Overview

URL snndc.co.jp.yeypt.com/sanjin/client/index.html
IP202.144.192.233
ASNIPTELECOM Global
Location Japan
Report completed2022-10-01 20:59:57 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish
Scan Date Severity Indicator Comment
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/client/index.html SMBC
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-01 2 snndc.co.jp.yeypt.com/ib/base/js/directib-incisw2.js?version=20220410 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/ico_blank_01.svg?version=20210509 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/ico_blank_01%20(1).svg Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/logo_smbc_01.svg?version=20210509 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/ico_help_01.svg?version=20210509 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/ico_blank_01.svg Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/ico_close_01.svg?version=20210509 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/wenhao.svg Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/img/new/QA.svg Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/fonts/noto_sans_jp/NotoSansJP-Regular.otf Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/fonts/icon/icon.ttf?yt5i04 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/fonts/icon/icon.woff?yt5i04 Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/js/vue.js Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/js/jquery-3.5.1.js Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/js/index.js Phishing
2022-10-01 2 snndc.co.jp.yeypt.com/sanjin/client/index.html Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS detectportal.firefox.com (2) 1601 2017-01-30 00:03:31 UTC 2022-10-01 05:02:30 UTC 34.107.221.82
mnemonic passive DNS r3.o.lencr.org (5) 344 2020-12-02 08:52:13 UTC 2022-10-01 04:59:16 UTC 23.36.76.226
mnemonic passive DNS firefox.settings.services.mozilla.com (14) 867 2020-05-27 20:08:30 UTC 2022-10-01 15:00:41 UTC 65.9.86.94
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-01 05:00:18 UTC 34.117.237.239
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-01 14:59:59 UTC 34.120.237.76
mnemonic passive DNS getpocket.cdn.mozilla.net (1) 1369 2017-08-31 07:41:15 UTC 2022-10-01 07:12:21 UTC 34.120.5.221
mnemonic passive DNS content-signature-2.cdn.mozilla.net (3) 1152 2020-11-03 12:26:46 UTC 2022-10-01 05:17:12 UTC 65.9.86.77
mnemonic passive DNS ocsp.digicert.com (2) 86 2012-05-21 07:02:23 UTC 2022-10-01 14:14:43 UTC 93.184.220.29
mnemonic passive DNS shavar.services.mozilla.com (1) 3602 2017-01-30 05:00:58 UTC 2022-10-01 05:17:16 UTC 35.82.2.166
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-01 05:28:34 UTC 54.191.222.112
mnemonic passive DNS snndc.co.jp.yeypt.com (20) 0 2022-10-01 08:10:04 UTC 2022-10-01 18:34:07 UTC 202.144.192.233 Unknown ranking
mnemonic passive DNS firefox-settings-attachments.cdn.mozilla.net (1) 11509 2019-11-30 09:32:57 UTC 2022-10-01 11:31:41 UTC 65.9.86.24


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 202.144.192.233

Date UQ / IDS / BL URL IP
2022-10-02 03:54:36 +0000
0 - 0 - 2 dlrect-snnbc-co-jp.org/ 202.144.192.233
2022-10-02 02:07:42 +0000
0 - 0 - 4 mizihi-bamk.org/miziha/client/login_sp.html 202.144.192.233
2022-10-01 23:09:22 +0000
0 - 0 - 13 dlrect-snnbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 23:08:28 +0000
0 - 0 - 16 direct.smbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 21:01:21 +0000
0 - 0 - 15 snndc-co.com/sanjin/client/index.html 202.144.192.233

Last 5 reports on ASN: IPTELECOM Global

Date UQ / IDS / BL URL IP
2022-10-02 03:54:36 +0000
0 - 0 - 2 dlrect-snnbc-co-jp.org/ 202.144.192.233
2022-10-02 02:07:42 +0000
0 - 0 - 4 mizihi-bamk.org/miziha/client/login_sp.html 202.144.192.233
2022-10-01 23:09:22 +0000
0 - 0 - 13 dlrect-snnbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 23:08:28 +0000
0 - 0 - 16 direct.smbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 21:01:21 +0000
0 - 0 - 15 snndc-co.com/sanjin/client/index.html 202.144.192.233

Last 1 reports on domain: yeypt.com

Date UQ / IDS / BL URL IP
2022-10-01 20:59:57 +0000
0 - 0 - 17 snndc.co.jp.yeypt.com/sanjin/client/index.html 202.144.192.233

Last 3 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-01 23:09:22 +0000
0 - 0 - 13 dlrect-snnbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 23:08:28 +0000
0 - 0 - 16 direct.smbc-co-jp.org/sanjin/client/index.html 202.144.192.233
2022-10-01 21:01:21 +0000
0 - 0 - 15 snndc-co.com/sanjin/client/index.html 202.144.192.233


JavaScript

Executed Scripts (3)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (57)


Request Response
                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 01 Oct 2022 00:55:58 GMT
Age: 72223
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "967B310BB60ACDBB06064A3CF9C7615745AAECAB58818CF5FF156AFD23482A88"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9204
Expires: Sat, 01 Oct 2022 23:33:05 GMT
Date: Sat, 01 Oct 2022 20:59:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EB128AEC099DBF1919EE5D965221E904AD3A2162583683CEC44518640B505447"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7508
Expires: Sat, 01 Oct 2022 23:04:49 GMT
Date: Sat, 01 Oct 2022 20:59:41 GMT
Connection: keep-alive

                                        
                                            GET /success.txt?ipv4 HTTP/1.1 
Host: detectportal.firefox.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         34.107.221.82
HTTP/1.1 200 OK
Content-Type: text/plain
                                        
Server: nginx
Content-Length: 8
Via: 1.1 google
Date: Sat, 01 Oct 2022 00:55:58 GMT
Age: 72224
Cache-Control: public,must-revalidate,max-age=0,s-maxage=3600


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    ae780585f49b94ce1444eb7d28906123
Sha1:   7d5ca8c0c03e883c56c4eb1ef6f6bb9bccad4d86
Sha256: 81b2bd4ea98c8db66554fbc8d7637a1a69a130f331feb732b75caab4c4868fd5
                                        
                                            GET /v3/firefox/global-recs?version=3&consumer_key=40249-e88c401e1b1f2242d9e441c4&locale_lang=en-US&region=NO&count=30 HTTP/1.1 
Host: getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.5.221
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
vary: Accept-Encoding
content-location: global-recs.php
tcn: choice
x-frame-options: SAMEORIGIN
status: 200 OK
x-source: Pocket
pragma: cache
p3p: policyref="/w3c/p3p.xml", CP="ALL CURa ADMa DEVa OUR IND UNI COM NAV INT STA PRE"
x-cache: Miss from cloudfront
x-amz-cf-pop: SEA73-P2
x-amz-cf-id: WGdgBHQcdIAWhHaHq2pgsiBTbOW5RsX-zcaChVN3_td9qqt32YZ5dw==
content-encoding: gzip
via: 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 20:49:04 GMT
content-length: 41905
age: 637
cache-control: s-maxage=900,public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   41905
Md5:    6863074e137a20d24dc6ca9dfd29ff6c
Sha1:   48d14e98e3301cbe8e99fd8ae9e3355d5b5fb197
Sha256: 371af60c5ffeaa79ccecb36435fa6a967e3ff2144b1e3b935b3d372be6eb38a8
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-06-30-19-51-38.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.77
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Wed, 11 May 2022 19:51:39 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 03:24:00 GMT
etag: "48ca0beea419a9039591cf1aee5179e0"
x-cache: Hit from cloudfront
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: ahsZORHKs7BGeglnQpzq--g92OuyGDyaruCXnFX_6MoAeDmL5Urv9g==
age: 63343
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    48ca0beea419a9039591cf1aee5179e0
Sha1:   9e92629f505fcc07aab51221e8fe62197a23e307
Sha256: 630a5f110337b4a4876aa85c21107d9e8f2550bcc60f023a4777d895b17399fd
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 20:16:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 682270ef163d219cc7a50d1af232b97e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: lIhj1PO7QOMdKHsJuw_5HfEO7IFS-hEHF-P17k50SpM0JctuoH8XkQ==
Age: 2601


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:42 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "79D71B3A680EBDAFD6C1D6A26D107E8F13CFE0DBF15E331EA34130AC3B50C633"
Last-Modified: Sat, 01 Oct 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14634
Expires: Sun, 02 Oct 2022 01:03:36 GMT
Date: Sat, 01 Oct 2022 20:59:42 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 820
Cache-Control: 'max-age=158059'
Date: Sat, 01 Oct 2022 20:59:42 GMT
Last-Modified: Sat, 01 Oct 2022 20:46:02 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST /downloads?client=Firefox&appver=96.0a&pver=2.2 HTTP/1.1 
Host: shavar.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 773
Connection: close
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: none
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         35.82.2.166
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Date: Sat, 01 Oct 2022 20:59:42 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Length: 8
Connection: Close


--- Additional Info ---
Magic:  ASCII text
Size:   8
Md5:    29fc57841962e407cb50c1be60284bf7
Sha1:   ce968a77e2996da5eee8925182318f171ccdce47
Sha256: ae7e7075247dcfad763f1e131aeac3d2e756bb03d48b0d315a50c69636e5dc8b
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Sat, 01 Oct 2022 20:29:33 GMT
Expires: Sat, 01 Oct 2022 20:36:35 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 0186e9c41d0aebb13c1398b95b7f4756.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: az8CQojc4-fh3z5IOalRB0t8fwQbRaH0wcWA-o_cRrRtPoBWEc-46g==
Age: 1809


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3994
Cache-Control: max-age=130416
Date: Sat, 01 Oct 2022 20:59:42 GMT
Etag: "6337f514-1d7"
Expires: Mon, 03 Oct 2022 09:13:18 GMT
Last-Modified: Sat, 01 Oct 2022 08:06:44 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: /bPvnQTyITUpKrorG547Kg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.222.112
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: JffUSc7yf8XlQ1JoGeZH8wL0AHQ=

                                        
                                            GET /sanjin/css/top_rwd1.css HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
last-modified: Thu, 04 Aug 2022 15:07:08 GMT
vary: Accept-Encoding
etag: W/"62ebe09c-1295"
expires: Sun, 02 Oct 2022 08:59:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   5900
Md5:    ee47257ac66e3938ccb1fc22f4c56ecb
Sha1:   76f637fab0ea85e72ac4880445bbcec7a69a0c81
Sha256: 055937ce22d4e79934748adc7d38fdc139a71264d02c0300936cb21d5006da52
                                        
                                            GET /ib/base/js/directib-incisw2.js?version=20220410 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/ico_blank_01.svg?version=20210509 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 914
last-modified: Fri, 30 Sep 2022 09:43:27 GMT
etag: "6336ba3f-392"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (906), with no line terminators
Size:   914
Md5:    b30ae9120a458cb39d0da96e7e911b1e
Sha1:   ecf66349fbcf263417448b152f5bc06a7fcfcf9a
Sha256: 6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/ico_blank_01%20(1).svg HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 914
last-modified: Thu, 04 Aug 2022 14:53:41 GMT
etag: "62ebdd75-392"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (906), with no line terminators
Size:   914
Md5:    b30ae9120a458cb39d0da96e7e911b1e
Sha1:   ecf66349fbcf263417448b152f5bc06a7fcfcf9a
Sha256: 6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/logo_smbc_01.svg?version=20210509 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 6705
last-modified: Thu, 04 Aug 2022 14:53:54 GMT
etag: "62ebdd82-1a31"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (6705), with no line terminators
Size:   6705
Md5:    aea9e2e7ff8d21524ca9ca628c209a3a
Sha1:   08f53591dc1450351cb68d050c61bc4a42b12d41
Sha256: 485e5bfbda7308d10582d03f7dc04ede5efe692df0ced5bcad7cb5071d7c3b69

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/logo_06.svg?version=20210509 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 2954
last-modified: Thu, 04 Aug 2022 14:53:52 GMT
etag: "62ebdd80-b8a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2954), with no line terminators
Size:   2954
Md5:    fe8ccfa305d19b25fb3bbb3c6c1a2a1b
Sha1:   92b2a590f051405d9f3e2957b0894e58cb1b40fb
Sha256: 794a8451958635ae295689499311a6208eff440ace9b1118ea4b7555b672aa85
                                        
                                            GET /sanjin/img/ico_help_01.svg?version=20210509 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 526
last-modified: Fri, 30 Sep 2022 09:43:39 GMT
etag: "6336ba4b-20e"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (526), with no line terminators
Size:   526
Md5:    1172bcc8aa9dc0ebb2e708d4bf52ea21
Sha1:   6f25b9c415eeba882c02178f433a575972e6a8ea
Sha256: 34e169addd9fe376397a67c36c8444a443f8f91acc728727863d8082bcf3b5b5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/ico_blank_01.svg HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 914
last-modified: Fri, 30 Sep 2022 09:43:27 GMT
etag: "6336ba3f-392"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (906), with no line terminators
Size:   914
Md5:    b30ae9120a458cb39d0da96e7e911b1e
Sha1:   ecf66349fbcf263417448b152f5bc06a7fcfcf9a
Sha256: 6bd298af3a58263b7f307c721069ff7a94f653f036eec771559994c00d2056a6

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/ico_close_01.svg?version=20210509 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 499
last-modified: Fri, 30 Sep 2022 09:43:34 GMT
etag: "6336ba46-1f3"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (499), with no line terminators
Size:   499
Md5:    187d25cc5db3f83837ad145627dea937
Sha1:   e9f63e763d074de430a343c41b5ad7b2314a69cf
Sha256: eeb30484ee0a88fd628076d13cd085aaf1ac6bc943f9c12309a4b65f281129dc

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/wenhao.svg HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 1103
last-modified: Wed, 07 Jul 2021 12:51:46 GMT
etag: "60e5a362-44f"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1103), with no line terminators
Size:   1103
Md5:    4e1ab0b5e941e07410e29477dcdde027
Sha1:   875b949d5d7f3a6e83e506f28592c19cd05e21ab
Sha256: a3925317ffd8dd727be0ba594dbe826103a13b0103711bfdda45bd56589f8c7a

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/img/new/QA.svg HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 1403
last-modified: Mon, 27 Dec 2021 15:22:09 GMT
etag: "61c9da21-57b"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1403), with no line terminators
Size:   1403
Md5:    fe468dd3e582799e7daaa146f7dfe307
Sha1:   d620e408f15a05681e3f63b463d4c7c93aa11501
Sha256: 2a3b3d9f131bcbd63ac6153b616b5bab0bc42d0fcc3fca10251b884c633cbe56

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/blocklists/collections/addons-bloomfilters/changeset?_expected=1664498243168&_since=%221653914271178%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 30 Sep 2022 00:37:23 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sat, 01 Oct 2022 20:47:28 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 0_pi4S_OVcy0GrXuPYbYeYUsmoVr7sxQMH9HJxedCf43-3-snQfS2Q==
Age: 794


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Size:   12628
Md5:    df1dc25bfcebc3293e9563e46f60f657
Sha1:   c7185ca340769f86354e364bf4e9086d48a70449
Sha256: 2b62745f4aeae88ef4397f79711fa60fb55149ae36dc331783d485354dafd55e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         65.9.86.77
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Sat, 01 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: A8vV_QuXE9bU4EsZYfzvyz6G5si1u4Iya3EfF4qBh-YFU7hqHpy9nw==
age: 55876
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Sat, 01 Oct 2022 20:16:21 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: ZE4UHWWcW455F-TqGDRi_bSS3pYKtJDcZrPNe4InRyyJozqLDkej_g==
Age: 2602


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    1b3053fa528e28810f8a2cc9284cc921
Sha1:   cca9eb471d941881a6b9a1793aecb6c281908f6a
Sha256: a2427848ba35575dda8a82cf88f104978234c05389deebc3fc8279d9075eff45
                                        
                                            GET /sanjin/fonts/noto_sans_jp/NotoSansJP-Regular.otf HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/css/common_rwd1.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/fonts/icon/icon.ttf?yt5i04 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/css/common_rwd1.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /staging/addons-bloomfilters/67600448-6fc2-4f40-bd4a-8687d731734f.bin HTTP/1.1 
Host: firefox-settings-attachments.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.24
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Content-Length: 795699
Connection: keep-alive
Last-Modified: Mon, 27 Jun 2022 12:39:11 GMT
x-amz-version-id: 9np1boOrxtHVWzMczpbX1a.N_ewQWHDF
Accept-Ranges: bytes
Server: AmazonS3
Date: Sat, 01 Oct 2022 04:16:46 GMT
ETag: "9b95765b0e26af76116a95a966d61354"
X-Cache: Hit from cloudfront
Via: 1.1 f54d9ad301a95e7dcfde675e1cd5ba88.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: qPdyNnKgRfo-V-m7xwiQYwiS-e0z0OZW8EB8AUaVyWAhuZTBwQyLlA==
Age: 60271


--- Additional Info ---
Magic:  data
Size:   795699
Md5:    9b95765b0e26af76116a95a966d61354
Sha1:   3f7c1b40fc999b83f3696f455402e49ab484b027
Sha256: 34f969c8e082310785ec4262e2d5b58c919d4de856ffc64b3467507f83ac9571
                                        
                                            GET /sanjin/fonts/icon/icon.woff?yt5i04 HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/css/common_rwd1.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 404 Not Found
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:44 GMT
content-length: 146
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size:   146
Md5:    8eec510e57f5f732fd2cce73df7b73ef
Sha1:   3c0af39ecb3753c5fee3b53d063c7286019eac3b
Sha256: 55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /v1/buckets/main/collections/normandy-recipes-capabilities/changeset?_expected=1664582468554&_since=%221654732864402%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Sat, 01 Oct 2022 00:01:08 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Sat, 01 Oct 2022 20:32:14 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: r4kszOKJPvdh27GzLGTPi4bIQTPOI7adAQhu7sKSGWYb4KxYeJuVWQ==
Age: 1650


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (58917), with no line terminators
Size:   12184
Md5:    d3e4bc876b60d891f51ef36b82ad8fc3
Sha1:   98a2be0af244511be33642e94dc494ed55e40b02
Sha256: 9236a89d70ec9e13a3eb3fc561684a105f6694d63e1edeb07baaed03e3cf2fd8
                                        
                                            GET /v1/buckets/main/collections/nimbus-desktop-experiments/changeset?_expected=1664576981597&_since=%221654636467710%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 30 Sep 2022 22:29:41 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Cache-Control: max-age=3600
Date: Sat, 01 Oct 2022 20:46:20 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: OTVwHWC4rsljVY54G9BNTNG4GES9-f3KM99T_-NNtlpeBZMgYwv_5A==
Age: 804


--- Additional Info ---
Magic:  ASCII text, with very long lines (31812), with no line terminators
Size:   4522
Md5:    0a8cfe2efc6b0b24150c549ab477643e
Sha1:   ea11b76b989c1cca396d75cb40774bbd014ef689
Sha256: 86f672ecf608509aa0e411d8b80f9e4bb5c1e877040957d56a53ae69897d5ecd
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         65.9.86.77
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
date: Fri, 30 Sep 2022 22:29:47 GMT
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 10c6c3dafd71d2880db1f56a9baf3a70.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: zH1Ox8li_wFbHvGDljsYr9JsR7IVVWc76v7w4wBSfGYmgNaWDhYOKg==
age: 80998
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /sanjin/client/apple-touch-icon.png HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: image/png
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:44 GMT
content-length: 5083
last-modified: Fri, 30 Sep 2022 04:54:56 GMT
etag: "633676a0-13db"
expires: Mon, 31 Oct 2022 20:59:44 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Size:   5083
Md5:    f3e956ccc61ef768239455c5fc077487
Sha1:   54c1a0d4b20e180aa2b4d329e93bef81b0a01165
Sha256: a94e02394ce392009e1b9d2bb620402db2b73d1da65da1b62c50f85b848e920f
                                        
                                            GET /v1/buckets/main/collections/fxmonitor-breaches/changeset?_expected=1662044085942&_since=%221622732735407%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 01 Sep 2022 14:54:45 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Thu, 29 Sep 2022 22:27:20 GMT
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: xbe0qBWskpc_FeFBg8k-5mjxEEROuDcp-eK300WwVGXNDOqplsOsaQ==
Age: 176152


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (20424), with no line terminators
Size:   5859
Md5:    d5f358e1c4c24c5498506f822573411d
Sha1:   82a8bac76194d3124d20b855b59c4c3c8110f138
Sha256: 8c03f72cedd357bcf30f77be6493cbb9fea34b7faa0ab53922ba40ae6385b77f
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13287
Expires: Sun, 02 Oct 2022 00:41:11 GMT
Date: Sat, 01 Oct 2022 20:59:44 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "61BF2BDDECE68C7876AB5481C14ED1B1879343E55C86EE013B4F3A8D3353E6B4"
Last-Modified: Sat, 01 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13287
Expires: Sun, 02 Oct 2022 00:41:11 GMT
Date: Sat, 01 Oct 2022 20:59:44 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d8201d9-93ae-492b-8ea9-d245fa2e4073.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3640
x-amzn-requestid: b5f5c567-8aa9-414b-8310-cf3006711ee9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJo1vFIwoAMF2mA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6333bb57-0f1cbcbb29287f5367a14b67;Sampled=0
x-amzn-remapped-date: Wed, 28 Sep 2022 03:11:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HiU5q54X8yU3PXfTqYyCa9c3NbGAmjVLQRYn3P47trBJhtCP4juxRQ==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 11:00:33 GMT
age: 35951
etag: "303c6bb672425443a15bbe22394bd1149f887904"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3640
Md5:    a9e7ba045a723120501994dea21709db
Sha1:   303c6bb672425443a15bbe22394bd1149f887904
Sha256: b1bea7212e55ec8eaf62434214a86fed7d6a990d105984d79a7fa0e793395d59
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7fc3f7b5-4c80-4662-ba8b-7997bdbdb6a3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8299
x-amzn-requestid: 91eed6b6-632f-472b-93d7-4192425fcdfd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLDF0SoAMFWgw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-17bb04894cc786555d693ec3;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 8JvNUZRyYeZjd4ZxOrGMCbJxVf46NRhiHXsFvCAZn2QeUkdCzKoYbw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:15:58 GMT
age: 81826
etag: "2df7db53629c7adda2c0a4dfe9c17791b73a75e1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8299
Md5:    0d31a422078d02bda318c693c05a58dc
Sha1:   2df7db53629c7adda2c0a4dfe9c17791b73a75e1
Sha256: a07fe4e135b52da6dfa9d8a55684f0a3bf5f5ce52c4064c8ab37836a939902a9
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59da9c68-5ffa-4dc1-adf8-645278cd60ca.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10380
x-amzn-requestid: 35ee2a77-159c-4bb4-a825-98c638398586
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPdZYHsTIAMFQNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63360f6f-4f68073432bcea371c7b8f03;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 21:34:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IENB0e-e13ywHJKPgyLWn1bGPMMxFLUu3cIUcREjGhxDEMROEL1jBg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:45:19 GMT
age: 83665
etag: "265840b2d2fc6eb764cc6409b05deee8d77a19c2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10380
Md5:    139a144f8cb04ac8aae65f4bad1473e7
Sha1:   265840b2d2fc6eb764cc6409b05deee8d77a19c2
Sha256: 6e0f01b6bdd5a92e92c7b29a6172a2900c68900afd2abba948940621252e0fd8
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F03e4f558-3c34-42eb-aa43-9896f0e6ce87.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8269
x-amzn-requestid: 2ff31dda-d215-42fb-a439-de67799ebeb1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y8dqPFvQIAMFxlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632e7641-2c2e3443499003525414587b;Sampled=0
x-amzn-remapped-date: Sat, 24 Sep 2022 03:15:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: btbI_vFcRysDsOGN3zHGO3PEnzCG8XZyV7E65PB1bwBab86rJM79ZQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 22:16:06 GMT
age: 81818
etag: "74c20bb0c312988822deb9d46b20e4642357fbd7"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8269
Md5:    574cd0b975349cc445e798136863c8a0
Sha1:   74c20bb0c312988822deb9d46b20e4642357fbd7
Sha256: 62d6448a8da1ed783761e1e966c3f03f2d9b4351e04e13e71e330e4cce465fc4
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6315
x-amzn-requestid: f0791b53-3c5f-4d94-954d-992a529ebb60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZPnunF35oAMFYbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63361ff6-2adb303349153ced73ccecf6;Sampled=0
x-amzn-remapped-date: Thu, 29 Sep 2022 22:45:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: RGS_T9Cwl5Vjs_bxngHRomiYppE5fLe0SnH19VEfc5-PCT5tb5ku1A==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 01 Oct 2022 04:40:52 GMT
age: 58732
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6315
Md5:    206fb65e75dbadf119512f71e0b78402
Sha1:   58ff0bf8ce7528b303d28bab01a80ad721705569
Sha256: 56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ae73d97-d8e4-4f93-bf30-c175fc72b008.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10201
x-amzn-requestid: 62562627-78a8-4c17-bf6c-b2c986b9ee8f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZSxLCFH3IAMFoFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63376246-69637d745165485171ca73b9;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 21:40:22 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: CueKD4mKZFXrPdwSOtYV3muaegRDOA632EztOt22qrk0Qd2yj1oPkg==
via: 1.1 6a63e853422f3197776fb098fab5a416.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Fri, 30 Sep 2022 21:57:18 GMT
age: 82946
etag: "49798c4a15545a49f3870b2a16af78dbf8e168cc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10201
Md5:    4be456dbe857580c7b4c7fca3936e04e
Sha1:   49798c4a15545a49f3870b2a16af78dbf8e168cc
Sha256: 23e42987d5e9939424d5f4e4fe0c38faf20a221732097927dd4a656199d9d315
                                        
                                            GET /v1/buckets/main/collections/password-rules/changeset?_expected=1659924409785&_since=%221652712410939%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:06:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Tue, 27 Sep 2022 03:08:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: tOyqH6GdkfDUWuI17rxUU8vTdjrsovCVyHWjFdJvyVbJX-xoFHDO5A==
Age: 409850


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1394), with no line terminators
Size:   825
Md5:    323f63cea1e65bcba94765be51a8cad4
Sha1:   5ae1b62bce94b3c9de5cdf0bb3d61873e0667300
Sha256: de2dfaadd3174377d4e4edb027b2abe3909fdfeb1537b4cbc1a56b700ce0be76
                                        
                                            GET /v1/buckets/main/collections/websites-with-shared-credential-backends/changeset?_expected=1659924446436&_since=%221650898092205%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 08 Aug 2022 02:07:26 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Wed, 28 Sep 2022 05:56:18 GMT
Cache-Control: max-age=2592000
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: rWCG37wPnawVwv4IIQ5cNxVEy0PcF5s6TXfbBSY2cpngYiw495aSWQ==
Age: 313911


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (8682), with no line terminators
Size:   3275
Md5:    a3d031972a53ce7c0335f6110586ec9c
Sha1:   4c32da8a240101524c01ec333cc53a07f1d2ebff
Sha256: e93d587a4c0e1168b7c65a904f99bcdf262a8f0d70dcc716a95e9288c2a03e86
                                        
                                            GET /v1/buckets/main/collections/search-config/changeset?_expected=1661199949574&_since=%221648132005528%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 22 Aug 2022 20:25:49 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=2592000
Date: Sun, 25 Sep 2022 16:56:54 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: 4n-LHGduzpnkoeNP9TtzhgXuq1fD4UKlqbJR4peVqyvFX30iRr_Dew==
Age: 532970


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (14029), with no line terminators
Size:   3398
Md5:    6dcd03f5af25aeb0674bb47c0f018dae
Sha1:   f8d8e5a1f39903a3fc12e8cb3170c0459e9c834b
Sha256: 8773fca6ecf53b30d62e680323027186bf934a2dc0b4caba5e4fc7cb30d4e2a1
                                        
                                            GET /v1/buckets/main/collections/cfr/changeset?_expected=1659547595259&_since=%221653578606314%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Backoff, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 03 Aug 2022 17:26:35 GMT
X-Content-Type-Options: nosniff
Content-Encoding: br
Date: Sat, 01 Oct 2022 08:31:34 GMT
Cache-Control: max-age=259200
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: q_xlgsGrtsHLNLqVsjmQnWQukwofjgG5-G3eX2byqPe-0opVeOA9bA==
Age: 45451


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (3678), with no line terminators
Size:   1411
Md5:    198ef0717b8812aadc957d1e2ff4aafb
Sha1:   08061aca9c054ec44311c30eb09c67ee1e80fd47
Sha256: d96caf25a8a96003398ac403de9b499673bfcb56643a710f0c54433153655427
                                        
                                            GET /v1/buckets/main/collections/hijack-blocklists?_expected=1605801189258 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 682
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Mon, 26 Sep 2022 16:36:56 GMT
X-Content-Type-Options: nosniff
Date: Sat, 01 Oct 2022 20:42:13 GMT
Cache-Control: no-cache, no-store, max-age=3600
ETag: "1664210216116"
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: _HPSy8qymnAUdF1sYa6yfb8ntLuUNuxb9helEbpfTsrP72BzoIMwAw==
Age: 1055


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (682), with no line terminators
Size:   682
Md5:    4e767b65980ef55063cce1d7f423c58e
Sha1:   f6f9756deac632f187752ff6708a2e3a71a04ebc
Sha256: 132e8f66a926b19d6a3ff32ca5bf385272b3b9be5e748cd21b9bb02a13a661e9
                                        
                                            GET /v1/buckets/main/collections/query-stripping/changeset?_expected=1656585893704&_since=%221649762862679%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Thu, 30 Jun 2022 10:44:53 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Date: Sat, 01 Oct 2022 20:56:41 GMT
Cache-Control: max-age=3600
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: vikglvxPzGhUX5Py15xFpTm-LZ9HwoFHsf0Gxj2NrLdrwoz022x_jA==
Age: 185


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (1709), with no line terminators
Size:   959
Md5:    d68cb9cd07d27d0593a1e9708cb6aa63
Sha1:   7c549c87461cc734b0edd45de85614ae567e7b7c
Sha256: 30dcd3093be9cc38ba12010d7e925f20c989a0e2962c52d9aec6e9acfa2736a6
                                        
                                            GET /v1/buckets/main/collections/partitioning-exempt-urls/changeset?_expected=1657747510534&_since=%221654266643527%22 HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         65.9.86.94
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Wed, 13 Jul 2022 21:25:10 GMT
X-Content-Type-Options: nosniff
Content-Encoding: gzip
Cache-Control: max-age=3600
Date: Sat, 01 Oct 2022 20:29:39 GMT
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 d143bdfb7cce4cf7ec0bcf9ec13e5914.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: AMS1-C1
X-Amz-Cf-Id: ZnMWpNq25hgKN3BCgoLV5Zx0y0ZATmcHhz0d0e5acUHjuJvd6CFcGw==
Age: 1805


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (2194), with no line terminators
Size:   1080
Md5:    4286df03a653e5b403e88a8d28933306
Sha1:   8f974648aef7d271443707ce3a6eba8d9a117872
Sha256: 16e99009a0917eedd380140055d06b29d6709bd469d694d078c013f7c104367a
                                        
                                            GET /sanjin/js/vue.js HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
last-modified: Wed, 28 Apr 2021 11:12:46 GMT
vary: Accept-Encoding
etag: W/"6089432e-53882"
expires: Sun, 02 Oct 2022 08:59:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/css/common_rwd1.css HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
last-modified: Thu, 04 Aug 2022 16:00:27 GMT
vary: Accept-Encoding
etag: W/"62ebed1b-5239a"
expires: Sun, 02 Oct 2022 08:59:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /sanjin/js/jquery-3.5.1.js HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
last-modified: Tue, 23 Jun 2020 06:11:13 GMT
vary: Accept-Encoding
etag: W/"5ef19d01-4638e"
expires: Sun, 02 Oct 2022 08:59:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/js/index.js HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://snndc.co.jp.yeypt.com/sanjin/client/index.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:43 GMT
last-modified: Sat, 01 Oct 2022 14:20:11 GMT
vary: Accept-Encoding
etag: W/"63384c9b-180f"
expires: Sun, 02 Oct 2022 08:59:43 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /sanjin/client/index.html HTTP/1.1 
Host: snndc.co.jp.yeypt.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         202.144.192.233
HTTP/2 200 OK
content-type: text/html
                                        
server: nginx
date: Sat, 01 Oct 2022 20:59:42 GMT
last-modified: Fri, 30 Sep 2022 19:08:09 GMT
vary: Accept-Encoding
etag: W/"63373e99-1782d"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - openphish: SMBC
    - fortinet: Phishing