Report - ittefaqnews.com/@_*.*@_-_

Report Overview

Submitted URL
ittefaqnews.com/@_*.*@_-__@.**-@
IP
142.111.202.74
ASN
#18779 EGIHOSTING
Submitted
2022-11-30 01:12:58
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.7 kB	7.1 kB	23.36.77.32
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
www.ittefaqnews.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	967 B	5.7 kB	142.111.202.74
api78.278nnys.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	224 kB	119.47.87.67
dvcasha2.ocsp-certum.com	71753	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	348 B	1.9 kB	95.101.10.193
api66.270nnys.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	457 B	393 B	119.47.84.89
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.1 kB	93.184.220.29
ittefaqnews.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	363 B	207 B	142.111.202.74
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
push.zhanzhang.baidu.com	57139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	289 B	750 B	39.156.68.163
ocsp.globalsign.com	2075	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	718 B	4.0 kB	151.101.66.133
hmcdn.baidu.com	87026	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	394 B	478 B	106.227.30.48
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	67 kB	34.120.237.76
hm.baidu.com	8254	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	667 B	497 B	103.235.46.191
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.43.228.5
cdn.dcloud.net.cn	116868	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	395 B	577 B	116.62.168.25

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-30	medium	ittefaqnews.com/@_.@_-__@.**-@	Phishing
2022-11-30	medium	www.ittefaqnews.com/@_.@_-__@.**-@	Phishing
2022-11-30	medium	www.ittefaqnews.com/tj.js	Phishing
2022-11-30	medium	www.ittefaqnews.com/common.js	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (15)

	URL	Size	First Seen	Last Seen
	api78.278nnys.com/static/js/pages-index-index.819245bd.js	9.6 kB	2023-03-09	2023-03-25
Pretty URL api78.278nnys.com/static/js/pages-index-index.819245bd.js IP 119.47.87.67 ASN #38186 Forewin Telecom Group Limited, ISP at Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:49:23 Last Seen2023-03-25 22:39:17 Times Seen2 Hash 03557a3bb3f597342b24b2e81863d5c4 e4584d917e4d34f4fc472aa04dc1b22d77b723b8 53b60dbe14fd48e60827e510b7b13daa5dc0a310f536a28dd959d2c2afa7fd61 Loading...

	hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js	19 kB	2023-03-07	2024-04-27
Pretty URL hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js IP 106.227.30.48 ASN #148969 China Telecom Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:15 Last Seen2024-04-27 18:38:23 Times Seen396 Hash 1c2fcb6476145e6001518a4dbac07f4a 0087c596fabb1c90c37f2c6031433b05c73dec31 219ca04c2c4216075197593145192ce36933a316cdc66ddec79dd2d1335a4d76 Loading...

	www.ittefaqnews.com/@_.@_-__@.**-@	42 B	2023-03-08	2023-03-25
Pretty URL www.ittefaqnews.com/@_.@_-__@.**-@ IP 142.111.202.74 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:01:58 Last Seen2023-03-25 22:27:29 Times Seen2 Hash 6dcf1f8f2708713fa10b781dfa403686 557489bcb9ff4f479f5b37ff08f21ed6212dd60c 35acd5ead026fb35968f1789c78b91237e0e1b212701c45f8935a1f9b4b52194 Loading...

	www.ittefaqnews.com/@_.@_-__@.**-@	404 B	2023-03-07	2024-05-01
Pretty URL www.ittefaqnews.com/@_.@_-__@.**-@ IP 142.111.202.74 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-01 20:22:26 Times Seen2997 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	api78.278nnys.com/?time=1669770087	352 B	2023-03-07	2023-04-05
Pretty URL api78.278nnys.com/?time=1669770087 IP 119.47.87.67 ASN #38186 Forewin Telecom Group Limited, ISP at Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:06 Last Seen2023-04-05 01:51:35 Times Seen52 Hash 93368157fb131b56a45d6f60f8b40342 ea2a25edb7b00c3e0a06650f02fded5bd87dfa20 c48d4859bc082aa591168f7d7230bef438ecc2b3074e707c83864e11ec1a891f Loading...

	api78.278nnys.com/static/js/chunk-vendors.ff03f8f1.js	505 kB	2023-03-08	2023-03-11
Pretty URL api78.278nnys.com/static/js/chunk-vendors.ff03f8f1.js IP 119.47.87.67 ASN #38186 Forewin Telecom Group Limited, ISP at Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 13:42:57 Last Seen2023-03-11 22:43:08 Times Seen1 Hash 234967e55a5715212b927b930d684c89 5bb6a6fea4e797b0062f6efaa4b1f5dd56bf6319 d4115ca58f9bb303f7bc9c4b69b34693d70b0e0bf059fdf07cb3d6a22e9d0fb7 Loading...

	api78.278nnys.com/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8d1f23c9.js	41 kB	2023-03-09	2023-03-25
Pretty URL api78.278nnys.com/static/js/pages-detail-art~pages-detail-vod~pages-index-index~pages-play-play~pages-search-search~pages-type-a~3bdb0e93.8d1f23c9.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:49:23 Last Seen2023-03-25 22:39:17 Times Seen2 Hash 0ff2dee25ea1906fb90d418302bc8b8a 2fd612fce3127314936b589b69aaf62b4de499f8 73f06b01bdc829b8d5875f131c4bf73355de0e7d11eaedae7b523002d977882b Loading...

	www.ittefaqnews.com/tj.js	5.4 kB	2023-03-08	2023-03-26
Pretty URL www.ittefaqnews.com/tj.js IP 142.111.202.74 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 08:01:58 Last Seen2023-03-26 11:58:26 Times Seen2 Hash 9df14155cddcb345f88729b55f09f2d6 cd96a76911491383074939f635817a489cc44d3b 744f9844ca962a7e31aec23bfccf1959b6eca4f17ed2f0f3b4104d1bcb758d24 Loading...

	www.ittefaqnews.com/common.js	4.2 kB	2023-03-08	2023-03-12
Pretty URL www.ittefaqnews.com/common.js IP 142.111.202.74 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:44:14 Last Seen2023-03-12 12:22:27 Times Seen1 Hash 897713ccc303537ac13625585e5795c4 94783491c26d74c41b136f15753afb2f3ad9f6c3 27c101de62ae76e40b3474cc1301d8976a676270520b938d4e7c3bc686c8e70b Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-05-01
Pretty URL push.zhanzhang.baidu.com/push.js IP 39.156.68.163 ASN #9808 China Mobile Communications Group Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-05-01 20:22:26 Times Seen19140 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	api78.278nnys.com/static/js/index.e321879f.js	102 kB	2023-03-09	2023-03-25
Pretty URL api78.278nnys.com/static/js/index.e321879f.js IP 119.47.87.67 ASN #38186 Forewin Telecom Group Limited, ISP at Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:49:23 Last Seen2023-03-25 22:39:17 Times Seen2 Hash eb30bb87807dbc7dc79d80131c1f4d95 06c1473be46736804b111db304c94be7ede3e5f6 57656341dc1708f01563b0af90d8295fe949cc692bdb6f2accacc42ae4db8950 Loading...

	hm.baidu.com/hm.js?8dd815ed8a74dfcd3b2b500a05515950	30 kB	2023-03-11	2023-03-11
Pretty URL hm.baidu.com/hm.js?8dd815ed8a74dfcd3b2b500a05515950 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:43:08 Last Seen2023-03-11 22:43:08 Times Seen1 Hash fdf982cba905fd121d484851eeb65c47 47ad855b71f8e59616e12373f8102c02a0a4d2f7 7af988af561d42257f3cc64714c5e8fbb21c907517cba3dff8ffec005e803ab5 Loading...

		Size	First Seen	Last Seen
	#1 Eval - 7e2503587ac062b1c91c7648659b6b88	485 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:43:08 Last Seen2023-03-11 22:43:08 Times Seen1 Hash 7e2503587ac062b1c91c7648659b6b88 c5121b69933ea4c6f0b6cd94d579a9c8d5ec4b93 ffbec7ad90ab14a481803bb0b5568c140b96aaad3e20bc326e84fea231d96290 Loading...

		Size	First Seen	Last Seen
	#1 Write - 17683532fa58cc05c4956ed29a4b1ec2	466 B	2023-03-11	2023-03-11
Pretty Observations First Seen2023-03-11 22:43:08 Last Seen2023-03-11 22:43:08 Times Seen1 Hash 17683532fa58cc05c4956ed29a4b1ec2 31e12fcb410de0f1b0af36b29360a89fcfa76e6f 7f8ec00a529fdb1d2105da511ef8b1eb8196027d7e503f7ee946cad9445afb26 Loading...

	#2 Write - 3d5272693eb411e5b8b13a243f76c720	148 B	2023-03-07	2024-04-30
Pretty Observations First Seen2023-03-07 01:10:06 Last Seen2024-04-30 13:52:19 Times Seen1720 Hash 3d5272693eb411e5b8b13a243f76c720 6a586ab8e0a4bf12bbc60eea6ca9f2418625a22c 9582f31f9eb892b8823a780e579d464d54e26d97d65dc327d2b2bdd92d47c4b8 Loading...

HTTP Transactions (41)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
2d2e7649ce9e9ba6fc8b68aa89352e3c
0153d1d3d830a457043e16bb40d48a0b9ddef4b8
8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6469
Expires: Wed, 30 Nov 2022 03:00:36 GMT
Date: Wed, 30 Nov 2022 01:12:47 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

55 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
HTML document, ASCII text
Size
55 B (55 bytes)
Hash
9f073354411bbaf7a319b1519f10b4b7
571498f38548829bf186f49f5be9d5fa6e689a68
4a7aaaa1c093dee8a191d4469c9f701c5e62e88896bc778a13cc4ffedf9be89a

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6574
Cache-Control: public, max-age=1209600
Content-Type: text/html
Date: Wed, 30 Nov 2022 01:12:47 GMT
Etag: "63866b87-37"
Last-Modified: Tue, 29 Nov 2022 20:28:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 55

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9fce5679881bf302a8978a0b462f01a9
b699fe030ea13ac73813e655c42ed9b531925e2b
a3ec545a8f9364ac9062eddb41279e1465687a1b60f9c1dec6b3a3df8b033eb3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A3EC545A8F9364AC9062EDDB41279E1465687A1B60F9C1DEC6B3A3DF8B033EB3"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9283
Expires: Wed, 30 Nov 2022 03:47:30 GMT
Date: Wed, 30 Nov 2022 01:12:47 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 00:19:38 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3189
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: 2bNYuFmJx3MVZ9fh/XnlQypeX4KcmIEVU+xH3lIERxZeFsgWC5rDQYFjl1lnVoEZRlmHDjFundU=
x-amz-request-id: 7V2FVMQVRBXB7MTW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 00:45:40 GMT
age: 1627
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

ittefaqnews.com/@_*.*@_-__@.**-@

142.111.202.74

301 Moved Permanently

0 B

URL HTTP/1.1
ittefaqnews.com/@_*.*@_-__@.**-@
IP
142.111.202.74:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@_*.*@_-__@.**-@ HTTP/1.1
Host: ittefaqnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Wed, 30 Nov 2022 01:12:43 GMT
Content-Type: text/html
Content-Length: 0
Connection: keep-alive
Location: http://www.ittefaqnews.com/@_*.*@_-__@.**-@

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 01:12:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 01:11:13 GMT
cache-control: public,max-age=3600
age: 94
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

www.ittefaqnews.com/@_*.*@_-__@.**-@

142.111.202.74

200 OK

796 B

URL HTTP/1.1
www.ittefaqnews.com/@_*.*@_-__@.**-@
IP
142.111.202.74:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ISO-8859 text, with very long lines (656), with CRLF line terminators
Size
796 B (796 bytes)
Hash
25a88bcee59c408804ae73d4bccfdc0d
d79579efecb6194810a0d0ed43b8c576f57bd4a0
538d3e26c3c9c1ae814bfb093d252c562f321c9cca0b9cf4febb28de526b2dbb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /@_*.*@_-__@.**-@ HTTP/1.1
Host: www.ittefaqnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 01:12:43 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3c8c689bd654417640d85f3da51af313
85123b6d46230a23d03768bf304b386e5d301305
516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6360
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 01:12:47 GMT
Last-Modified: Tue, 29 Nov 2022 23:26:47 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

www.ittefaqnews.com/tj.js

142.111.202.74

200 OK

2.5 kB

URL HTTP/1.1
www.ittefaqnews.com/tj.js
IP
142.111.202.74:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (4898), with CRLF line terminators
Size
2.5 kB (2492 bytes)
Hash
6888a35ddd0a3182091ea08e35ccd76f
fa92dd9fe7db35484e8c327f009681d0a9f29ab9
ae5542afa0c94e4d633bf1baca1e752c1b0af9eb7885938797b9ef87469aca92

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /tj.js HTTP/1.1
Host: www.ittefaqnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ittefaqnews.com/@_*.*@_-__@.**-@

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 01:12:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

www.ittefaqnews.com/common.js

142.111.202.74

200 OK

1.8 kB

URL HTTP/1.1
www.ittefaqnews.com/common.js
IP
142.111.202.74:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document, ASCII text, with very long lines (443), with CRLF line terminators
Size
1.8 kB (1781 bytes)
Hash
a09f13e345bcd26fa565e319ced54731
21b1a4031765e2d6b5cd0ed93f20006b4f1bb473
8a4b0acefbdcc2cc1df6f2287bc9bfb1217e780c4d4c64cc9c6c1d9dc13261f6

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /common.js HTTP/1.1
Host: www.ittefaqnews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ittefaqnews.com/@_*.*@_-__@.**-@

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 01:12:43 GMT
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Content-Encoding: gzip

push.services.mozilla.com/

52.43.228.5

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.43.228.5:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: zh9bOtOY2um6Qy/OAqqGwg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 0Hsd1viyFjuZ0yY9KCrsMlZjNJ8=

push.zhanzhang.baidu.com/push.js

39.156.68.163

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
39.156.68.163:0
ASN
#9808 China Mobile Communications Group Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ittefaqnews.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Wed, 30 Nov 2022 01:12:48 GMT
Etag: "4078521116"
Expires: Thu, 30 Nov 2023 01:12:48 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=8ABA4C302338751D8DABBDEDBB88495A:FG=1; max-age=31536000; expires=Thu, 30-Nov-23 01:12:48 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

ocsp.globalsign.com/gsrsaovsslca2018

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
9a2fc492b1f807cd18aa4f8c887e7322
c9cc81f941d95e52091f056725586e054618987d
703a50ed2d89163db3ab849d6bc76da3236c7160dd1a7a1b2435b5b9b9d3a0bc

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 00:03:55 GMT
ETag: "c9cc81f941d95e52091f056725586e054618987d"
Last-Modified: Wed, 30 Nov 2022 00:03:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 01:12:48 GMT
Age: 4132
X-Served-By: cache-qpg1274-QPG, cache-bma1628-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 54, 2
X-Timer: S1669770768.430976,VS0,VE0

ocsp.globalsign.com/gsrsaovsslca2018

151.101.66.133

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
151.101.66.133:0
ASN
#54113 FASTLY

File type
data
Size
1.4 kB (1432 bytes)
Hash
9a2fc492b1f807cd18aa4f8c887e7322
c9cc81f941d95e52091f056725586e054618987d
703a50ed2d89163db3ab849d6bc76da3236c7160dd1a7a1b2435b5b9b9d3a0bc

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 1432
Server: nginx
Content-Type: application/ocsp-response
Expires: Sun, 04 Dec 2022 00:03:55 GMT
ETag: "c9cc81f941d95e52091f056725586e054618987d"
Last-Modified: Wed, 30 Nov 2022 00:03:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Wed, 30 Nov 2022 01:12:48 GMT
Age: 4132
X-Served-By: cache-qpg1274-QPG, cache-bma1662-BMA
X-Cache: HIT, HIT
X-Cache-Hits: 54, 2
X-Timer: S1669770768.431214,VS0,VE0

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4e89c6c489acf6178d4658baf9f84b89
c03c01e4a5f34e4d1455d0ec5be05365aed91375
6f41000505f09df8b4325a1e5beb3a2be0b774c59f85779216c9ff47000124f1

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6F41000505F09DF8B4325A1E5BEB3A2BE0B774C59F85779216C9FF47000124F1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7316
Expires: Wed, 30 Nov 2022 03:14:44 GMT
Date: Wed, 30 Nov 2022 01:12:48 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 01:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 01:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 01:12:49 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3837
Expires: Wed, 30 Nov 2022 02:16:46 GMT
Date: Wed, 30 Nov 2022 01:12:49 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11466 bytes)
Hash
0c14828912decf19c9d95fee93e92f00
49a82390cbf2139bf681d896f9467ab736e0b337
bbafc9bd160a30c6a31954bdf66655e1decc59dead3bb94c6fa21cad1cd56fe3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37883a10-064d-451d-9dd4-bca0a5594e96.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11466
x-amzn-requestid: 40ae63d3-397e-4118-90b2-d48b1f4014c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHUxIAMFxWA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-2b309a0a5e93f68312a26fa1;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: G2_x26WJ_ISQDsWfV3RzC_jCy5FLNLpblRk_GvuCn4i-ETBAsaKBjQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:45 GMT
age: 12004
etag: "49a82390cbf2139bf681d896f9467ab736e0b337"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.3 kB (9330 bytes)
Hash
bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 11515
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (11070 bytes)
Hash
4cc55889e6edaa76fa8c991914b5347b
9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a
3122c681063a6ee629f5516c433ea3cc65f771d3394df1d6c4b0a1cb91100831

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a644078-a260-40cb-abc4-b226762802d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11070
x-amzn-requestid: 3f342f57-8231-4ba9-9105-dd3fa43ca8d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cSsg9FNAoAMFYgQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6384279f-27e7956e0f3a694338951b8a;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 03:14:39 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Qhq6EXPP69HkKofiAAD5x6j9gVuLzO9qvcwBfYUMiBGR47Sdqccf_g==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:52:52 GMT
age: 73197
etag: "9ab86eab2fac1c25eaaaaeeaec28eeb2783d9c8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.7 kB (9674 bytes)
Hash
5508d05a290b663fd89ead9b58f2efd8
53650399f9a986ba54addd668b4557109d12003b
65704a961410fdd318c491fedf002c8e9b184cd34b76fe1b67026d42ce21be3f

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F966ff24e-ea85-4a2e-aead-22f1a723c59f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 7e7d0183-9667-462a-8d44-d125998c1ae3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgEoHVAoAMFvAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a1d-280ba97e3fe1bf7244cbde35;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ym_L3s5E6MLy6BxqNkVxok6L6hA4c-ilSsEqt42j2IbiXYPb4c6-VQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:52:51 GMT
age: 11998
etag: "53650399f9a986ba54addd668b4557109d12003b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10958 bytes)
Hash
777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 10557
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.0 kB (7971 bytes)
Hash
9e135c29a8769eb12ef8c26f99097400
87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d
ce41ff79c382efc54aa2fd3ab64293d2d2b706a7f21585f4bd8bbcd9a3566126

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde294fb7-e851-4e57-83be-aa3374862dcb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7971
x-amzn-requestid: e47d10e4-2b60-4998-b5fa-5b145e60aac2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhgWHgGoAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867c68-5b9710a07b0a59730e73dce4;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:40:56 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OURSF_raDXrHV3-3ScaEdorNpW9ZKSIQjv6WUCQYHhruGz372BU_QA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:58:15 GMT
age: 11674
etag: "87447d20e9c0a6a6aeefe6ca107f93cd3598cd0d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
4520b62f8e6fd09cf739b84818b3e136
c957067ede9aa6cbd08b61187b47fda6e1c76723
3565bb7c1a4c7f4e2edf887b2caa9a56685fa205ee40d8887cb42ef2fe5d64d4

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3565BB7C1A4C7F4E2EDF887B2CAA9A56685FA205EE40D8887CB42EF2FE5D64D4"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21567
Expires: Wed, 30 Nov 2022 07:12:16 GMT
Date: Wed, 30 Nov 2022 01:12:49 GMT
Connection: keep-alive

api78.278nnys.com/?time=1669770087

119.47.87.67

200 OK

786 B

URL HTTP/2
api78.278nnys.com/?time=1669770087
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (500)
Size
786 B (786 bytes)
Hash
b3b88a52d9e4e3de21d19405b4787969
4b5a420b6054631c69118213ceedc64954e62a3b
f71590e700f43a89c6cb2fcc56f928c6b5c05173d3727399416d284904588224

HTTP Headers

GET /?time=1669770087 HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://www.ittefaqnews.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:35 GMT
content-type: text/html
content-length: 786
last-modified: Sun, 20 Nov 2022 15:00:35 GMT
etag: "637a4113-312"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

api78.278nnys.com/static/js/chunk-vendors.ff03f8f1.js

119.47.87.67

200 OK

181 kB

URL HTTP/2
api78.278nnys.com/static/js/chunk-vendors.ff03f8f1.js
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
data
Size
181 kB (181339 bytes)
Hash
734aca3dc082686c439f46fe454a06a8
27a2f5ff7b1f518ac000ebefec3f8eb8ae5869dc
b5a31af4ea34411c3fbf8e6b9baf385e18662b28238b289b31afee1616c3ef67

HTTP Headers

GET /static/js/chunk-vendors.ff03f8f1.js HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:36 GMT
content-type: application/javascript
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
vary: Accept-Encoding
etag: W/"635ea466-7b545"
expires: Wed, 30 Nov 2022 13:12:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api78.278nnys.com/static/sp.png

119.47.87.67

200 OK

1.6 kB

URL HTTP/2
api78.278nnys.com/static/sp.png
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1567 bytes)
Hash
ce937d677602efa4336b128cce5623e6
df8d9d91f3ee7dab1cc6df09d31fced9b65af1ec
5c07299c5db0f5ebb2b0e813b0e1bf8e333d8d3a7ee7a94f00c9511206d44ae7

HTTP Headers

GET /static/sp.png HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:37 GMT
content-type: image/png
content-length: 1567
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
etag: "635ea466-61f"
expires: Fri, 30 Dec 2022 01:12:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

api78.278nnys.com/static/tp.png

119.47.87.67

200 OK

702 B

URL HTTP/2
api78.278nnys.com/static/tp.png
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
702 B (702 bytes)
Hash
ff857551e3b2bf71de172de499080f90
54106c7b71e998d887060fe85a9f1eb670a9053f
e3f0ced88a039aea352f059a835ff1b3dd946fe973e479eb2ca4427b0bc043fa

HTTP Headers

GET /static/tp.png HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:37 GMT
content-type: image/png
content-length: 702
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
etag: "635ea466-2be"
expires: Fri, 30 Dec 2022 01:12:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

api78.278nnys.com/static/xs.png

119.47.87.67

200 OK

585 B

URL HTTP/2
api78.278nnys.com/static/xs.png
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Size
585 B (585 bytes)
Hash
66a8c233731e954dbd07f5b9a22b82bf
82258e4fc3da30ca39ce50d790e10c3df52457ac
2bb96ae43e6bc3fb5c7007482daf52e7d295db5336e4eed7ff10aa461bbe3873

HTTP Headers

GET /static/xs.png HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:37 GMT
content-type: image/png
content-length: 585
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
etag: "635ea466-249"
expires: Fri, 30 Dec 2022 01:12:37 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2

api78.278nnys.com/static/js/index.e321879f.js

119.47.87.67

200 OK

36 kB

URL HTTP/2
api78.278nnys.com/static/js/index.e321879f.js
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type
Unicode text, UTF-8 text, with very long lines (65270), with no line terminators
Size
36 kB (36061 bytes)
Hash
344e694e8c698d259f7c367fd59e087b
6083ac1a1ac983dacd48ef5cc69ae82f9ff79fb0
37855d13f78742172467433a2c2b1f7e2905daa201a32147eb0444e78e0b7f9f

HTTP Headers

GET /static/js/index.e321879f.js HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:36 GMT
content-type: application/javascript
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
vary: Accept-Encoding
etag: W/"635ea466-18c93"
expires: Wed, 30 Nov 2022 13:12:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1441506085&si=8dd815ed8a74dfcd3b2b500a05515950&su=http%3A%2F%2Fwww.ittefaqnews.com%2F&v=1.3.0&lv=1&sn=4506&r=0&ww=1268&u=https%3A%2F%2Fapi78.278nnys.com%2F%3Ftime%3D1669770087%23%2F&tt=%E7%89%9B%E7%89%9B%E5%BD%B1%E8%A7%86

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1441506085&si=8dd815ed8a74dfcd3b2b500a05515950&su=http%3A%2F%2Fwww.ittefaqnews.com%2F&v=1.3.0&lv=1&sn=4506&r=0&ww=1268&u=https%3A%2F%2Fapi78.278nnys.com%2F%3Ftime%3D1669770087%23%2F&tt=%E7%89%9B%E7%89%9B%E5%BD%B1%E8%A7%86
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=0&ck=0&cl=24-bit&ds=1280x1024&vl=927&et=0&ja=0&ln=en-us&lo=0&rnd=1441506085&si=8dd815ed8a74dfcd3b2b500a05515950&su=http%3A%2F%2Fwww.ittefaqnews.com%2F&v=1.3.0&lv=1&sn=4506&r=0&ww=1268&u=https%3A%2F%2Fapi78.278nnys.com%2F%3Ftime%3D1669770087%23%2F&tt=%E7%89%9B%E7%89%9B%E5%BD%B1%E8%A7%86 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Wed, 30 Nov 2022 01:12:52 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=C4084FF796F583A4; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

dvcasha2.ocsp-certum.com/

95.101.10.193

200 OK

1.6 kB

URL HTTP/1.1
dvcasha2.ocsp-certum.com/
IP
95.101.10.193:0
ASN
#20940 Akamai International B.V.

File type
data
Size
1.6 kB (1599 bytes)
Hash
7457a290af30003d24031ed590513f3f
81d654d8739112b0048fdde7586cddbc4af210cd
4ccda35ec827a5dea9fb316582a218194bcc83eebe380c4c177373f530f3b197

HTTP Headers

POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=842
Date: Wed, 30 Nov 2022 01:12:54 GMT
Connection: keep-alive
X-N: S

cdn.dcloud.net.cn/img/shadow-grey.png

116.62.168.25

200 OK

136 B

URL HTTP/1.1
cdn.dcloud.net.cn/img/shadow-grey.png
IP
116.62.168.25:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 1 x 6, 4-bit colormap, non-interlaced\012- data
Size
136 B (136 bytes)
Hash
5a962adf74d92ae702467b3f47976547
36f74049375584e3fa69b5ef87e9572336ff9e7a
ad4ebea1c3496dd2924789ee009174a2c6289d1200e9811f458fd46f172d1d6f

HTTP Headers

GET /img/shadow-grey.png HTTP/1.1
Host: cdn.dcloud.net.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Wed, 30 Nov 2022 01:12:54 GMT
Content-Type: image/png
Content-Length: 136
Last-Modified: Thu, 06 Jun 2019 06:42:07 GMT
Connection: close
ETag: "5cf8b5bf-88"
Expires: Wed, 30 Nov 2022 03:12:54 GMT
Cache-Control: max-age=7200
Set-Cookie: __uni__uid=CgIBXWOGrhYbuQSWC0bjAg==; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=dcloud.net.cn; path=/; secure; httponly; samesite=none
Accept-Ranges: bytes

api78.278nnys.com/static/index.2772579d.css

119.47.87.67

200 OK

0 B

URL HTTP/2
api78.278nnys.com/static/index.2772579d.css
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/index.2772579d.css HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:36 GMT
content-type: text/css
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
vary: Accept-Encoding
etag: W/"635ea466-17031"
expires: Wed, 30 Nov 2022 13:12:36 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js

106.227.30.48

200 OK

0 B

URL HTTP/2
hmcdn.baidu.com/static/tongji/plugins/UrlChangeTracker.js
IP
106.227.30.48:0
ASN
#148969 China Telecom

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/tongji/plugins/UrlChangeTracker.js HTTP/1.1
Host: hmcdn.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: JSP3/2.0.14
date: Wed, 30 Nov 2022 01:12:54 GMT
content-type: application/x-javascript
last-modified: Tue, 20 Oct 2020 09:42:15 GMT
etag: "5f8eb0f7-4b3c"
content-encoding: gzip
age: 255596
accept-ranges: bytes
tracecode: 00557334490254889226093005
vary: Accept-Encoding
timing-allow-origin: *
ohc-global-saved-time: Sun, 27 Nov 2022 02:12:58 GMT
ohc-cache-hit: nc5ct69 [2], tjctcache59 [2]
ohc-response-time: 1 0 0 0 0 0
X-Firefox-Spdy: h2

api78.278nnys.com/static/js/pages-index-index.819245bd.js

119.47.87.67

200 OK

0 B

URL HTTP/2
api78.278nnys.com/static/js/pages-index-index.819245bd.js
IP
119.47.87.67:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/js/pages-index-index.819245bd.js HTTP/1.1
Host: api78.278nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://api78.278nnys.com/?time=1669770087
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:12:37 GMT
content-type: application/javascript
last-modified: Sun, 30 Oct 2022 16:20:54 GMT
vary: Accept-Encoding
etag: W/"635ea466-2593"
expires: Wed, 30 Nov 2022 13:12:37 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2

api66.270nnys.com/common.php?val=niuniandaji&t=0.18801556598515456?v=028144063584526835

119.47.84.89

200 OK

0 B

URL HTTP/2
api66.270nnys.com/common.php?val=niuniandaji&t=0.18801556598515456?v=028144063584526835
IP
119.47.84.89:0
ASN
#38186 Forewin Telecom Group Limited, ISP at

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /common.php?val=niuniandaji&t=0.18801556598515456?v=028144063584526835 HTTP/1.1
Host: api66.270nnys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://www.ittefaqnews.com
Connection: keep-alive
Referer: http://www.ittefaqnews.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Tengine
date: Wed, 30 Nov 2022 01:01:27 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-methods: POST,GET,OPTIONS,DELETE
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Content-Length,Accept-Encoding,X-Requested-with, Origin
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations