a069aa6b422537c3f49 682fdc625ae80a890d10af2cb16e62540e2186a8 d2b9f29ea1f42a60a8beb1c04f76868287f2a48d6ec50fb39d6b888584a03c49 Loading...

	labreled25.temp.swtest.ru/AG/style/js/style.js	2.1 kB	2023-03-07	2024-04-06
Pretty URL labreled25.temp.swtest.ru/AG/style/js/style.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:18:59 Last Seen2024-04-06 08:08:56 Times Seen260 Hash 36fd82a1ac14727f740a7d3e35b1c552 1f989be5cf460ef4b015f89ef22a61a2365148fe 86c051eb57fe97e4dc99fd4cba7334c3faef8e6d3655da6f2b04176f523d96f5 Loading...

	labreled25.temp.swtest.ru/AG/style/js/fontawesome.js	1.1 MB	2023-03-07	2024-04-06
Pretty URL labreled25.temp.swtest.ru/AG/style/js/fontawesome.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:02:27 Last Seen2024-04-06 08:08:56 Times Seen737 Hash 02dc00e986773a2294d5ce33ef02e442 d0f4ff24480d518ca8301e4d7df51cd9f1b1b9ae 16e8f08eb363930ccc9f0e91f33ded7905fed943045a040078196294db8a9b17 Loading...

	labreled25.temp.swtest.ru/AG/style/js/main.js	4.2 kB	2023-03-07	2024-04-06
Pretty URL labreled25.temp.swtest.ru/AG/style/js/main.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:18:59 Last Seen2024-04-06 08:08:56 Times Seen492 Hash a96bf5940e256da7dffc0b2e2a1c8f0e db3204906004db53388937310e635d7c6b412f98 8965eaf1598037b1a608ede6ff9633e6944b70039d631f80f635e25c79030da8 Loading...

	labreled25.temp.swtest.ru/AG/style/js/jquery.min.js	88 kB	2023-03-07	2024-04-16
Pretty URL labreled25.temp.swtest.ru/AG/style/js/jquery.min.js IP 77.222.61.35 ASN #44112 SpaceWeb Ltd Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:24:01 Last Seen2024-04-16 22:03:47 Times Seen7557 Hash f832e36068ab203a3f89b1795480d0d7 2115753ca5fb7032aec498db7bb5dca624dbe6be 4c24dfd28784ad2befb3dafaac6bf1ed4e7cd58cce713d9a0b228d426e812baf Loading...

HTTP Transactions (44)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aabe410b4bbe4d8beb0e4561d3aa158e
e1788632902ddea62cdd9e7ad6009a75ffb69788
ad535e27b201e92670770b2b868c58f7c05633ec66490a41ef4592f062834c1f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AD535E27B201E92670770B2B868C58F7C05633EC66490A41EF4592F062834C1F"
Last-Modified: Wed, 09 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11328
Expires: Wed, 09 Nov 2022 12:24:46 GMT
Date: Wed, 09 Nov 2022 09:15:58 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7908acd0c083145e2b454aaeb063c236
0696647bb0a4118327f637a50ebcc21bac39d592
ffc30b68df0b33d67f31e37bbf5ae5cf4c23e1c8b8197bf76a95ee06bec4cd36

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5347
Cache-Control: max-age=96260
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:58 GMT
Etag: "636a2fef-1d7"
Expires: Thu, 10 Nov 2022 12:00:18 GMT
Last-Modified: Tue, 08 Nov 2022 10:31:11 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dc90abd8b3ea8e75a68c144d74d75788
1ce29dca1ee9ca8931397de31ffb6cf7833baaf8
807000997bcf1b7a1fa35e43908cbfa54cd1704a5a0f53c09e1ae154638f10e0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "807000997BCF1B7A1FA35E43908CBFA54CD1704A5A0F53C09E1AE154638F10E0"
Last-Modified: Tue, 08 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11703
Expires: Wed, 09 Nov 2022 12:31:01 GMT
Date: Wed, 09 Nov 2022 09:15:58 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: p55G5S42x9OAr5mQq++Io4bfhzrpDsxkml5PfVfLWi+yJtOAtqcIJpDuUnzq7s/nm9b/OgiLi+MUO+Cbv23oMA==
x-amz-request-id: 3R45EHQ8SQPVMX55
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 09 Nov 2022 08:48:55 GMT
age: 1623
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 09 Nov 2022 09:15:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

labreled25.temp.swtest.ru/AG/Pr

77.222.61.35

200 OK

3.6 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/Pr
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (15746)
Size
3.6 kB (3583 bytes)
Hash
7bfb1f6af89d729cf159f5c33bc476c4
33b90ecaaa39f309ced2e54b70f178631240b43a
b9d829d4fe8517eb4e7e2ebd8ab99a94f35a63bbf8e35375388e6d68c948072f

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/Pr HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
X-Powered-By: PHP/7.1.33
Set-Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/jquery.CardValidator.js

77.222.61.35

200 OK

2.1 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/jquery.CardValidator.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text
Size
2.1 kB (2083 bytes)
Hash
5e3812c918f22e125f3ea8c08bceaf76
d5e6624b80474ea77e1adb60db6b0ded24205627
31d0740c9a71776c253640a6915be5b120d3e90b6765d1d46f94c72a908b185e

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/jquery.CardValidator.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:57 GMT
ETag: W/"7260ffe-18df-5ecd339e51568"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/jquery.validate.min.js

77.222.61.35

200 OK

7.4 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/jquery.validate.min.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
Unicode text, UTF-8 text, with very long lines (22900)
Size
7.4 kB (7433 bytes)
Hash
5a81b0a98410f032075aba256389756b
3c64a5ddb2d771d9309e7b0f09fe5e7ba5fe802a
732955ec0498bf6798e97ec294933d46d3ada956d462e750eff496b21993e7c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/jquery.validate.min.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:54 GMT
ETag: W/"7260ff6-59fe-5ecd339bdc300"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/jquery.mask.js

77.222.61.35

200 OK

4.9 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/jquery.mask.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text
Size
4.9 kB (4948 bytes)
Hash
72561daefcabe07fcd6e4a000ce2b1f9
29f4b8a00c67c6d29e8beb9cbe1fcc040bfc4bf5
3a19e4fd29ca6cd5ba35dd0f38915107a432a326280051d32ca2b16af7d668b7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/jquery.mask.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:56 GMT
ETag: W/"7260ffb-47fe-5ecd339d7f220"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/style.js

77.222.61.35

200 OK

819 B

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/style.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text
Size
819 B (819 bytes)
Hash
e60b04983b6d40b4343c6f5ff3c080e4
ddf865e21f7bad03990bf10072f43a760196f457
beb476c7e3a305beb253e5ac14eebd5975fc6c2e1003faf5ddc08a782d33dc20

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/style.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:56 GMT
ETag: W/"7260ffc-859-5ecd339dd4950"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/jquery.min.js

77.222.61.35

200 OK

31 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/jquery.min.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (65451)
Size
31 kB (30715 bytes)
Hash
f8a10c76294be4282d55a848bb39b30f
1d7abbd795999774bc36977cd11d56488587d4c4
0266e9b70e37bd2a3d4a5d0a9460eb7b766e9c2efa1299555217b591ac623dff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/jquery.min.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:58 GMT
ETag: W/"7260fff-15850-5ecd339f84390"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/angular.min.js

77.222.61.35

200 OK

58 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/angular.min.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (566)
Size
58 kB (58485 bytes)
Hash
7fea74563a0d2d9bb508a51c6e322b22
0a62a90f9a99d185e1bce49dabea132e0edb468a
8e65040e11a39214c1bb095831fc24b0e6799a732627f7d682c48442eeff2bfd

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/angular.min.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:55 GMT
ETag: W/"7260ff7-28cdb-5ecd339c50278"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/popper.min.js

77.222.61.35

200 OK

7.2 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/popper.min.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (20164)
Size
7.2 kB (7238 bytes)
Hash
099db3361d831812de10e38c51dbd0d1
908dc3f88b1adc83d9145435a9a1641ce29a3eda
3c313ab75fd2a62dd8e0f5d8873b512716a02bbf845626803c54252ee3e457cf

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/popper.min.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:59 GMT
ETag: W/"7261003-4f70-5ecd33a0c8af8"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/css/bootstrap.min.css

77.222.61.35

200 OK

21 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/css/bootstrap.min.css
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (65324)
Size
21 kB (21050 bytes)
Hash
6416cbec949fa843a85c7ac285bb9245
94173c891940336570801e9c8ce3f85427d41c70
631d8a942c958f1b03cab6822d5f25b7221a24bbb2d60ec49bdf40295e1483ef

HTTP Headers

GET /AG/style/css/bootstrap.min.css HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:52 GMT
ETag: W/"7260ff3-22688-5ecd3399cdd20"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/css/helpers.css

77.222.61.35

200 OK

4.6 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/css/helpers.css
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (40872)
Size
4.6 kB (4561 bytes)
Hash
e0e7bfc10e1f71b4892befbf24374745
e537e7e1ad3424f6723af70fee6fbcaebc7f3317
d9c5930198e4e446e1a601003d95397f963da9aa8d9b399b6b83aba2b8ab5a29

HTTP Headers

GET /AG/style/css/helpers.css HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:52 GMT
ETag: W/"7260ff4-9fa9-5ecd3399e92a0"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/css/fonts.css

77.222.61.35

200 OK

272 B

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/css/fonts.css
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text
Size
272 B (272 bytes)
Hash
ce5be47f5ca6850b9d1c715ab706459d
9655056deecba7315ca72742da1de44bf4ffc7f0
4069a227b95cc542164e30fef92d995a8e8d55d62799aa88531e24b9145152be

HTTP Headers

GET /AG/style/css/fonts.css HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:52 GMT
ETag: W/"7260ff5-556-5ecd339a3f1a0"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/css/main.css

77.222.61.35

200 OK

2.3 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/css/main.css
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (10363)
Size
2.3 kB (2344 bytes)
Hash
e2f1767ba8c133485ed0de06599769c0
0f07dabddaf9270f2f94c1c554c29fc617fb29b6
dbdbcfa77b252eac505784012d171d8b1918d6729d70f152b045820399fa0655

HTTP Headers

GET /AG/style/css/main.css HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:51 GMT
ETag: W/"7260ff2-287c-5ecd33991ffe0"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/main.js

77.222.61.35

200 OK

954 B

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/main.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
Algol 68 source text\012- Pascal source, ASCII text
Size
954 B (954 bytes)
Hash
a52c0eaf80d25c193d1dabe225c29769
ccb860fa0d426bcdaff1db1a47f40080d27b4252
4b534aa4619cab7341addd7f269604234267887f6e2e5b15325499703153e1de

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/main.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:58 GMT
ETag: W/"7261000-1092-5ecd339fd21a8"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/js/bootstrap.min.js

77.222.61.35

200 OK

15 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/bootstrap.min.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (59058), with no line terminators
Size
15 kB (15336 bytes)
Hash
ee1256b5b52bb54c61a5bd830b57890e
4b5b0bf0609f18a265ee410044c1d980f0526244
0b8c25aafc1308b83d904cf9e358e8043e286d5e01f5f825e5234c305bba5bbc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/bootstrap.min.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:59 GMT
ETag: W/"7261002-e6b2-5ecd33a0a19f8"
Content-Encoding: gzip

labreled25.temp.swtest.ru/AG/style/CADIF_logo_horizontal_rvb_v4.png

77.222.61.35

200 OK

19 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/CADIF_logo_horizontal_rvb_v4.png
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
PNG image data, 350 x 105, 8-bit/color RGBA, non-interlaced\012- data
Size
19 kB (18782 bytes)
Hash
71cb5c78702e00ffb116f88d9280896a
d32b9b4f245643b1e4477f923b12a4d17d50cc3d
f8e9befa13e3ff93d974729ae3c727461555d582bb63bb388a4bd497619ef20b

HTTP Headers

GET /AG/style/CADIF_logo_horizontal_rvb_v4.png HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: image/png
Content-Length: 18782
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sun, 06 Nov 2022 20:33:44 GMT
ETag: "7260fe0-495e-5ecd3391d6837"
Accept-Ranges: bytes

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
2a47d129a3af5f02c654faf925c60273
9ad27ed9f4500c939260a677c12e702599b00fa9
0e031af077bf7009ffefada782407a247bbd31bddc96994c68de7bfe902bf992

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4572
Cache-Control: max-age=90419
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Etag: "636a1c26-1d7"
Expires: Thu, 10 Nov 2022 10:22:58 GMT
Last-Modified: Tue, 08 Nov 2022 09:06:46 GMT
Server: ECS (ska/F710)
X-Cache: HIT
Content-Length: 471

labreled25.temp.swtest.ru/AG/style/js/fontawesome.js

77.222.61.35

200 OK

387 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/js/fontawesome.js
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
ASCII text, with very long lines (65351)
Size
387 kB (387142 bytes)
Hash
301e1321cd6a35b018619d7be6692ae5
2de256c79dd84078250476b7b13815925d3adfd1
fb0afe09ff52edab4f9d3444f0b879ccefd62622b48e9a757fbaef981b5eab26

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /AG/style/js/fontawesome.js HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=10
Vary: Accept-Encoding
Last-Modified: Sun, 06 Nov 2022 20:33:58 GMT
ETag: W/"7260ffd-10314a-5ecd339f59410"
Content-Encoding: gzip

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
2cc2a9c89cbd9d2da1fd4a79a7d8b1d8
b2a4971855e26ff842f71d5dd4fff2596a83bd59
3bdf6aea6d003d0b087c13a74034f422cb09a59fd5c97b2b48ce590dfca6109a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://labreled25.temp.swtest.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Nov 2022 05:42:51 GMT
expires: Fri, 03 Nov 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 531188
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2

216.58.207.195

200 OK

48 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 47952, version 1.0\012- data
Size
48 kB (47952 bytes)
Hash
17b406b7b8caa297435fa358e194f5a1
e2132f0e97781af56fa966c0fabb49132f2af203
84161c46238fff2c6920ebc28f02cddd7b710cf3d1107853f540b084320f6afd

HTTP Headers

GET /s/opensans/v34/memtYaGs126MiZpBA-UFUIcVXSCEkx2cmqvXlWqWuU6F.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://labreled25.temp.swtest.ru
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 47952
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 07 Nov 2022 18:59:14 GMT
expires: Tue, 07 Nov 2023 18:59:14 GMT
cache-control: public, max-age=31536000
age: 137805
last-modified: Mon, 15 Aug 2022 18:22:41 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.35

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.35:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4dc4a177d25f666a9ba1cf6225354467
8975f2e5cc9cadc4a1e369da45471eb1f0830c5e
6c9e54a13abc265cac7bdee51c6fa49e5e7590fec7a1cc99096c384dabef31be

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 09 Nov 2022 09:15:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

labreled25.temp.swtest.ru/AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg

77.222.61.35

200 OK

165 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=19, height=3264, bps=0, compression=none, PhotometricIntepretation=RGB, description=11 d\303\251cembre 2015, manufacturer=Canon, model=Canon EOS-1D Mark IV, orientation=upper-left, width=4896], baseline, precision 8, 960x640, components 3 DIY-Thermocam raw data\012- (Lepton 2.x), scale 26228-27759, spot sensor temperature 0.000000, unit celsius, color scheme 0, calibration: offset 75594131500502762294377185280.000000, slope 18524499018441621041854808064.000000\012- data
Size
165 kB (165217 bytes)
Hash
9185fa780a0576f2043bb631d7b4269c
4a4da7e75f2fc8df41652d9c3ffa277c301bbf04
e07a9ccc231bfc6a4f4ef7d64b1c2df670d9ac347d0d3e4cb4ad04c2133e07f5

HTTP Headers

GET /AG//style/fermeture-agence-travaux-DAB_septembre2020.jpg HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/style/css/main.css
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:15:59 GMT
Content-Type: image/jpeg
Content-Length: 165217
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sun, 06 Nov 2022 20:33:44 GMT
ETag: "7260fe1-28561-5ecd339262e4f"
Accept-Ranges: bytes

push.services.mozilla.com/

44.236.232.139

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.236.232.139:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kciSdkS9v0R6A++BzNxCNQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: BCmxCYdR4KGKL42m2EURyD/SgrE=

labreled25.temp.swtest.ru/AG/style/favicon.png

77.222.61.35

200 OK

1.8 kB

URL HTTP/1.1
labreled25.temp.swtest.ru/AG/style/favicon.png
IP
77.222.61.35:0
ASN
#44112 SpaceWeb Ltd

File type
PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Size
1.8 kB (1793 bytes)
Hash
ed9c56116b458dfeef180879add56940
f661f922f0bfdf0d2d470aea158eb77d49b5bb26
0c6849d4541c1b5d297b7e48dc2c13d43c357610effd13e1a90929b6638205e0

HTTP Headers

GET /AG/style/favicon.png HTTP/1.1
Host: labreled25.temp.swtest.ru
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/AG/Pr
Cookie: PHPSESSID=e117b8429cce3ab860bd8f8d92b40c6c

HTTP/1.1 200 OK
Server: nginx/1.19.1
Date: Wed, 09 Nov 2022 09:16:00 GMT
Content-Type: image/png
Content-Length: 1793
Connection: keep-alive
Keep-Alive: timeout=10
Last-Modified: Sun, 06 Nov 2022 20:33:45 GMT
ETag: "7260fe5-701-5ecd33938feb8"
Accept-Ranges: bytes

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13569
Expires: Wed, 09 Nov 2022 13:02:10 GMT
Date: Wed, 09 Nov 2022 09:16:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13569
Expires: Wed, 09 Nov 2022 13:02:10 GMT
Date: Wed, 09 Nov 2022 09:16:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13569
Expires: Wed, 09 Nov 2022 13:02:10 GMT
Date: Wed, 09 Nov 2022 09:16:01 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4599ea4ab89bca0461dfc4e86cf90610
d513a3fca97e06dbc1a6cdd02fbdd3c7253c865a
6056ef181a66539dd449318a89c133c3711e3244394126a66b8ebd29cff4692b

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6056EF181A66539DD449318A89C133C3711E3244394126A66B8EBD29CFF4692B"
Last-Modified: Tue, 08 Nov 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13569
Expires: Wed, 09 Nov 2022 13:02:10 GMT
Date: Wed, 09 Nov 2022 09:16:01 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12510 bytes)
Hash
e3d20f900a883cec8e0cab687df8a251
1105130523fb346dbab9ad2bb8d71c3f505425ce
b5ade9b1302479c4589eb659125d0111c55bb4520d72501cc47b295fd65e8a6e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F892db5b6-1bca-4d8f-b844-3201ef7b3ef0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12510
x-amzn-requestid: ad966326-25a8-44df-880a-608572bf2538
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTTuExNIAMFilA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc17-4eaa4fda178720702d9a9583;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Xombu_yzlbxHa6C2uPHFwR_ufnmPaEMna2B1rkj71iyxBe8J5QJQ5g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "1105130523fb346dbab9ad2bb8d71c3f505425ce"
content-type: image/jpeg
age: 41550
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.8 kB (9792 bytes)
Hash
b2690c9cc30d7974ed39c4d680d9cb93
132e96b7579376ccf4c868f33c8229ab534b45ea
c17b9b14a7347b0d4cd6ea2b5a44e47abc6e6cdba5c3ed082342da752eb6f8f0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f9389c7-c025-4f6b-b922-12f7edbee6c5.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9792
x-amzn-requestid: 901422d7-08e6-46ac-a8a2-efd52057cde8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: atDvMGq2oAMFq_g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-635b7ffa-17055cbc5c8a0172775650a6;Sampled=0
x-amzn-remapped-date: Fri, 28 Oct 2022 07:08:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _gxyiSMPprOgpFE9C9vxM-wnqV0qWmtM34Lf53c88OUgGefMhxDGOQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:42:49 GMT
age: 41592
etag: "132e96b7579376ccf4c868f33c8229ab534b45ea"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10462 bytes)
Hash
4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 43480a38-fd89-4c47-b8c4-e6ba90b1321c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aMF6oEz_oAMF8Hg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634e5043-6617fd2e59cab00135301cdd;Sampled=0
x-amzn-remapped-date: Tue, 18 Oct 2022 07:05:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: C7GYpM3mXSf0hVyGO9Zzlxa3IHXHdyPlXsvr3i0GoQnaPZF6lO-OwA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 06:24:20 GMT
age: 10301
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.1 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.1 kB (5125 bytes)
Hash
e265c87faef55af1d47d72286d93268a
b97207d04eced8e6412f60c3764cdb527cce26d0
bf3f4fc715e107947c5bf3d622fbf9de1f591649a5008d8790a23463aa8703db

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a8ff193-2f9a-4dbd-aabc-a70f9abdf169.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5125
x-amzn-requestid: c4f7c3d2-4c43-442e-a477-84a5baf6ff49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bM4rXGdcoAMF5zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63683b15-1aec78204d291cfe5061d179;Sampled=0
x-amzn-remapped-date: Sun, 06 Nov 2022 22:54:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZH49PpL-lN1JhCh03uyZJqRLu5vHF1RDMIBKKCvHOaKYdDOASOdUcw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:50 GMT
age: 41531
etag: "b97207d04eced8e6412f60c3764cdb527cce26d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11723 bytes)
Hash
251feed4603d868ab84aa13c9b8edbdb
381a81a8dcff741612c76f5fdfb42bc13372a119
2dc3848fa2917b3b909e39104657601f41876935b217371a50ee15f778e5a9f5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ec06e64-918f-480d-ac05-7fea783ee61f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11723
x-amzn-requestid: 955f8ec3-9815-48ff-aa6a-250956377cdf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bTTVLFo5oAMF2UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636acc20-70e216d808330566039aee89;Sampled=0
x-amzn-remapped-date: Tue, 08 Nov 2022 21:37:36 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: hcOJnYBsbAtMobcAC_q19cCoOChDcKs-oIspAtNKskbYnoSHz2NmEg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 08 Nov 2022 21:43:31 GMT
etag: "381a81a8dcff741612c76f5fdfb42bc13372a119"
content-type: image/jpeg
age: 41550
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fc93e21-4183-4c02-95b0-b3d44d9d41f6.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.5 kB (7501 bytes)
Hash
1c688c72a0a785ef6d485c2ba57ed11a
032f4a224f693fafc9e57e24d1e760e494c2b1e5
19990655154191d879c0b7c92cfed9e93b41eec55e6752e1b3f2ea95df542831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0fc93e21-4183-4c02-95b0-b3d44d9d41f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7501
x-amzn-requestid: d5f757b6-d4b7-4311-9c39-014fa73e59b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDB3qGCToAMFQdQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636449ca-29cb4d1873338ce60014656d;Sampled=0
x-amzn-remapped-date: Thu, 03 Nov 2022 23:07:54 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jSbuUmU-CCrtRFPF6xfIwdDO9-57uPcrsAVKIbJu5D9_Der2UFP20w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 09 Nov 2022 05:36:59 GMT
age: 13142
etag: "032f4a224f693fafc9e57e24d1e760e494c2b1e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css?family=Open+Sans:300,300i,400,400i,600,600i,700,700i,800 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://labreled25.temp.swtest.ru/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 09 Nov 2022 09:15:59 GMT
date: Wed, 09 Nov 2022 09:15:59 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (10)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations