Report - charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5

Report Overview

Submitted URL
charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5
IP
3.124.99.72
ASN
#16509 AMAZON-02
Submitted
2023-01-29 07:42:33
Access
Website Title
Final URL
Tags
coinbase crypto phishing
urlquery detections
Phishing - Coinbase

Detections

urlquery
15
Network Intrusion Detection
0
Threat Detection Systems
32

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
charweredrepicks.com	unknown	2023-01-16T09:19:12Z	2023-01-29T08:18:47Z	486 B	805 B	3.124.99.72
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
caosainasbsbaselwalle.azurewebsites.net	unknown	2023-01-28T19:13:50Z	2023-03-05T23:30:33Z	6.2 kB	919 kB	20.119.0.18
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-13T05:09:47Z	1.4 kB	2.8 kB	142.250.74.131
cdn.livechatinc.com	6288	2012-06-22T10:37:34Z	2023-03-13T05:22:02Z	2.6 kB	139 kB	95.101.10.202
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	52.33.66.202
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	62 kB	34.120.237.76
api.livechatinc.com	5353	2013-12-20T15:27:35Z	2023-03-13T05:22:02Z	2.2 kB	6.7 kB	95.101.10.202
secure.livechatinc.com	6541	2012-08-20T21:27:12Z	2023-03-13T05:22:03Z	606 B	2.7 kB	95.101.10.202
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-13T08:14:31Z	507 B	2.3 kB	142.250.74.106
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-13T08:44:36Z	1.0 kB	33 kB	142.250.74.67
accounts.livechatinc.com	7698	2017-07-31T07:50:56Z	2023-03-13T05:22:04Z	478 B	1.6 kB	23.36.79.16

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

Scan Date	Severity	Indicator	Alert
2023-01-28	medium	charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase
2023-01-28	medium	caosainasbsbaselwalle.azurewebsites.net/	Coinbase

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-01-29	medium	charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	caosainasbsbaselwalle.azurewebsites.net/assets/js/jquery-3.5.1.min.js	90 kB	2023-03-07	2024-04-25
Pretty URL caosainasbsbaselwalle.azurewebsites.net/assets/js/jquery-3.5.1.min.js IP 20.119.0.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:09 Last Seen2024-04-25 09:44:26 Times Seen14178 Hash b61aa6e2d68d21b3546b5b418bf0e9c3 9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7 f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b Loading...

	caosainasbsbaselwalle.azurewebsites.net/assets/js/popper.js	5 B	2023-03-07	2023-04-05
Pretty URL caosainasbsbaselwalle.azurewebsites.net/assets/js/popper.js IP 20.119.0.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2023-04-05 01:37:55 Times Seen13 Hash a681c6a002989832645ed26b766c7afa 3aa6f328e7b62d7ac606fda4b4347c6b1e2e4504 73e2bd6cbb99261733caf137015d5cc58e3f96248d8b01da68be8564989dd906 Loading...

	caosainasbsbaselwalle.azurewebsites.net/	747 B	2023-03-13	2023-03-13
Pretty URL caosainasbsbaselwalle.azurewebsites.net/ IP 20.119.0.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:21:39 Last Seen2023-03-13 12:54:57 Times Seen1 Hash 8c229c422f4a5c2eeeaad812d126daaa 08c7dea2ddb6e4a74a0c0d598ec3870795beaff2 6d5bb82a132d729774b5717af7c55bc23b6227551f805ab1340b200ccf17f3f3 Loading...

	caosainasbsbaselwalle.azurewebsites.net/	154 B	2023-03-07	2024-04-18
Pretty URL caosainasbsbaselwalle.azurewebsites.net/ IP 20.119.0.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2024-04-18 06:16:09 Times Seen156 Hash d0e637757a110c79abcca69eb6b11c47 c56a3950b959f0d612c09b974c2fc8726ea0f9bb 2e61946c1b30a901556e71def528a946276bc5e480cdf230c8d19c2a1e2b00ba Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0	105 B	2023-03-07	2023-04-05
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:18 Last Seen2023-04-05 02:06:41 Times Seen330 Hash d30bfddcdb3764a782b7c8584021d1d6 64ed02149d0db57e6c1d68992361d7c1330a663a 5a8894efd9ef253bc344f5587ea4fb4f4b8da39d4dbd49a390c2302898411623 Loading...

	secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0	2.5 kB	2023-03-13	2023-03-14
Pretty URL secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:07 Times Seen1 Hash 0adfdee1bff3ae07357fcfca6cafc1fc 653c2a38a1047e3c6384942a315ab8b67e676e65 a8b49021237400981adbe4b95cf0f8a17c87ea0a1f88191ee0ccadc66b370ce6 Loading...

	cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js	764 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:26:06 Times Seen1 Hash 90cad0f1a20bbe0c7b70af650ab7491a e666a88b94923655225458041b850961df4e4ebe 5741acb692282784583db77424af958b107b6ba21a6e6e0b2c44b12d74b5c34c Loading...

	caosainasbsbaselwalle.azurewebsites.net/assets/js/bootstrap.min.js	63 kB	2023-03-07	2024-04-05
Pretty URL caosainasbsbaselwalle.azurewebsites.net/assets/js/bootstrap.min.js IP 20.119.0.18 ASN #8075 MICROSOFT-CORP-MSN-AS-BLOCK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:03:24 Last Seen2024-04-05 14:10:40 Times Seen130 Hash 9641c0f6951378d75b69f235dbc28d91 ed3c7a26df82e432b13b7e16d606ec6173cf7315 52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1 Loading...

	api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fcaosainasbsbaselwalle.azurewebsites.net%2F&channel_type=code&jsonp=__754dbrf9qx7	227 B	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fcaosainasbsbaselwalle.azurewebsites.net%2F&channel_type=code&jsonp=__754dbrf9qx7 IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 10:54:25 Last Seen2023-03-13 10:54:25 Times Seen1 Hash 0887910a69c94c03b35208082b5c55f0 3df9fc0dc995fc5add9f925561ff7de082d55395 a124a282084b89dedc35af8542641137f8a84fa5f8a3bc81c22bf92a217a1d13 Loading...

	api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=13.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config	4.4 kB	2023-03-13	2023-03-13
Pretty URL api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=13.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:21:39 Last Seen2023-03-13 10:54:26 Times Seen1 Hash 0f8a810e0c0c77fc1a31a4babc3c3513 5eecd28b2b9ac304c0102355560ffdffbb5cc1e9 a06b409bd9c269d3d337b565631095971cc93e2626972dfa935e7687d2aa3d04 Loading...

	api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization	11 kB	2023-03-08	2023-05-07
Pretty URL api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-05-07 22:45:30 Times Seen274 Hash 00708d557f5eeee5f3c15ccf12a0db38 6686346dfece2cd29baf4268b51df80a90d02424 f8edcfb3b4d6d8934fae03f8dc8ebb0eb6fe5f55cfb4002245b582e7dfdab450 Loading...

	cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js	48 kB	2023-03-08	2023-03-17
Pretty URL cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:26:58 Last Seen2023-03-17 22:17:08 Times Seen1 Hash 10a3d7ac1ed37325d3341c379ee0de69 568234e1f256abe6987b7c9965b51bbc119c0160 8250a0a8a2b63bfae72b2604bc53e7764530aa08651e7c0cb253a90a6c762a8c Loading...

	cdn.livechatinc.com/tracking.js	87 kB	2023-03-13	2023-03-14
Pretty URL cdn.livechatinc.com/tracking.js IP 95.101.10.202 ASN #20940 Akamai International B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:11:34 Last Seen2023-03-14 06:27:26 Times Seen1 Hash 29e075294399875f6fd4bdaa0f4a20e4 4b66dda1ae90f520557c9e3190686a4c4301282c b3fcf409ea4cc82df451395238d14a5c25a8bde7f6d6bf547125ed0b374e2dda Loading...

	unknown	0 B	2023-03-07	2024-04-25
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-25 10:37:02 Times Seen37061080 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

		Size	First Seen	Last Seen
	#1 Write - 164b45ddf017369a977181ccf213153d	13 kB	2023-03-13	2023-03-13
Pretty Observations First Seen2023-03-13 10:54:25 Last Seen2023-03-13 10:54:25 Times Seen1 Hash 164b45ddf017369a977181ccf213153d 13ae1e25776075332d70022de1a75e151fb75294 a21cbbad89567a61efbdb12c8e7326cd579f075f16723795c20de8330634c968 Loading...

HTTP Transactions (53)

URL IP Response Size

charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5

3.124.99.72

302 Found

0 B

URL HTTP/2
charweredrepicks.com/72460a79-31cf-483d-a660-e2386a26eee5
IP
3.124.99.72:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase
fortinet	Phishing

HTTP Headers

GET /72460a79-31cf-483d-a660-e2386a26eee5 HTTP/1.1
Host: charweredrepicks.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 302 Found
server: nginx
date: Sun, 29 Jan 2023 07:42:22 GMT
content-length: 0
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://caosainasbsbaselwalle.azurewebsites.net
pragma: no-cache
set-cookie: 72460a79-31cf-483d-a660-e2386a26eee5-v4=4x6WC4gHy4SLkw2WdMgJF1chhf0ck7ghtmOZGohNcxw; Max-Age=86400; Expires=Mon, 30-Jan-2023 07:42:22 GMT; Domain=charweredrepicks.com; Path=/; Secure; HttpOnly;SameSite=None
cc-v4=ofWUKFZmUvHrTVsRRSLBRkNE7d%2Bf4plbZx0zZfX1YlveZU94fKmz3QTp8cB4Mmxp6iUvQl3l8KNv4oqzL%2Fzg68ytUj%2BKR2r3ByQsnlsZuNr%2BW5fUitNKdQn4YHCiEyBHYfhqbvZNTCeuwlKYVRnKHQ%3D%3D; Max-Age=31536000; Expires=Mon, 29-Jan-2024 07:42:22 GMT; Domain=charweredrepicks.com; Path=/; Secure; HttpOnly;SameSite=None
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7040
Expires: Sun, 29 Jan 2023 09:39:42 GMT
Date: Sun, 29 Jan 2023 07:42:22 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4946
Expires: Sun, 29 Jan 2023 09:04:48 GMT
Date: Sun, 29 Jan 2023 07:42:22 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 06:43:08 GMT
content-type: application/json
age: 3554
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10569
Expires: Sun, 29 Jan 2023 10:38:31 GMT
Date: Sun, 29 Jan 2023 07:42:22 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: HSAJ/cdgVDT/cfJHE20eVToml4KeypJzc9bHy8XPgF8Y9KCy8eMcNvG9VGMvX+uRxqvQO29gpTU=
x-amz-request-id: BD3P69XSJSWYBKXS
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 07:21:18 GMT
age: 1264
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 07:42:22 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 06:49:04 GMT
age: 3198
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

caosainasbsbaselwalle.azurewebsites.net/

20.119.0.18

200 OK

2.0 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (672), with CRLF line terminators
Size
2.0 kB (1984 bytes)
Hash
be962f784182e5db06ad3cc65c078dad
7e9118c2c0e323d6a82abf04bccffad8391141ea
9bbc2ee4cefad83457c2426518041099d27c57a9df89cd6dfbc867b62e25dc59

Detections

Analyzer	Verdict	Alert
openphish	Coinbase

HTTP Headers

GET / HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Content-Type: text/html
Date: Sun, 29 Jan 2023 07:42:22 GMT
Server: nginx/1.22.1
Content-Encoding: gzip
ETag: W/"63cfba33-12fc"
Last-Modified: Tue, 24 Jan 2023 11:00:03 GMT
Transfer-Encoding: chunked

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5852
Expires: Sun, 29 Jan 2023 09:19:55 GMT
Date: Sun, 29 Jan 2023 07:42:23 GMT
Connection: keep-alive

caosainasbsbaselwalle.azurewebsites.net/assets/css/all.min.css

20.119.0.18

200 OK

59 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/css/all.min.css
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (59158), with CRLF line terminators
Size
59 kB (59348 bytes)
Hash
c6920efb7784a86ed443ef70db8f317d
2c2236d61417d354b5cbbc907dfc9c0eb1325a7f
c493875ea907c37e2ef7b9560f75ad5dd918121a0f42889eda351ccab0373eb1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/css/all.min.css HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 59348
Content-Type: text/css
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba42-e7d4"
Last-Modified: Tue, 24 Jan 2023 11:00:18 GMT

push.services.mozilla.com/

52.33.66.202

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.33.66.202:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Qlq8x4URt9L7g/Z7Shh1pg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: mHYWiWUYIdvMZ7BWwFzPm4utEf0=

caosainasbsbaselwalle.azurewebsites.net/assets/css/signin.css

20.119.0.18

200 OK

4.3 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/css/signin.css
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with CRLF line terminators
Size
4.3 kB (4253 bytes)
Hash
7444cb26975f4eb6116c665224789b55
68d5c6736ec42f47b22f69cd77a24dfca4909d7c
5cda6b229909767e1bea149573e087f32ba7d587342eec8c2e51f28028a9715e

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/css/signin.css HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 4253
Content-Type: text/css
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba43-109d"
Last-Modified: Tue, 24 Jan 2023 11:00:19 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8c630e9bbc930d1c367efa81b67be3f7
ec536695531d40a813d99a06271c7c2d698d51d3
39ca0a60c3e2e85712757ead0830d0da82beac1e4f44b6e90243e5ca9326bf4b

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

142.250.74.106

200 OK

1.6 kB

URL HTTP/2
fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
IP
142.250.74.106:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1640 bytes)
Hash
8d7cd456caec1b8562e73460152a3143
ef60d6ac9b4e3b72f7f5986f687eee2dac379b0e
853cc242df91f2aadd022844be973b15aabe892d682dee06b68c336ab9ca25ee

HTTP Headers

GET /css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 07:42:23 GMT
date: Sun, 29 Jan 2023 07:42:23 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

caosainasbsbaselwalle.azurewebsites.net/assets/js/bootstrap.min.js

20.119.0.18

200 OK

63 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/js/bootstrap.min.js
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (62961), with CRLF line terminators
Size
63 kB (63246 bytes)
Hash
9641c0f6951378d75b69f235dbc28d91
ed3c7a26df82e432b13b7e16d606ec6173cf7315
52bb7446862e479f013494ba2cefb1105c68e66f5be24fb57173c81bb395f8e1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/js/bootstrap.min.js HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 63246
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba52-f70e"
Last-Modified: Tue, 24 Jan 2023 11:00:34 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/js/jquery-3.5.1.min.js

20.119.0.18

200 OK

90 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/js/jquery-3.5.1.min.js
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65450), with CRLF line terminators
Size
90 kB (89478 bytes)
Hash
b61aa6e2d68d21b3546b5b418bf0e9c3
9c1398f0de4c869dacb1c9ab1a8cc327f5421ff7
f36844906ad2309877aae3121b87fb15b9e09803cb4c333adc7e1e35ac92e14b

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/js/jquery-3.5.1.min.js HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 89478
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba50-15d86"
Last-Modified: Tue, 24 Jan 2023 11:00:32 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/css/bootstrap.min.css

20.119.0.18

200 OK

160 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/css/bootstrap.min.css
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
ASCII text, with very long lines (65321), with CRLF line terminators
Size
160 kB (160398 bytes)
Hash
d66fe393345e62baa20253a974cdc8d2
334f40dd947ed1dc3247ee94d13b6f60410a17b4
b64b23b4a62a17d314b64f2dc76260b4c5bcd10135c092eb59372d998c2ef7ae

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/css/bootstrap.min.css HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 160398
Content-Type: text/css
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba41-2728e"
Last-Modified: Tue, 24 Jan 2023 11:00:17 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

142.250.74.67

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Size
16 kB (15860 bytes)
Hash
e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

HTTP Headers

GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caosainasbsbaselwalle.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 24 Jan 2023 13:09:06 GMT
expires: Wed, 24 Jan 2024 13:09:06 GMT
cache-control: public, max-age=31536000
age: 412397
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

142.250.74.67

200 OK

16 kB

URL HTTP/2
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
142.250.74.67:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Size
16 kB (15744 bytes)
Hash
15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

HTTP Headers

GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://caosainasbsbaselwalle.azurewebsites.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 19:33:54 GMT
expires: Thu, 25 Jan 2024 19:33:54 GMT
cache-control: public, max-age=31536000
age: 302909
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_2.png

20.119.0.18

200 OK

1.7 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_2.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.7 kB (1713 bytes)
Hash
b037a5297d944d46b9ffdb2548715b07
8fad1f6b12c04e0af8c4a9d0c3f73ec9cf3eacc4
9b0fbf0bcd62a789e8ca3b006c71b9fb722c9435ed521f1932b56f32fbe04f9a

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/coin_icon_2.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1713
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba4b-6b1"
Last-Modified: Tue, 24 Jan 2023 11:00:27 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_4.png

20.119.0.18

200 OK

1.4 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_4.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.4 kB (1440 bytes)
Hash
376972453b75b0a9e02b0c50cbd5ae07
cbc86d032603bcb2695580900967f61df837843a
2f8ea39cbd71d294b53677f3e811c072970d37c45f6bcf5bc9df597017e225fb

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/coin_icon_4.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1440
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba48-5a0"
Last-Modified: Tue, 24 Jan 2023 11:00:24 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_5.png

20.119.0.18

200 OK

1.3 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_5.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1292 bytes)
Hash
6db0c3bb351258c69d30da188650850c
88067ee78716439892eef592a4d03bb78020cf80
9dfb27d55abc35523cf1cb1c6386e631bf86addf00a0df6f5cb64ba5b9e156a1

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/coin_icon_5.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1292
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba49-50c"
Last-Modified: Tue, 24 Jan 2023 11:00:25 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/images/logo_coinbase.png

20.119.0.18

200 OK

2.3 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/logo_coinbase.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 59 x 61, 8-bit/color RGBA, non-interlaced\012- data
Size
2.3 kB (2263 bytes)
Hash
5e722949a3d022d8c8ffafeac9e15e2c
80b38ab8dbf44607be22d96ba04416de9130a418
6c571a6e79753e484bd38c1c6eb0ebc5b89e2ad15a633fb7369247361b1f684d

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/logo_coinbase.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 2263
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba4a-8d7"
Last-Modified: Tue, 24 Jan 2023 11:00:26 GMT

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 07:42:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_1.png

20.119.0.18

200 OK

1.3 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_1.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.3 kB (1298 bytes)
Hash
16a5333cf137037ce76266a2714859df
fc15fbecdb795634c4de07e15cbb1c9c7f617934
e2d6aeab33b31391580224f8429a40a4dd8abe71f7d41927dce4524caba08ddf

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/coin_icon_1.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1298
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba4c-512"
Last-Modified: Tue, 24 Jan 2023 11:00:28 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_3.png

20.119.0.18

200 OK

1.8 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/coin_icon_3.png
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
PNG image data, 22 x 22, 8-bit/color RGB, non-interlaced\012- data
Size
1.8 kB (1783 bytes)
Hash
f35de87a398deb6f641a7899feca32a2
28f876df5abf2d51735c51ff362e0ebf7d3ce9da
befaa710fd9bae21debd7a1f72d35467ece4f9f15764587e830a2306d7888bdc

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/coin_icon_3.png HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1783
Content-Type: image/png
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba4b-6f7"
Last-Modified: Tue, 24 Jan 2023 11:00:27 GMT

caosainasbsbaselwalle.azurewebsites.net/assets/js/popper.js

20.119.0.18

200 OK

526 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/js/popper.js
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
Microsoft OOXML\012- Zip archive data, at least v2.0\012- to extract, compression method=deflate\012- data
Size
526 kB (525927 bytes)
Hash
885c643ca3a632b8efa41726c7796cc6
21ba8b3517d6684a6e5658dde50418c6ed45e748
c38e8c5a40f00294b6ba95bea3c5bd346678b4845cc7eed1d67c70db1bb0d581

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/js/popper.js HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 525927
Content-Type: application/javascript
Date: Sun, 29 Jan 2023 07:42:23 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba4f-80667"
Last-Modified: Tue, 24 Jan 2023 11:00:31 GMT

cdn.livechatinc.com/tracking.js

95.101.10.202

200 OK

26 kB

URL HTTP/2
cdn.livechatinc.com/tracking.js
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
data
Size
26 kB (25911 bytes)
Hash
349345e8baec106d74b4eb289b8d2b0b
5c4a724241c19e2de9063da2c3dc0c4a3366ea7a
a69d354aa4044e3786dc89e3a46f415276b8657f0caa8c8355b12558cfde8695

HTTP Headers

GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:12 GMT
x-amz-version-id: iNzmqDcn1iRKaLiTk37THrDgz9osPO8C
server: AmazonS3
content-encoding: br
etag: W/"29e075294399875f6fd4bdaa0f4a20e4"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: 5u3S8SQ2vBURIIW1wAHlf1ewj7O-VH6XVggEm945QBhoGAgQC4G-PQ==
content-length: 25911
cache-control: max-age=28800
expires: Sun, 29 Jan 2023 15:42:24 GMT
date: Sun, 29 Jan 2023 07:42:24 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

caosainasbsbaselwalle.azurewebsites.net/assets/images/fabvicon.jpg

20.119.0.18

200 OK

1.8 kB

URL HTTP/1.1
caosainasbsbaselwalle.azurewebsites.net/assets/images/fabvicon.jpg
IP
20.119.0.18:0
ASN
#8075 MICROSOFT-CORP-MSN-AS-BLOCK

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 14x14, components 3\012- data
Size
1.8 kB (1759 bytes)
Hash
4905075149ce6e18ae0f3937a78c8035
d831584d16803eac84783af0ec72b8d9fc2de999
b700c78c895fbbdb4d2273b9062a0b4afa795b88e5b7f9703284b0a2844a12a5

Detections

Analyzer	Verdict	Alert
urlquery	phishing	Phishing - Coinbase
openphish	Coinbase

HTTP Headers

GET /assets/images/fabvicon.jpg HTTP/1.1
Host: caosainasbsbaselwalle.azurewebsites.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Content-Length: 1759
Content-Type: image/jpeg
Date: Sun, 29 Jan 2023 07:42:24 GMT
Server: nginx/1.22.1
Accept-Ranges: bytes
ETag: "63cfba46-6df"
Last-Modified: Tue, 24 Jan 2023 11:00:22 GMT

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17660
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 07:42:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17660
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 07:42:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17660
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 07:42:24 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17660
Expires: Sun, 29 Jan 2023 12:36:44 GMT
Date: Sun, 29 Jan 2023 07:42:24 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10168 bytes)
Hash
d5ed99a9aed6f367efc5c9498ce87ff1
3123eb6f550c51fe17fc62eff943b3739e239a9b
536f45bf2eb41f7056df8b34964538005d6a0a4c6157def3fbdd9487f8c79027

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5dcfee7f-f43c-4828-8113-8ba8eb26f727.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10168
x-amzn-requestid: fe58fe3c-dd23-4614-b5a2-e91ef68c2ab7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fFOD7H-NIAMFcxw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb907f-687fc51741d7ff97182d1955;Sampled=0
x-amzn-remapped-date: Sat, 21 Jan 2023 07:13:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GEghrk0LlbdfqVAHey-W84Zk9XHT2PD268Vfxf85HEvil0Ra27YgPA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:43:37 GMT
age: 14327
etag: "3123eb6f550c51fe17fc62eff943b3739e239a9b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11470 bytes)
Hash
10a6491e2c1dfde68c7cd7297e70700f
d0f195319825a6d3e5e50ad15b2fcab27cb65896
4d9353d5874e5ea03c25e1562db5f479c222a48db526fdd10ede7c2e6a4dd874

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fce27f1aa-8d31-4110-a47f-73de0b95926d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11470
x-amzn-requestid: 62d61967-9380-4ca9-b11a-531425dbd2ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIf6WFgAIAMF6gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cce042-6d9fe51029094b7f37c0a648;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 07:05:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rUIvvkZQ028ey3klplI-x9oZFugon5HsAWT-SN2GQo5hBeBJWqoMAg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:12:28 GMT
age: 30596
etag: "d0f195319825a6d3e5e50ad15b2fcab27cb65896"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5594 bytes)
Hash
4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 60308
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7417 bytes)
Hash
6af6f32397882f56d14d22348e44a9f1
5a626376807e7507fa3a204c4e4e9e44aa074a37
478f32e98c0a1f0d62fa337795ca88b7927e14b684b681f7629b648bc2d709a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F62d5a25c-3219-4061-b58b-b783bc3a37fb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7417
x-amzn-requestid: 8dca6752-c548-4526-ae81-4626843ade3e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fYbDjGREoAMFxiw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d33ee3-1c097c131b91c34b4e7df1be;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 03:02:59 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: i8JJruxoRfordb6WFNf67-GLWrA_Q930x3GCCQoUmDwXrfZtBXvsZg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:34:32 GMT
age: 14872
etag: "5a626376807e7507fa3a204c4e4e9e44aa074a37"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12124 bytes)
Hash
7da187381befeffa83fbaed380f2932e
7f4750e505e965f129c096ef40bc24c392051025
f47a20d681386b3341f23d286fb2f0a2a789bde75bdbc2d14c4747721e13d7a5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4bff98d2-c029-496d-b1f3-f17f0e92e273.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12124
x-amzn-requestid: 4032a848-72f7-4fbf-a0b2-e9cd7a2d1853
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVMBEGtwIAMF_Zw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1f3a0-6eec6555074c2fba0be0d90e;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 03:29:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ixuvPYw-yLJbABGhAMsaZPkbpCy6H-R-QXKxMlIBRQgBYvnERkOs_Q==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 23:42:35 GMT
age: 28789
etag: "7f4750e505e965f129c096ef40bc24c392051025"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.2 kB (9167 bytes)
Hash
3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 50788
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fcaosainasbsbaselwalle.azurewebsites.net%2F&channel_type=code&jsonp=__754dbrf9qx7

95.101.10.202

200 OK

227 B

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fcaosainasbsbaselwalle.azurewebsites.net%2F&channel_type=code&jsonp=__754dbrf9qx7
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
0887910a69c94c03b35208082b5c55f0
3df9fc0dc995fc5add9f925561ff7de082d55395
a124a282084b89dedc35af8542641137f8a84fa5f8a3bc81c22bf92a217a1d13

HTTP Headers

GET /v3.3/customer/action/get_dynamic_configuration?license_id=14971065&url=https%3A%2F%2Fcaosainasbsbaselwalle.azurewebsites.net%2F&channel_type=code&jsonp=__754dbrf9qx7 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-security-policy: frame-ancestors https://caosainasbsbaselwalle.azurewebsites.net/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://caosainasbsbaselwalle.azurewebsites.net/
content-length: 227
date: Sun, 29 Jan 2023 07:42:24 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=13.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config

95.101.10.202

200 OK

1.5 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=14971065&version=13.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (4432), with no line terminators
Size
1.5 kB (1462 bytes)
Hash
2b00987a5013805f24e8f2588d575af0
1b544f21dc5ff532320a52684ebe7b4e4f38cd84
07dfaf681e498bbc5456c575b150757362177001659b77a013e87dedfb358550

HTTP Headers

GET /v3.3/customer/action/get_configuration?license_id=14971065&version=13.1.1.1.1.6.1.1.1.1.1.2.202&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1462
cache-control: public, max-age=600
expires: Sun, 29 Jan 2023 07:52:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization

95.101.10.202

200 OK

3.8 kB

URL HTTP/2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
Unicode text, UTF-8 text, with very long lines (10873), with no line terminators
Size
3.8 kB (3785 bytes)
Hash
d1b3d63fb610e16ae90ebba26513f34d
4baa5a63b3692c86200b62692f3cb1091a380516
a691dcbd9c3569a1ee4196426f575560848c89a7a9d8662cd05acd445048cf10

HTTP Headers

GET /v3.3/customer/action/get_localization?license_id=14971065&version=ff93808ef52c6dd040640c4853b854bd&language=en&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Sun, 29 Jan 2023 07:52:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
content-length: 3785
X-Firefox-Spdy: h2

secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0

95.101.10.202

200 OK

2.6 kB

URL HTTP/2
secure.livechatinc.com/customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (8824), with no line terminators
Size
2.6 kB (2557 bytes)
Hash
e73532c0c660a631b8b058705ce26d21
ac886227ce8d418692c8496201f8bc76709b1a63
0ee4d5761027247228422c7b57c6727e95d065c52b4f68501694f1a41754ac03

HTTP Headers

GET /customer/action/open_chat?license_id=14971065&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://caosainasbsbaselwalle.azurewebsites.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
date: Sun, 29 Jan 2023 07:42:25 GMT
content-length: 2557
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js

95.101.10.202

200 OK

15 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/0.d619df13.chunk.js
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (47599), with no line terminators
Size
15 kB (14885 bytes)
Hash
f790030a4058f34f76fa8b0e0e4285cf
955ed12553baf05025f6f19f9079bad07af10bc3
5a57474ecc2a44ecf94ceae42e672745f900749479012ee2ba9eea180ee2a265

HTTP Headers

GET /widget/static/js/0.d619df13.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 11 Jan 2023 08:35:01 GMT
x-amz-version-id: fr6Gz9d8KXQbrJuaQVT4sDUpSqjnuR9Q
server: AmazonS3
content-encoding: br
etag: W/"10a3d7ac1ed37325d3341c379ee0de69"
vary: Accept-Encoding
x-amz-cf-pop: ARN1-C1
x-amz-cf-id: M5BEPnK3INOuxV-Zd5EkJqKhsnyIsA6pc5CcKg9GF8ozNzaNoBaR7Q==
content-length: 14885
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 07:42:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js

95.101.10.202

200 OK

70 kB

URL HTTP/2
cdn.livechatinc.com/widget/static/js/1.242d30c5.chunk.js
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
ASCII text, with very long lines (65462)
Size
70 kB (69814 bytes)
Hash
88298c1f3a966d806ce3dd802d2cfdb5
e19a54d47ddc9bd3ed805f6e5471ae2de613404b
9373f82e3b877dd04122dacfd587cb7f62562b53744142a734210c8af0a61dbf

HTTP Headers

GET /widget/static/js/1.242d30c5.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Mon, 16 Jan 2023 07:45:14 GMT
x-amz-version-id: Px6texczRRdv2H_bvm87pAIOH7z7Z.qa
server: AmazonS3
content-encoding: gzip
etag: W/"6cc6a8d0a347434070e1ae1406714b63"
vary: Accept-Encoding
x-amz-cf-pop: ARN56-P2
x-amz-cf-id: BpmGXFPk1aGvtFzUfSPoO8bfNDP06kQHquXkuVVoPBldkY4nhooSMA==
content-length: 69814
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 07:42:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2

95.101.10.202

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12852, version 1.0\012- data
Size
13 kB (12852 bytes)
Hash
3b5df7e947d77201eaf22f3dbdac08cc
21989ca07e4afe32d48982b816b8fac85ce3e668
4a46d61a9aed90cea010dbabcdb510b9ceff1b729a06b169cdbe142f66cbc86f

HTTP Headers

GET /widget/o-0IIpQlx3QUlC5A4PNr5TRASf6M7Q.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12852
last-modified: Tue, 18 Oct 2022 07:22:37 GMT
etag: "3b5df7e947d77201eaf22f3dbdac08cc"
x-amz-version-id: 4jMtpmrTh3NU2il.eSSLRODO9UYgvJk9
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: KM8abeyaVeSEIxlLTJcUkoNH7_q4l1PlUQolOkL0_K8Ml-Hn8lULcg==
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 07:42:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2

95.101.10.202

200 OK

13 kB

URL HTTP/2
cdn.livechatinc.com/widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type
Web Open Font Format (Version 2), TrueType, length 12688, version 1.0\012- data
Size
13 kB (12688 bytes)
Hash
d9f5998f47f6f22cb66e7dbf428c76ab
86b993baf91f867a03ea62e0d0adc9488530efaa
e94ba9c6df7a149b4b3c590bcc484ce24ce7c0f15c6f7f43479035a6311211d6

HTTP Headers

GET /widget/o-0NIpQlx3QUlC5A4PNjXhFVZNyBx2pqPA.woff2 HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 12688
last-modified: Tue, 18 Oct 2022 07:22:38 GMT
etag: "d9f5998f47f6f22cb66e7dbf428c76ab"
x-amz-version-id: msVoGOeEvv4rBAjmPT.bOOY9QhLnYq.K
accept-ranges: bytes
server: AmazonS3
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: X3prfpUvaSuujXUioKllfbrWJRSujJaRcEeTIItJqtcJgekTOM8gKw==
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 07:42:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2

api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14971065

23.36.79.16

101 Switching Protocols

0 B

URL HTTP/1.1
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=14971065
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /v3.3/customer/rtm/ws?license_id=14971065 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LqjRLwbQY/GeKGDlvghf/g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
sec-websocket-accept: Lgvrj2SH8/7kQ2OXu7Bv9gRn3Rk=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Sun, 29 Jan 2023 07:42:25 GMT
Upgrade: websocket
Connection: Upgrade

accounts.livechatinc.com/customer/token

23.36.79.16

200 OK

138 B

URL HTTP/2
accounts.livechatinc.com/customer/token
IP
23.36.79.16:0
ASN
#20940 Akamai International B.V.

File type
JSON data\012- , ASCII text
Size
138 B (138 bytes)
Hash
6da5979454cb4df3e742fbf93f5c6144
dbc938657dad21b8b966956774e4ce6ef22e4a6f
f380b9ab9606712c63b9f52b8b1526d03dd24b2a6c2029db91b9f1a28c762252

HTTP Headers

POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Sun, 29 Jan 2023 07:42:25 GMT
set-cookie: __lc_cid=04fa5665-e93f-47e2-6ca0-827854606b8c; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 07:42:25 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b592ed0c9716ca7d990cbe83bdb7df793e74f644060fe7b5acd49618b2d149c4e26b5444588e18be53e2cee3348a51789374e8a0014c15eb4a2617f61d78; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 07:42:25 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=04fa5665-e93f-47e2-6ca0-827854606b8c; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 07:42:25 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b592ed0c9716ca7d990cbe83bdb7df793e74f644060fe7b5acd49618b2d149c4e26b5444588e18be53e2cee3348a51789374e8a0014c15eb4a2617f61d78; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Wed, 29 Jan 2025 07:42:25 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1674978175&tag=2ba5d5d4d145bd4986458db2b88aa977825fcc7c; Path=/; Expires=Sun, 29 Jan 2023 07:42:55 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2

cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js

95.101.10.202

200 OK

0 B

URL HTTP/2
cdn.livechatinc.com/widget/static/js/iframe.73879adc.chunk.js
IP
95.101.10.202:0
ASN
#20940 Akamai International B.V.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widget/static/js/iframe.73879adc.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
last-modified: Wed, 25 Jan 2023 08:47:14 GMT
x-amz-version-id: DWqeOBaonG9oWcxGU0ZIpqeLsqrYCT6x
server: AmazonS3
content-encoding: gzip
etag: W/"90cad0f1a20bbe0c7b70af650ab7491a"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: MgLZ1iZ8LpNw3GUGmXeMSFOx05M7e3xvuc4-Sud2VVDGYvBOPceAhQ==
content-length: 228662
cache-control: max-age=31536000
expires: Mon, 29 Jan 2024 07:42:25 GMT
date: Sun, 29 Jan 2023 07:42:25 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML