Overview

URL gbox.ws/
IP18.140.66.181
ASNAMAZON-02
Location Singapore
Report completed2022-10-06 09:09:50 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-10-06 2 gbox.ws/ Phishing
2022-10-06 2 gbox.ws/js/constants.js Phishing
2022-10-06 2 gbox.ws/js/toastr.min.js Phishing
2022-10-06 2 gbox.ws/js/base.js Phishing
2022-10-06 2 gbox.ws/js/index.js Phishing
2022-10-06 2 gbox.ws/js/bootstrap.min.js Phishing
2022-10-06 2 gbox.ws/js/jquery-1.11.3.min.js Phishing
2022-10-06 2 gbox.ws/js/angular.min.js Phishing
2022-10-06 2 gbox.ws/fonts/fontawesome-webfont.woff2?v=4.4.0 Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (12)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-06 05:02:20 UTC 54.187.71.185
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-06 04:51:10 UTC 142.250.74.10
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-06 04:51:09 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-06 04:55:14 UTC 34.160.144.191
mnemonic passive DNS ocsp.pki.goog (5) 175 2017-06-14 07:23:31 UTC 2022-10-06 04:46:05 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-06 05:20:05 UTC 93.184.220.29
mnemonic passive DNS gbox.ws (14) 0 2015-08-26 03:05:10 UTC 2022-09-13 12:27:22 UTC 18.140.66.181 Unknown ranking
mnemonic passive DNS maxcdn.bootstrapcdn.com (1) 724 2014-06-18 00:37:31 UTC 2022-10-06 07:06:16 UTC 104.18.11.207
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-06 04:25:36 UTC 34.120.237.76
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-10-06 05:29:05 UTC 54.230.111.65
mnemonic passive DNS r3.o.lencr.org (6) 344 2020-12-02 08:52:13 UTC 2022-10-06 04:46:31 UTC 23.36.76.226
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-06 04:46:50 UTC 34.117.237.239


Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 18.140.66.181

Date UQ / IDS / BL URL IP
2022-10-06 09:09:50 +0000
0 - 0 - 9 gbox.ws/ 18.140.66.181

Last 5 reports on ASN: AMAZON-02

Date UQ / IDS / BL URL IP
2022-11-28 12:16:14 +0000
0 - 0 - 1 app.logictree.co/d21a1884-c25e-46c5-9a56-6b7c (...) 18.158.88.249
2022-11-28 12:15:05 +0000
0 - 0 - 1 xoc.webcamsekss.nl/eng/rsna-login.html 15.197.130.221
2022-11-28 12:14:31 +0000
0 - 0 - 1 52.62.144.52/55/vbc.exe 52.62.144.52
2022-11-28 12:11:02 +0000
0 - 0 - 2 braokeextrefore.com/0b912cb8-872c-4ada-9a1c-1 (...) 3.124.99.72
2022-11-28 12:08:22 +0000
0 - 0 - 2 top-conttent.com/412f3715-ff64-47fa-abc6-9cb4 (...) 18.193.209.105

Last 1 reports on domain: gbox.ws

Date UQ / IDS / BL URL IP
2022-10-06 09:09:50 +0000
0 - 0 - 9 gbox.ws/ 18.140.66.181

No other reports with similar screenshot



JavaScript

Executed Scripts (8)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (41)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Q_QuijYcccwoN02pOwTlH1pQpdvdINVQqkC74hTUgkr0Pv1w6e7FOQ==
Age: 62542


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12598
Expires: Thu, 06 Oct 2022 12:39:38 GMT
Date: Thu, 06 Oct 2022 09:09:40 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15434
Expires: Thu, 06 Oct 2022 13:26:54 GMT
Date: Thu, 06 Oct 2022 09:09:40 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: USZ0zjfb2ttTYGyBSQHUH6NbWlUiMtfR6T9+HY7yy2CvHtBx4BohIenycy6hVvTu24WKQPZHiLQ=
x-amz-request-id: HQXWDTGN30JHENZP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 08:30:42 GMT
age: 2338
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 06 Oct 2022 09:09:40 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET / HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.13.12
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.16
Cache-Control: no-cache
Date: Thu, 06 Oct 2022 09:09:40 GMT
Set-Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; expires=Thu, 06-Oct-2022 11:09:40 GMT; Max-Age=7200; path=/ laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D; expires=Thu, 06-Oct-2022 11:09:40 GMT; Max-Age=7200; path=/; HttpOnly


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   5321
Md5:    6185d51541532edbfc6e79ffdae2605f
Sha1:   6e450f32e7ed17d9a4b51c56d2f8960691bd08b4
Sha256: ea8bc330d046d21bd5fd0e5735a0375865a2de792227c5bfd9abd661e17b229e

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /bootswatch/3.3.7/superhero/bootstrap.min.css HTTP/1.1 
Host: maxcdn.bootstrapcdn.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/

                                         
                                         104.18.11.207
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Date: Thu, 06 Oct 2022 09:09:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
CDN-PullZone: 252412
CDN-Uid: b1941f61-b576-4f40-80de-5677acb38f74
CDN-RequestCountryCode: DE
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31919000
Content-Encoding: gzip
Last-Modified: Mon, 25 Jan 2021 22:04:28 GMT
CDN-CachedAt: 08/03/2021 14:44:54
CDN-EdgeStorageId: 601
CDN-RequestPullCode: 200
CDN-RequestPullSuccess: True
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
X-Content-Type-Options: nosniff
CDN-ProxyVer: 1.0
CDN-Status: 200
CDN-RequestId: 3448595e918804ff42c472e02debc4fe
CDN-Cache: HIT
CF-Cache-Status: HIT
Age: 666833
Server: cloudflare
CF-RAY: 755d42724f610b02-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400


--- Additional Info ---
Magic:  ASCII text, with very long lines (65158)
Size:   24634
Md5:    654c4413875b93b8163e865924673c88
Sha1:   10b3ef8ce24488245f658f38118aa204d31d39da
Sha256: 8e4e41b07149fb29032bb275409166b1307e97cb7c8ea4bbee90a69956b752f6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 09:09:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 09:09:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css/toastr.min.css HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:40 GMT
Content-Length: 5993
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-1769"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (5993), with no line terminators
Size:   5993
Md5:    c4d50504a82305d607ae5ff7b33e0c39
Sha1:   6be38e5f7d02e41b211ec1e141a0f4655c899572
Sha256: a2426f1111a7c61667d668e9012e3eab58f4e784fe70fe16293dc43b634f812a
                                        
                                            GET /css/base.css HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:40 GMT
Content-Length: 662
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-296"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   662
Md5:    c9c656459c740a30c5cc3c013513730a
Sha1:   a84f132658e1e3a4bd7f0a7189595bc311114154
Sha256: a91517ca2ffd95568a26b77d96355487f0999eba29e0a27783ee245344dbe1f3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.65
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 08:29:41 GMT
Expires: Thu, 06 Oct 2022 09:00:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: PRHkSL8vZPsldeW-9tXTlODbmNCpAGClbHaF4y8rDtPdJUecMMg-aw==
Age: 2400


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 601
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 09:09:41 GMT
Last-Modified: Thu, 06 Oct 2022 08:59:40 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /js/constants.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 59
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-3b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   59
Md5:    3cbecfcc03ebfc2d1db72ff4b6ae3f6c
Sha1:   7e91e249dbc1d0e8a3db6a265fd883b027d48af3
Sha256: 0b127058a312a0dcdc7f2143ce95c44507222ef3c85cd7264eb4ad52deb293d3

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/toastr.min.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 4953
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-1359"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (4918)
Size:   4953
Md5:    d59436971aa13b0e0c24d4332543fbef
Sha1:   c73521049fbf59ece5a3583d83f096a1ca20a9ed
Sha256: b2f539c525219f3cb09b400f7c014dadad7adc90e2e83df56b2cd4c879290e0d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/base.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 834
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-342"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   834
Md5:    3180bcc7b4cb5de14082136050b087ea
Sha1:   1b50bbecd3e4525a410d4e563cce7f838b988923
Sha256: 13e2c6b505e1f41f6a1cc7c553387f3b559fa7755c20fa24f0f586acfbf3e7d5

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: LNpLKk4MgpkWQj77YE4MoQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.187.71.185
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: vInUKWPfxYCJyCGWl2Zg3gyChQc=

                                        
                                            GET /js/index.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 3295
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-cdf"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   3295
Md5:    0939e8cf1bf593bb926e3a588f0a28b9
Sha1:   f45dd33d6c097ecec5c46800db7ea7c9cb4b67dd
Sha256: fea319535dd49259b26495f600dee5662fde40a12d9802c4d95e507f012a031d

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /js/bootstrap.min.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 36816
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-8fd0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32034)
Size:   36816
Md5:    4becdc9104623e891fbb9d38bba01be4
Sha1:   6c264e0e0026ab5ece49350c6a8812398e696cbb
Sha256: 4a4de7903ea62d330e17410ea4db6c22bcbeb350ac6aa402d6b54b4c0cbed327

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css/index.css HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 347
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-15b"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text
Size:   347
Md5:    9676978330e56318c4962af64211954b
Sha1:   fba3191540cc643c7d25992235306521d5fb3116
Sha256: 17baa03f14eea377ce711cd23dadfb459cf0197eb647f4428b2645f004f41850
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20011
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:09:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20011
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:09:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20011
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:09:41 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "B0C59E715D8C38C061CFA06EC64C69F442F9417D6BC9C76E393C1FA00B11AF86"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20011
Expires: Thu, 06 Oct 2022 14:43:12 GMT
Date: Thu, 06 Oct 2022 09:09:41 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11478
x-amzn-requestid: d058c900-2b03-4373-aa5b-0d91128de0e8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjQiMGXDIAMFbVg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfada-743a7dda1804ecb76ae96592;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:44:58 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Geyupd7DZO0XRtj6uKJM-il3wOu82I2N26-vLgJCxYlid1Csm-fYxQ==
via: 1.1 58f9a50682bb94842197f3e957919c60.cloudfront.net (CloudFront), 1.1 76dcc62b68091cc715d50b5017be77fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:17 GMT
age: 40104
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11478
Md5:    a2e00e7f6054a915275111712ae68feb
Sha1:   016d84f56f97f1ab12c4046177e3e809aa861729
Sha256: d042df692c87770504eaa80dae07601163a3b330061b5b9ec7b66a2bec759150
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:01:22 GMT
age: 40099
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8651
Md5:    2d101e6535dfc8ea8c193d3e97c07e1d
Sha1:   d839f3aa41455d818da9a794b0688b1144b3a03a
Sha256: d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
                                        
                                            GET /css?family=Lato:300,400,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://maxcdn.bootstrapcdn.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 09:09:41 GMT
date: Thu, 06 Oct 2022 09:09:41 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10545
Md5:    f563a70440ca8b0b60f63b2058722bca
Sha1:   022f74a1a1e4be035465d37898adc598f867cd46
Sha256: c2a0a1b4bfb1f1a267a84d1a7cb16ae1ad1d70dda250841491813b9da1db1589
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 09:27:45 GMT
age: 85316
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12156
Md5:    af17f003b33d854fd024dcd3980fea27
Sha1:   1282572af57f7d04cae3f736a9b9fcb378efdf70
Sha256: 5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feda182b7-6bc8-4aea-82c3-d9fa08748b61.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7385
x-amzn-requestid: f3b30c95-2f19-4d70-b358-ff7e1e1c56f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uHJrIAMF3WA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-5211c3087ea4f0023b32b284;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: uka14Zb4NhZEmseL9817VqWrplnl8Yrmnp3oTVs6OeMjdCLI89QoVg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b47618c03bd47cf085f27b1e215f76cc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 41580
etag: "b0205176a58913f57056b91674097bfb58046e97"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7385
Md5:    e5a5ee14d41747f46e71f04782e1a3d3
Sha1:   b0205176a58913f57056b91674097bfb58046e97
Sha256: b3bae0b56b50374cb85fc7fe4c9b551383d1969bf31e7adccb867e3467c59269
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ecef3b6-b278-4a22-86dd-6a19875e1cc1.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7511
x-amzn-requestid: 995b51dd-5484-4b4c-ad40-550f7fd85930
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjO6uG70IAMFjBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df844-70f17f6f24dce0003d03902a;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:33:56 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 3lKuGlFCBN2wEsp9-Oa3ysQg62py090H30jy6_bR02Ufs0KGPrVC4w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 d8d9c12d1a621129f4bc739038e7c72e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:36:41 GMT
age: 41580
etag: "69ad212cb7ae309d4f02019552887135bfae67da"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7511
Md5:    9e520f87cae411cfc2ed1c8a14184385
Sha1:   69ad212cb7ae309d4f02019552887135bfae67da
Sha256: 723b10bfbcde201b5811e3bd0560f02f90775e4d18b28d19e6c814899f2da71a
                                        
                                            GET /js/jquery-1.11.3.min.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 95957
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-176d5"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (32038)
Size:   95957
Md5:    895323ed2f7258af4fae2c738c8aea49
Sha1:   276c87ff3e1e3155679c318938e74e5c1b76d809
Sha256: ecb916133a9376911f10bc5c659952eb0031e457f5df367cde560edbfba38fb8

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /css/font-awesome.min.css HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: text/css
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 26711
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-6857"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (26548)
Size:   26711
Md5:    0831cba6a670e405168b84aa20798347
Sha1:   05ea25bc9b3ac48993e1fee322d3bc94b49a6e22
Sha256: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 09:09:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 09:09:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gbox.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:10:21 GMT
expires: Wed, 04 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 143961
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://gbox.ws
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23236
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 17:17:26 GMT
expires: Wed, 04 Oct 2023 17:17:26 GMT
cache-control: public, max-age=31536000
age: 143536
last-modified: Tue, 26 Apr 2022 16:04:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data
Size:   23236
Md5:    716309aab2bca045f9627f63ad79d0bf
Sha1:   38804233a29aaf975d557fe14e762c627bef76e0
Sha256: 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 09:09:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /js/angular.min.js HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/javascript
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:41 GMT
Content-Length: 160048
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-27130"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  ASCII text, with very long lines (639)
Size:   160048
Md5:    c8ddded85c81cfcd8dd4e54b71724d85
Sha1:   78069f9f3a9ca9652cb04c13ccb0670d747666b8
Sha256: e92af41ea36051ffe9f3c83abec97cec2ac09cdaa2396863958e8b4bc8de5870

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /fonts/fontawesome-webfont.woff2?v=4.4.0 HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://gbox.ws/css/font-awesome.min.css
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 200 OK
Content-Type: application/octet-stream
                                        
Server: nginx/1.13.12
Date: Thu, 06 Oct 2022 09:09:42 GMT
Content-Length: 64464
Last-Modified: Wed, 18 Apr 2018 14:34:40 GMT
Connection: keep-alive
ETag: "5ad75780-fbd0"
Accept-Ranges: bytes


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 64464, version 4.262\012- data
Size:   64464
Md5:    4b5a84aaf1c9485e060c503a0ff8cadb
Sha1:   574ea2698c03ae9477db2ea3baf460ee32f1a7ea
Sha256: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: gbox.ws
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gbox.ws/
Cookie: XSRF-TOKEN=eyJpdiI6IjZmbFwvdW9ycVJuWG40NlFCaGhJa2xRPT0iLCJ2YWx1ZSI6IjRhWkhQRFJ5UlBkMXM5R29nVjlGOUt4VElIOU8yR3FzT2FYZHRKcXl4TVhPYkRYcFpXVVpmOU95elVnVmpvWGhzU2YxYVwvS3ZXc2ROSzBwUTBYaWJXUT09IiwibWFjIjoiMGFjYmViYTk2MDZmZTFkMWVkYTZkNjA1MjRlOGQxZDljMTNhOTk5Njk0MzQ3NjM3NjAzNTRhOTFlNWE5ODYwNiJ9; laravel_session=eyJpdiI6ImsxNXhGN2RVTkRicWwxN3ZtZjNTMEE9PSIsInZhbHVlIjoiRHUxeWJac2pXZFcrMGFlY3dpRG5hbm5QT1FUOFBtZnZMOEFQMW9oQ0h3QjBTQWR1MENDRVhmUDJkbXE1U21vdVlIbUQ5OEtKNHRiZE52OHNBekpRY1E9PSIsIm1hYyI6IjA2ZDgwNzQxMDJlZjE5ZTUxYjI2M2E0YzY1OWI3YzczZTRmMzk5OGQyOGZhYzU3MjI2MmM5MjRjMWIwNDM3ZWYifQ%3D%3D

                                         
                                         18.140.66.181
HTTP/1.1 404 Not Found
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx/1.13.12
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.1.16
Cache-Control: no-cache
Date: Thu, 06 Oct 2022 09:09:42 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size:   4303
Md5:    f6299c8ddd9eb574c25589dd859ece3f
Sha1:   c69b779cffcf47dc9762bd97bc8d6f52fcc2f7b4
Sha256: 74e9c75de3dc018319f51bbfb1d69ec60d2c66e2951d4bba673d63b9407b86aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd38ec9d6-fb69-4c6e-aae2-136fd254ae50.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7270
x-amzn-requestid: f2f15f43-6054-40f5-943a-530671e772dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZjF3aIAMFW9Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-5e2253791a927c8c40a0ff0d;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: xRuMce_9OkP3R2DqHjZI34GwkDezdfGKsgntCMTZG2c6SJUcyv0Ckg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:56:40 GMT
etag: "447cbf348ef10d0136a1811e843c46937defbba1"
age: 40388
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7270
Md5:    e238ccaa3b9fa88476a8514855e8232f
Sha1:   447cbf348ef10d0136a1811e843c46937defbba1
Sha256: 43dce3c1eb388dfaddca4176acb6eb32f76fc4c03fca18e7a315c9ddb43d2b02