| sho.cat/Ae | 172.67.156.214 | 301 Moved Permanently | 0 B |
IP172.67.156.214:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /Ae HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 09 Feb 2023 12:55:40 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Thu, 09 Feb 2023 13:55:40 GMT
Location: https://sho.cat/Ae
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80D7pnNTz5fHZNhVOJ0ouVFomBFFh%2BvuMD1e4oGGvJyPIqH4X5nSQ1cHeIijLUIUE5R6FQxoTJ8snDU4%2BUT1dI70tsvSWVuN1dDmZ58yTLFYcfK4D4A%2FMfTf"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 796cc2bcaa711c02-OSL
alt-svc: h2=":443"; ma=60
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashb7407cc102d62a5acd5e61f8a79bed36 c2f4890a62454e514962b55b7fc14228339c8e90 be282de92da261128a7c8471f3067466aa9930fd0ab2a2cdda8cd2d6ce2bbd74
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BE282DE92DA261128A7C8471F3067466AA9930FD0AB2A2CDDA8CD2D6CE2BBD74"
Last-Modified: Wed, 08 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3513
Expires: Thu, 09 Feb 2023 13:54:13 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash565c1bbc5c1c40be1988b3bf6fd9dc1a cfdba5bc597130461dd67bf6cda53183be592493 60ceb36a8329c92fc49a3caf50daf511a38e01eac21a07d7a0a838166bea058d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "60CEB36A8329C92FC49A3CAF50DAF511A38E01EAC21A07D7A0A838166BEA058D"
Last-Modified: Mon, 06 Feb 2023 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5628
Expires: Thu, 09 Feb 2023 14:29:28 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hashff250d3ef3fa45322bf05039a0122a9f b3e7a2c383bce1bab807dbe1a03c375258b51f1d d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Content-Type, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 09 Feb 2023 12:34:15 GMT
content-type: application/json
age: 1285
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash50a2f8cdbbd1059f5318753155bba7ef 405e63ea4683be44f876feae34b5cb645ff751f2 f6ac743a5a17d64d2858fec5791050d2dc8074ddd823826c93e67bffdb2f0868
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F6AC743A5A17D64D2858FEC5791050D2DC8074DDD823826C93E67BFFDB2F0868"
Last-Modified: Thu, 09 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18015
Expires: Thu, 09 Feb 2023 17:55:55 GMT
Date: Thu, 09 Feb 2023 12:55:40 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hashe76071a28ee566dababb3834f46d68ed aebb4e68c1ba2de0f90025283e8ed8470944fde0 78b6df2627172e5b35476bc31020f02898cdc412aaf4337af2c3b049a60912b6
GET /chains/remote-settings.content-signature.mozilla.org-2023-03-20-18-44-46.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EZUqYUz/5frU7y8VXKg1JdmJOKhfU6uIkQn0+hboWnci3361+iigY34EW3QwHIf5moSCuGLCByo=
x-amz-request-id: 00GP62SZWX54AAHP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 09 Feb 2023 12:36:22 GMT
age: 1158
last-modified: Sun, 29 Jan 2023 18:44:47 GMT
etag: "e76071a28ee566dababb3834f46d68ed"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash91f7c892e1e3cbb971093d1d03e0f755 d50543d91ccb1c65256487bf2dc4cdd81809b29a 5214dd28d97ce4081ef266b876245c779dcc8885156f9ed8e9c118bdb50f8946
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=163793
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:40 GMT
Etag: "63e4ca1d-116"
Expires: Sat, 11 Feb 2023 10:25:33 GMT
Last-Modified: Thu, 09 Feb 2023 10:25:33 GMT
Server: nginx
Content-Length: 278
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Retry-After, Content-Length, Content-Type, ETag, Cache-Control, Alert, Pragma, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 09 Feb 2023 12:51:21 GMT
age: 259
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sho.cat/Leaderboard.gif | 172.67.156.214 | 200 OK | 25 kB |
IP172.67.156.214:0
File typeGIF image data, version 89a, 728 x 90\012- data Hashe85f61f40ab570e9d3fc66941e187430 c6e8320cda03dd56be4fb5f900d3164a7cfa9c60 adbbb381c75b999f98e948832172a67e495785bcff726e92d9a2017649e516c2
GET /Leaderboard.gif HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/gif
content-length: 24755
last-modified: Sun, 05 Dec 2021 16:32:15 GMT
etag: "60b3-5d268aede2e53"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jm8vdsyZUXHyw%2F3tXx%2F839mCCcnAEI3KrmVki4l1JmjBkSV16ECiX5od3TPdDD%2FaWF9Bh%2F7si9q2a2LkyAgySqfqA9p9Sw9O4g12voKoQgvzDApScZsK%2F770"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c15949b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/images/header.png | 172.67.156.214 | 200 OK | 41 kB |
URL HTTP/2sho.cat/images/header.png IP172.67.156.214:0
File typePNG image data, 950 x 200, 8-bit/color RGBA, non-interlaced\012- data Hash6f40e71cb8a7c4b48864fe9a9a7df227 14f2bf5a489a34b94f4fe08aaa4835d29ae95e3f c961f453329272dce432447832e39a9586c4d3d82122cbe64b53df97056c08e1
GET /images/header.png HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/png
content-length: 40779
last-modified: Wed, 22 May 2019 18:40:50 GMT
etag: "9f4b-5897e4df4435b"
cache-control: max-age=14400
cf-cache-status: MISS
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a3E%2Fc%2FgMJOyvy5TKhFV6c7VmbltxfVw5xRDnb7cZJrUZk2vpg3n4kLU7axEvCjg4YvBD9AWBBn75We5sXDWt1QTnzTCttbGuN6V24gHh0R6QjgYJseZTcdj4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c14946b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash248ce16379b12f11927ecc3142aec450 fa5b189f2d9182479170cb61cc1723571e437bd2 a8d259b331bdefb00625b9bf057d44d0b3290fda0734c57eda187b04e23d59d4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A8D259B331BDEFB00625B9BF057D44D0B3290FDA0734C57EDA187B04E23D59D4"
Last-Modified: Wed, 08 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2715
Expires: Thu, 09 Feb 2023 13:40:56 GMT
Date: Thu, 09 Feb 2023 12:55:41 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash398b6ca4cd4c5367983ab51a08eeb9c8 e351dff75f249f925847b978e39fb3af4ff20af6 c307c25aa2fc2e20a7ae8e00773c7cd82952b6f582d1fd9c493eb47834ef8cc8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 866
Cache-Control: max-age=120697
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:41 GMT
Etag: "63e41e64-118"
Expires: Fri, 10 Feb 2023 22:27:18 GMT
Last-Modified: Wed, 08 Feb 2023 22:12:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 280 B |
IP93.184.220.29:0
Hash398b6ca4cd4c5367983ab51a08eeb9c8 e351dff75f249f925847b978e39fb3af4ff20af6 c307c25aa2fc2e20a7ae8e00773c7cd82952b6f582d1fd9c493eb47834ef8cc8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 866
Cache-Control: max-age=120697
Content-Type: application/ocsp-response
Date: Thu, 09 Feb 2023 12:55:41 GMT
Etag: "63e41e64-118"
Expires: Fri, 10 Feb 2023 22:27:18 GMT
Last-Modified: Wed, 08 Feb 2023 22:12:52 GMT
Server: ECS (ska/F71C)
X-Cache: HIT
Content-Length: 280
|
|
| push.services.mozilla.com/ | 54.184.50.153 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.184.50.153:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: rNJLy4YbnANwDtUZPhy8YA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IqHb+AwTAqIMZlL9KyT8IKxiTM4=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashfa3b80f6c5e48935acba628afd26f4ce f69397ac7d88fc285d79b1a17ec28340c8a5c564 6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashfa3b80f6c5e48935acba628afd26f4ce f69397ac7d88fc285d79b1a17ec28340c8a5c564 6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashfa3b80f6c5e48935acba628afd26f4ce f69397ac7d88fc285d79b1a17ec28340c8a5c564 6019b3d5a40f38c020b87c2bc5d25b3646b7cccd3bf005f835cb74b46869100d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6019B3D5A40F38C020B87C2BC5D25B3646B7CCCD3BF005F835CB74B46869100D"
Last-Modified: Thu, 09 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6000
Expires: Thu, 09 Feb 2023 14:35:42 GMT
Date: Thu, 09 Feb 2023 12:55:42 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg | 34.120.237.76 | 200 OK | 5.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash403cadd5f6beb14f5d2a4dd9eafc68d3 4724b4929c1afcc134ead274238725e4ce729b26 13d7b7ca88de8341e3ec835a5a7d8c79bc50a136aff8eb90aa3c2267f3e8cc08
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa9614e0f-1b62-40ec-b140-9464c5527d5e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5241
x-amzn-requestid: 3ffb8a54-178e-4574-9662-8dc7696203fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ACiy0FOqIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e41811-26219fa14a85f6e81e4cf129;Sampled=0
x-amzn-remapped-date: Wed, 08 Feb 2023 21:45:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8U_d5u2rtXAyLLBhRZ3BbQkFOc5gxZIPhnyL5XOvjGV6-8KqWyn8FQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 21:45:53 GMT
etag: "4724b4929c1afcc134ead274238725e4ce729b26"
content-type: image/jpeg
age: 54589
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg | 34.120.237.76 | 200 OK | 6.1 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashea55fd1053c19123cb789a7d14479ccc 45fb06a6feeceff6a06c8c3f37e259ddf6e09820 393290f5ec8379a09da72b2554c30023b688489ffda79f5edfe6f114250ee4c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe40cbcc3-f3e1-4c53-87ef-2b07e5039a1c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6061
x-amzn-requestid: cf552847-17d0-4820-9711-3fb129090686
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f8xbCG8jIAMF7Vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63e1c913-0f2af41d6063340d483c3a55;Sampled=0
x-amzn-remapped-date: Tue, 07 Feb 2023 03:44:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3WFg806rwKxFrS_8AcUHawHWXa5ED-6AOEZPlp1R2_Sm7Owm1x_jMg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 09 Feb 2023 05:14:13 GMT
age: 27689
etag: "45fb06a6feeceff6a06c8c3f37e259ddf6e09820"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sho.cat/js/tablesorte.js?v=1.9 | 172.67.156.214 | 200 OK | 16 kB |
URL HTTP/2sho.cat/js/tablesorte.js?v=1.9 IP172.67.156.214:0
Hasha890df8cc6fa71af3499e089d04af0ed 48a81689ad7719dd28a2423d9a4e4631ecca1061 23aaa380d08e19ba6417ba830dd21be96a2fe6bc8e24d578a1e046ff19043fdf
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/tablesorte.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"5c2-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LiiZielza6kAV5%2FhqoVTvO8sijSdekyic%2FqM%2Bpa6UzUu0qegY8uID1lnCX6VfPbIht6Mt5oxQYruw8X%2FmvwNqHvBE%2Bn1ngdv4VcUTCUa5JBFadlkYKY7OR%2Fr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a8db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/jquery.notifybar.js?v=1.9 | 172.67.156.214 | 200 OK | 12 kB |
URL HTTP/2sho.cat/js/jquery.notifybar.js?v=1.9 IP172.67.156.214:0
File typeHTML document, ASCII text Hashe2e7add8293f7f8f9efec86afbfe591d fb6d6b4a377f18784be71a50d54115433c0601bb 473764aff33fa2ccfb619476920a17a8541b55ca542895762706fa270263bb69
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/jquery.notifybar.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"a1e-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m7cCsKX0XroSJX07TfAQwSfT%2BSUqTEoVInXOlSE9Mb%2FmbC0MQDR%2B6UUtmvd7XXSzcm6NVId3xKuWcp9zLA57p53hCI7U%2Bqab8Iyp1YGfcfe%2FnEfi7uw2FP3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a99b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg | 34.120.237.76 | 200 OK | 9.8 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash1d7814305f961caded310b6f2089219b efcb6a067bb023865823625e67d9de60d44685e0 3c01637a052e2394774fc8f6dd37a284afaf76b423219ecd26a89c2d8b69c121
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7d76b3c3-ea90-47d3-83f3-8f1550aa26fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9846
x-amzn-requestid: 4e6cc2be-bc18-4d66-b338-833a05d0d998
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fsaDlGV4oAMFoZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63db3d49-14fc32183d3c6afb3a64c27d;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 04:34:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BNBH60bI_wBqaKAFD_FeZHbzfIeJh9-x-JiMsF0Uh9pxKHFPdAH6Vw==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 08 Feb 2023 22:02:08 GMT
age: 53614
etag: "efcb6a067bb023865823625e67d9de60d44685e0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| sho.cat/js/jquery-3.tablesorter.min.js?v=1.9 | 172.67.156.214 | 200 OK | 25 kB |
URL HTTP/2sho.cat/js/jquery-3.tablesorter.min.js?v=1.9 IP172.67.156.214:0
File typeUnicode text, UTF-8 text, with very long lines (44303), with no line terminators Hash92ada2f386c576e44105108a2b6cc589 27b1e7aa0cd6fd4074bf5c274cb8c47d72426502 6afe7974a4b3447ddf41bbaab229ed9078b4dec289fb6ca47e2b49e647b94973
GET /js/jquery-3.tablesorter.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"ad53-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=omXN7U1Uw9C4EBmkH2LdlTxu1TV%2BKgpPudCvOye0Fi%2FR8I%2BfBw4jFARuQLlrIzevXeKPsymgtLUneijLRZJJGMV0uNmhW2Z8M8cWET11VIc4MIvYE%2FBFeUWl"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a94b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/ | 172.67.156.214 | 200 OK | 0 B |
IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET / HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OnEAFweU52lvHCkJIHlHbe2A%2B%2Bdzga1VihfIGqivAzPNbDRSNTLVXko35GLinhSdSkGMn1W9fk%2B2w4Wni3cPTIII2bR%2Bqak9wpcLxRy31IRuz56BluAyN4Dk"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c0680fb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/css/tablesorter.css?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/css/tablesorter.css?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /css/tablesorter.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"9bb-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ngoAO6%2BhwKmqunPWxMspbB3dF%2FaLH9wcNWefF7OXPQxkT1293R%2BIz5vcdxbug44PVNQs0NIMblu7G46EtG02aNqRtF9D%2F%2F%2BEPlYJI5J4XcwVSRF1V8faijeq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14942b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/Ae | 172.67.156.214 | 302 Found | 0 B |
IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /Ae HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
date: Thu, 09 Feb 2023 12:55:40 GMT
content-type: text/html; charset=UTF-8
location: https://sho.cat
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kwy4Fz5dzF1g7Nk%2F2c9xYC%2BLM1Y8eW29aDdxw43ZHxAA76xlHcOk%2Fyzsvp5DvEe718Baf%2BVUVSpfHRUvevdm%2FgQsjj%2Bd481Ji0WXadyr0e2BrwgL9Nbf7l5j"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2bfaf07b4ee-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/insert.js?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/js/insert.js?v=1.9 IP172.67.156.214:0
GET /js/insert.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"1c19-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BP9mAa7QNfxCI3Unl%2FhbDQEyVB%2BeSxgtPJ3m5h8AC%2BQP94redXhi%2FmpGrnpcNtHkRhPg87yhK5UyR%2FjUy%2ByL7RN0t2ndCwBTniEt6cNX9ZGn4ysdUpDGX5pZ"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a89b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/clipboard.min.js?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/js/clipboard.min.js?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/clipboard.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"28d5-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uZzTyhlfKJ%2BLTXGB4r45MpLN4bLfjGMJisDZGh01YxDrulC0HXkpV6tgnzD01Xh0n%2BlmcczLQ4%2FP5hb8eSqKce4yXUig7sS%2BV6xIvOntWjBIdylJgWVsKOfT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a81b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/share.js?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/js/share.js?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/share.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"58d-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6sJVSbzyS%2F3U7YFxdZF%2BomGEooFGn5ymRig0Ujyr0MemUBx%2Fs7bKbmlQIjKqr897Y20ERjC4MqCYo6u0Mh4GXr%2BBVJYPyciPIBeR9D2raWlYOhnW0mp7iZkP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a82b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/common.js?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/js/common.js?v=1.9 IP172.67.156.214:0
GET /js/common.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"14a3-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vQiE%2FbX05YZuFWcQXeITr899pJn8EFWk959b06CB%2FIRW2DxGVGv8JtGAlZCit2hF95Yki%2F1rnskH7nOA%2BCo9lXBwNdGCXCVn8I1Dv2qKYZlInMGUS2mOCkLK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a9cb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/images/favicon.svg | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/images/favicon.svg IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /images/favicon.svg HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/css/style.css?v=1.9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: image/svg+xml
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"199e-5dd505a708900"
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9TtQov89z3NiojDf0TFwVEjKN6Q8vJqjebxguVs4AG%2FY6me2oatbawslQPwQo%2BKlCVB8Lm1s20V%2FH2rHVXK6E%2FVEJRyw8Ptp%2F5ZntALWHBx9cmIJhAjZvJs9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c24a7eb4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/css/style.css?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/css/style.css?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /css/style.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"1ad4-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3zgfQ6%2BU8IMh0V8nZXX%2F%2FrnohO4%2F10ciroBwBf2ylcfqksLdV2f2dHXTzBFtko8SV5vjoQHrX4%2BauHN6ek2NPyGAt4SKGutM6%2BdJIPeeSZV93g9qU92GzyzH"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14940b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/css/cal.css?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/css/cal.css?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /css/cal.css?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: text/css
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"3ab-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xyAo%2FXn3cbdsmR73aPBBE6905LXxUp7kIUGfP8IoWu8gmMZOxmt%2BRFu%2F2wChcXm76YGKeDrKMokegLSo3xW%2Fi0U1LeGKnI9Erdsxx0GYFGiVIL6MXXLjL1vU"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c14945b4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| www.hcaptcha.com/1/api.js | 104.16.169.131 | 200 OK | 0 B |
URL HTTP/2www.hcaptcha.com/1/api.js IP104.16.169.131:0
GET /1/api.js HTTP/1.1
Host: www.hcaptcha.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
cf-ray: 796cc2c29bf6b50b-OSL
age: 0
cache-control: max-age=120
etag: W/"dea91810490e83c91353522d7d4d09c2"
last-modified: Wed, 08 Feb 2023 10:53:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
x-amz-cf-id: a8vrfhnsEHR5iSqF5AKZ8-Qw7SNaeJeyXiB4J1LxT9uj0luqbMt-zg==
x-amz-cf-pop: OSL50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
vary: Accept-Encoding
server: cloudflare
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/js/jquery-3.5.1.min.js?v=1.9 | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/js/jquery-3.5.1.min.js?v=1.9 IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /js/jquery-3.5.1.min.js?v=1.9 HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Sat, 23 Apr 2022 11:07:48 GMT
etag: W/"15d84-5dd505a708900-gzip"
vary: Accept-Encoding
cache-control: max-age=14400
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4LoUKsd5ttOWQE%2FSBymGoBu4ff3cQw36qIOe%2F%2BISY70BFT4ryDMs4rSCejp%2FysmYaOgUsvGwRsO2K5lHWM8tD2GxO6g6FrOFemwFovqNHO9v1663ck00Rwwf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 796cc2c24a9db4ee-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js | 172.67.156.214 | 200 OK | 0 B |
URL HTTP/2sho.cat/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js IP172.67.156.214:0
Analyzer | Verdict | Alert | fortinet | Phishing | |
GET /cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js HTTP/1.1
Host: sho.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sho.cat/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 09 Feb 2023 12:55:41 GMT
content-type: application/javascript
last-modified: Wed, 08 Feb 2023 15:16:43 GMT
etag: W/"63e3bcdb-302c"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bC55V7aigsBmZuMyTmKZCMTaZwDSX4CPFhjShS1bilOAT9ySQNPKXr454UKxRZUGnqaQPMEv2Y2z5ZyDUi2MzLC77%2FlDl%2F%2Br1MOekrGI8HKRzkPHKwBP7fWV"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 796cc2c1594bb4ee-OSL
x-frame-options: DENY
x-content-type-options: nosniff
expires: Sat, 11 Feb 2023 12:55:41 GMT
cache-control: max-age=172800, public
content-encoding: gzip
X-Firefox-Spdy: h2
|
|