Overview

URL package.blurrybooks.com/public/OgK0Lbejnnq3tGYAOg8aHuGiougf2alE
IP194.233.86.76
ASNContabo Asia Private Limited
Location Singapore
Report completed2022-11-25 09:16:34 UTC
StatusLoading report..
urlquery Alerts Phishing - DHL


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-11-25 2 package.blurrybooks.com/public/OgK0Lbejnnq3tGYAOg8aHuGiougf2alE Phishing
2022-11-25 2 package.blurrybooks.com/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a/ Phishing
2022-11-25 2 package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a Phishing
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

No files detected



Passive DNS (15)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS ocsp.digicert.com (6) 86 2012-05-21 07:02:23 UTC 2020-05-02 20:58:10 UTC 93.184.220.29
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 No data No data 34.160.144.191
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-06-04 20:08:41 UTC 2022-11-25 06:03:02 UTC 34.102.187.140
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-11-25 05:51:47 UTC 34.117.237.239
mnemonic passive DNS code.jquery.com (1) 634 2012-05-21 17:28:02 UTC 2020-04-21 12:46:20 UTC 69.16.175.42
mnemonic passive DNS dispatching-centre.lasamericascargo.com (1) 0 2022-04-06 19:56:33 UTC 2022-11-24 12:34:27 UTC 135.181.58.223 Unknown ranking
mnemonic passive DNS package.blurrybooks.com (19) 0 2022-11-23 02:19:53 UTC 2022-11-23 17:20:54 UTC 194.233.86.76 Unknown ranking
mnemonic passive DNS push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2020-05-03 10:09:39 UTC 54.191.251.76
mnemonic passive DNS ocsp.globalsign.com (1) 2075 2012-07-20 17:46:16 UTC 2020-05-02 20:58:10 UTC 104.18.20.226
mnemonic passive DNS r3.o.lencr.org (3) 344 No data No data 23.36.76.226
mnemonic passive DNS ws-mt1.pusher.com (2) 8253 2018-09-20 11:30:02 UTC 2020-04-27 09:33:24 UTC 54.208.67.56
mnemonic passive DNS ws-mt1.pusher.com (2) 8253 2018-09-20 11:30:02 UTC 2020-04-27 09:33:24 UTC 54.236.96.55
mnemonic passive DNS img-getpocket.cdn.mozilla.net (7) 1631 2018-06-21 23:36:00 UTC 2020-02-19 04:43:25 UTC 34.120.237.76
mnemonic passive DNS ocsp.pki.goog (2) 175 2018-07-01 06:43:07 UTC 2020-05-02 20:58:16 UTC 142.250.74.3
mnemonic passive DNS cdn.s-pass.org (1) 0 2022-06-08 11:11:38 UTC 2022-11-24 15:35:12 UTC 104.26.11.170 Unknown ranking


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 194.233.86.76

Date UQ / IDS / BL URL IP
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-05 17:36:55 +0000
0 - 0 - 3 package.blurrybooks.com/public/q1zkgj1pts25rf (...) 194.233.86.76
2022-12-05 17:36:29 +0000
0 - 0 - 3 package.blurrybooks.com/public/skt7k7bmfgcm9p (...) 194.233.86.76
2022-12-04 12:51:19 +0000
0 - 0 - 3 package.blurrybooks.com/public/jp7bIMPGmdEeuL (...) 194.233.86.76
2022-12-04 12:35:37 +0000
0 - 0 - 3 package.blurrybooks.com/public/suJzppmLTZ0qOK (...) 194.233.86.76

Last 5 reports on ASN: Contabo Asia Private Limited

Date UQ / IDS / BL URL IP
2022-12-09 06:09:45 +0000
0 - 0 - 2 lalangmanis.com/ 194.233.68.84
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-08 13:33:37 +0000
0 - 0 - 1 www.pto7c4n.frozenfood.id/#.==QbvNmL3FGbul2dk (...) 194.233.79.115
2022-12-07 17:52:44 +0000
0 - 0 - 6 daffodil-edu.com/emn/index.php?QBOT.zip 194.233.77.183
2022-12-06 12:56:46 +0000
0 - 0 - 3 eoliacom.com/ 194.233.87.10

Last 5 reports on domain: blurrybooks.com

Date UQ / IDS / BL URL IP
2022-12-08 17:32:48 +0000
0 - 0 - 3 package.blurrybooks.com/public/e0lqhv4i4bjohf (...) 194.233.86.76
2022-12-05 17:36:55 +0000
0 - 0 - 3 package.blurrybooks.com/public/q1zkgj1pts25rf (...) 194.233.86.76
2022-12-05 17:36:29 +0000
0 - 0 - 3 package.blurrybooks.com/public/skt7k7bmfgcm9p (...) 194.233.86.76
2022-12-04 12:51:19 +0000
0 - 0 - 3 package.blurrybooks.com/public/jp7bIMPGmdEeuL (...) 194.233.86.76
2022-12-04 12:35:37 +0000
0 - 0 - 3 package.blurrybooks.com/public/suJzppmLTZ0qOK (...) 194.233.86.76

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-12-03 02:54:25 +0000
0 - 0 - 12 delhome.rvjradio.com/public/bCiZQlkqVqoLcY8Rq (...) 207.244.252.18
2022-12-02 23:45:49 +0000
0 - 0 - 11 delhome.rvjradio.com/public/f4YZJ3AinBvOmq4Hk (...) 207.244.252.18
2022-12-02 20:25:13 +0000
0 - 0 - 11 delhome.rvjradio.com/public/4duuMVhpiLFhsrBdK (...) 207.244.252.18
2022-12-02 20:25:12 +0000
0 - 0 - 11 delhome.rvjradio.com/public/g7l8vkEomHLF3Sc5s (...) 207.244.252.18
2022-12-02 17:35:16 +0000
0 - 0 - 10 delhome.rvjradio.com/public/vOqQWykAkj7L3dSTU (...) 207.244.252.18


JavaScript

Executed Scripts (17)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (48)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12030
Expires: Fri, 25 Nov 2022 12:36:53 GMT
Date: Fri, 25 Nov 2022 09:16:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4874
Expires: Fri, 25 Nov 2022 10:37:37 GMT
Date: Fri, 25 Nov 2022 09:16:23 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1021
Cache-Control: max-age=91909
Date: Fri, 25 Nov 2022 09:16:23 GMT
Etag: "637f47ef-1d7"
Expires: Sat, 26 Nov 2022 10:48:12 GMT
Last-Modified: Thu, 24 Nov 2022 10:31:11 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: r0qlkpGmie8YJuecRxRiYlPsv8nD1P0+cJ0WPI4hut8UPlsVTXSAUxCjU0rdhFJTcznErKh0r+M=
x-amz-request-id: 6V6PK5DC5HXEA39C
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 25 Nov 2022 08:43:46 GMT
age: 1957
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 25 Nov 2022 08:19:04 GMT
cache-control: public,max-age=3600
age: 3439
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    567df7db606cf5d0871aa5bc9311b6da
Sha1:   4263faac7cbab2fcaf6661911dcad5091c06be17
Sha256: e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 25 Nov 2022 09:16:23 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /public/OgK0Lbejnnq3tGYAOg8aHuGiougf2alE HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IkJvMTVVNi9qVU5XdUh5b2JGYXFOTGc9PSIsInZhbHVlIjoidnBxZ2hKcDd1eDhnd1NadmY5RmQzY3dMUzBZQ0E5bnRHY2hpdUYxNkgyamJJQmhOb3VYclFzRVZnVDNKMHVsSDRFemxkNng4OGxCRTVya05zWDRWdWlZR1hjMTZjN2tJZHhXSjNOUUcrOTBpbVZVL3VaRm1ya3hHN2hxeTVYWHAiLCJtYWMiOiI2NTZjNmY2ZjIyMzIyZDZmYmQ5Y2NkYzE1ZWI1ZWRkNjQxMzFkNGQ0NzY2MzRiZDFmMWQ1MmYwODE5ZWJiNzAyIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6ImIyQzdMNVRTS3FmUmM1YU1aMG93L3c9PSIsInZhbHVlIjoickc3ZHY5cGlqWkxVNGsvTEtOcDFTb3djTDZjaHVJcXo4ZmxGZWR5ZHJ1RzVJSW4zVUdoVjI0Skh0UHErL0xiYXR3bTR5aWVUNUFSYVphNGRaSEQxOWs4ZlorQzlzNU9PYWhNanc3bHVDVFhVajR5VzdUVENZbHZqbUFCZGRuY3MiLCJtYWMiOiI0ZWUyOTdhYmY0MzY0MTU2NDQ2OGJkYzBkOWU2NjgxNzM2Y2NkMTMyZDdkOGZjZGZmYmUyMDIxNWUzNTk2MzAyIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 302 Found
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, no-store, must-revalidate, max-age=0
location: http://package.blurrybooks.com/public
set-cookie: XSRF-TOKEN=eyJpdiI6ImdPazl4c3pzWmNlajgvSzg1K3JqOEE9PSIsInZhbHVlIjoiZGRsZHJ5VTRTZE1FTkorUnVJamloSmZncXBqNmxzeng1b1Q1U3RwK2pVRGMxUXdnSHhyMDBOODFPaDJrVTRBbUFtOUdDOW01ektyRDZGb2dDcHVNdWpLeVo0TDh2bzV1Ymt3cXZpREE1WXM0Tk1qUWMyME0xM1FyY0VjMGUvcEQiLCJtYWMiOiJjMWNiZWU1ZGI5MzA4YzczMjUyMDY0MTNhMWY3MjlkYmM5M2U4M2NiNTZjZGQ0OWY0NzRjNTQxNDI1OTkwYTNjIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:23 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6IndBT2FIc0FodWcvdWlwSkNpNTE0anc9PSIsInZhbHVlIjoibjZ1YVovbDFNcmFiUkROb3g4eUpBdVJ4clVGL09NQXE4NGYyMlpDL3ZYM0JaSit2UDh3MzBmNG50eEF1WFhFTTQ4V1FYK0xDcDEyNzhpRGd6Q0tQWHRoWXZhSTlXdVVpRXh2ZUhjcEczc054Mlkzalp4ZGhObDUyQTRPbEY0Ni8iLCJtYWMiOiI4ZjI0YjdiNjQ4ZDYxOTQxZGQ1ZGVjYWJmN2RiZDVkY2MxMDc1NjA1YmYyMTY4YmY2ZGRjOGE3OTNmYmMzMWY1IiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:23 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 212
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:23 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   212
Md5:    08423cc8c7da8275b2d15f0663d27b09
Sha1:   1dd29773d11c03a3df2b535b066d76e8222a7fe5
Sha256: b9fd7f1e35370ac5ff1a137c6d263bfa6634ecdf731b48f4dfcb1caa384bab5b

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /public HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdPazl4c3pzWmNlajgvSzg1K3JqOEE9PSIsInZhbHVlIjoiZGRsZHJ5VTRTZE1FTkorUnVJamloSmZncXBqNmxzeng1b1Q1U3RwK2pVRGMxUXdnSHhyMDBOODFPaDJrVTRBbUFtOUdDOW01ektyRDZGb2dDcHVNdWpLeVo0TDh2bzV1Ymt3cXZpREE1WXM0Tk1qUWMyME0xM1FyY0VjMGUvcEQiLCJtYWMiOiJjMWNiZWU1ZGI5MzA4YzczMjUyMDY0MTNhMWY3MjlkYmM5M2U4M2NiNTZjZGQ0OWY0NzRjNTQxNDI1OTkwYTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndBT2FIc0FodWcvdWlwSkNpNTE0anc9PSIsInZhbHVlIjoibjZ1YVovbDFNcmFiUkROb3g4eUpBdVJ4clVGL09NQXE4NGYyMlpDL3ZYM0JaSit2UDh3MzBmNG50eEF1WFhFTTQ4V1FYK0xDcDEyNzhpRGd6Q0tQWHRoWXZhSTlXdVVpRXh2ZUhjcEczc054Mlkzalp4ZGhObDUyQTRPbEY0Ni8iLCJtYWMiOiI4ZjI0YjdiNjQ4ZDYxOTQxZGQ1ZGVjYWJmN2RiZDVkY2MxMDc1NjA1YmYyMTY4YmY2ZGRjOGE3OTNmYmMzMWY1IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 09:16:23 GMT
location: http://package.blurrybooks.com/public/


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 25 Nov 2022 09:11:11 GMT
cache-control: public,max-age=3600
age: 313
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4285
Cache-Control: max-age=90110
Date: Fri, 25 Nov 2022 09:16:24 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 10:18:14 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1WmEj5emOgJwww3eQKB8fg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.191.251.76
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: GlDBhTko2JuwEALjVnfZBNlS5AE=

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2590
Expires: Fri, 25 Nov 2022 09:59:34 GMT
Date: Fri, 25 Nov 2022 09:16:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0a474c96-6cd7-4e42-a54a-02217768182e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8089
x-amzn-requestid: f4b5f150-a5dc-40bf-93b9-394c294a51cb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEmkRFSnIAMF5vg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e8481-74454bee1a1ec6d506f3d75b;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 20:37:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ZVv8iTGCYV-IiBJ6KwNSG1ZWSEwClaQopUejSqZq0S1wd782lRoyKA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 22:07:32 GMT
age: 40132
etag: "318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8089
Md5:    c8f6118fc03f31862ff68fef8a2b9a7f
Sha1:   318c5d7acd0d36c816b09fcf1b7dc4bfb5ec7e73
Sha256: cdd4d44f05cc524d7f2b1d6d792ecd8a9a933e52ecb7685a7d7ea786a510ef39
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F31c66612-f3a0-4e62-8b93-c9f774ffc236.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6130
x-amzn-requestid: 0ab34b27-2c6b-4a37-87ad-6fa56a265453
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wF7KIAMFjlw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4a3d24f93ceb37d37a5ce1ee;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: SHmcFNiZ97RU02VeLiHLjFynYiSuaQP8T_XKG2UaAigWXG5sYhdVLQ==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:28 GMT
age: 40856
etag: "0214fc0deecb1115766802f42cfd256e3c479490"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6130
Md5:    ba7b9c131ab7e5998f25b069ba3860a0
Sha1:   0214fc0deecb1115766802f42cfd256e3c479490
Sha256: 717aa23c687ccebc1b5ebbfd88d0e4fe181fef038d308231842b2b1969f3976b
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd87485db-f230-4024-987f-6b9ea6098576.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10356
x-amzn-requestid: 8450975f-bcb2-4b59-b0ef-42e43d1bb16a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM-cGKIIAMFo7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8ec2-7f95154e3177c6e30a925244;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NCCF79BaJkG2j75ihGL9jd3gEE4zajsC9vmEKMmk9u7-wm2s5u4mVQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:43:09 GMT
age: 16395
etag: "7f29e0e2de89f7a88ff0bf2a720365032ef11cc1"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10356
Md5:    05a92b9f554600c920e8b772eb16ee75
Sha1:   7f29e0e2de89f7a88ff0bf2a720365032ef11cc1
Sha256: 4b51a70a0ee6fe0d723880ea70fee25c15bff671d8a484bbb2a3c9962303c735
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F25123759-9d71-477d-9857-9cc07cc12173.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6891
x-amzn-requestid: 6da0ae90-c3cc-4e9c-9a0e-3c72b4eb7605
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b7m2NGsvoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637aeb5a-1ed2badf0e84d40e6a052f7a;Sampled=0
x-amzn-remapped-date: Mon, 21 Nov 2022 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: daiU0caUPDqn0vVDY_eK8eaMxgIenjmw1vLyUOtVYOs-FmuSIgY3Nw==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 11:37:02 GMT
age: 77962
etag: "377775b7c7b085efa6dd653d285ba3a52af6a549"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6891
Md5:    92171fa8fbc051aefeb8ceb6072848de
Sha1:   377775b7c7b085efa6dd653d285ba3a52af6a549
Sha256: 537c4d5cc3ef2e60c3d0171ac31c1dba4ab2ff340108015787a9dd20dc76b7ed
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F981a8e9a-f018-45b6-af7e-199dc4c02c27.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8917
x-amzn-requestid: 10f3b269-9437-476d-ae4f-a0ac3fb78491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cIB8wEIwoAMF8uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fe384-4cfeecf4553b26381ed11875;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 21:35:00 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lr9z8FWWpMGtxtvcYzeT-ewuydSzpma8I06pszLDQIICotFkB_SZlA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 21:55:30 GMT
age: 40854
etag: "2eba66ff6539388c48562503e8d11ff0e060350a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8917
Md5:    5863138af1ddbba34a7856242a7b3a06
Sha1:   2eba66ff6539388c48562503e8d11ff0e060350a
Sha256: d1543e1b803a07095148b743925eebbbf21f566a2df9b785a1a9d48c5604496c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F96a33fb5-b971-4386-a670-7dcbbf52b051.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 2351
x-amzn-requestid: 1e3e6b14-8f46-4b62-a3d1-f5dbe5d5f94f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cGupUE_VIAMFa3A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637f5e3b-573fabc44ce59c2f4c24a32d;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 12:06:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: XEUrOPYr2rn89eMIJORVFnpqJfxqfjBadcbplZKzqLjDkzHV8NEbHg==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 325ed3ba58a560748d886354beef39c0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 18:51:30 GMT
age: 51894
etag: "41ef94d198bbf98185eb332a3b6934c3c26c3afc"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   2351
Md5:    66d06d3cac1784e4ce6c8c89c300f10a
Sha1:   41ef94d198bbf98185eb332a3b6934c3c26c3afc
Sha256: 55312d1b43447e4f77d8e9e52451bb63a9868ba8122c9e16e0a20479d34367e3
                                        
                                            GET /public/ HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImdPazl4c3pzWmNlajgvSzg1K3JqOEE9PSIsInZhbHVlIjoiZGRsZHJ5VTRTZE1FTkorUnVJamloSmZncXBqNmxzeng1b1Q1U3RwK2pVRGMxUXdnSHhyMDBOODFPaDJrVTRBbUFtOUdDOW01ektyRDZGb2dDcHVNdWpLeVo0TDh2bzV1Ymt3cXZpREE1WXM0Tk1qUWMyME0xM1FyY0VjMGUvcEQiLCJtYWMiOiJjMWNiZWU1ZGI5MzA4YzczMjUyMDY0MTNhMWY3MjlkYmM5M2U4M2NiNTZjZGQ0OWY0NzRjNTQxNDI1OTkwYTNjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6IndBT2FIc0FodWcvdWlwSkNpNTE0anc9PSIsInZhbHVlIjoibjZ1YVovbDFNcmFiUkROb3g4eUpBdVJ4clVGL09NQXE4NGYyMlpDL3ZYM0JaSit2UDh3MzBmNG50eEF1WFhFTTQ4V1FYK0xDcDEyNzhpRGd6Q0tQWHRoWXZhSTlXdVVpRXh2ZUhjcEczc054Mlkzalp4ZGhObDUyQTRPbEY0Ni8iLCJtYWMiOiI4ZjI0YjdiNjQ4ZDYxOTQxZGQ1ZGVjYWJmN2RiZDVkY2MxMDc1NjA1YmYyMTY4YmY2ZGRjOGE3OTNmYmMzMWY1IiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6IjE0blBSQWJ3N0E5Z21YLy9GUFR5Snc9PSIsInZhbHVlIjoiTDlyMXVKRk5XYS9RYzhFQXUxWURpQ0I3Q0tyQlMzbVhzWEhVRDVWQ0JlbVU2MTB4MDJEY2p4UFh2ZHlWcDMxN0NhYVB5YXVvRFN6VEp1eUxzWnNUZHlNMTFCWU9HSVhCbEUwdUQ2enF2TUs5Nk1NellDaGprVVA1WTN4S1RTRkoiLCJtYWMiOiI4OTQyMGI0ZTZlZmY0YTg1NjA2NjFmMmFjZDkwZDdhODFlNWJkODMxYWRkZjQ0NTA3YTg2ZTE5ZmVjZjA0ZDkxIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:25 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6Ik9jUkIwTjE3OENXNk41Q2xOWXd3VHc9PSIsInZhbHVlIjoicDYzdS9BT1Z6QVJlSDc2MnJGOU1BcHU4YnlVNGJVdmxYam14STNDTHJnc3RVRTh4YTU2b1gweXdKN05JTHVNT2ZpUVRlWml0UGpKb050d3lPTEJHTVFPb3M0eDBMQlp6NlRpNWNRT01HcUliZUlGOHJ4dVU0VmM3NzdmTFkwL0QiLCJtYWMiOiIxNDRiNTliM2M5MDU0MjdhMzgxOWJiZWIyM2VmNTJiODZlMTVhOGIwNDIxYmIzZmM2YzVhZWQ2NThkODIwMmYyIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:25 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 376
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:25 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document, ASCII text
Size:   376
Md5:    f60dbf6cab059ba24d819ac1f64a1bd0
Sha1:   dbee670ffac2a8b8c5d4ca5c943018f828c18e05
Sha256: ede4479e4cabe326b83c9bb1f68ab39354134c455ad6a407d0ac97df997ec1d8
                                        
                                            POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         104.18.20.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:25 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "78F89FB34287B2A2B9E834169BA3A0B694F81CC9"
Expires: Fri, 25 Nov 2022 20:00:00 GMT
Last-Modified: Fri, 25 Nov 2022 08:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 881
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76f94911ea53b51d-OSL


--- Additional Info ---
Magic:  data
Size:   1462
Md5:    e5b4f0edacb0e1ec14b068b30274304e
Sha1:   88191d1f3d8232666b3bccd8ec8a069ba9cbd1dc
Sha256: 33cfb52b80d5f80c646682f4c8bbe1a14398189794aa58cb0429bb56843e7144
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 825
Cache-Control: max-age=88802
Date: Fri, 25 Nov 2022 09:16:25 GMT
Etag: "637f3c92-117"
Expires: Sat, 26 Nov 2022 09:56:27 GMT
Last-Modified: Thu, 24 Nov 2022 09:42:42 GMT
Server: ECS (amb/6BC6)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a/ HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/
Cookie: XSRF-TOKEN=eyJpdiI6IjE0blBSQWJ3N0E5Z21YLy9GUFR5Snc9PSIsInZhbHVlIjoiTDlyMXVKRk5XYS9RYzhFQXUxWURpQ0I3Q0tyQlMzbVhzWEhVRDVWQ0JlbVU2MTB4MDJEY2p4UFh2ZHlWcDMxN0NhYVB5YXVvRFN6VEp1eUxzWnNUZHlNMTFCWU9HSVhCbEUwdUQ2enF2TUs5Nk1NellDaGprVVA1WTN4S1RTRkoiLCJtYWMiOiI4OTQyMGI0ZTZlZmY0YTg1NjA2NjFmMmFjZDkwZDdhODFlNWJkODMxYWRkZjQ0NTA3YTg2ZTE5ZmVjZjA0ZDkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9jUkIwTjE3OENXNk41Q2xOWXd3VHc9PSIsInZhbHVlIjoicDYzdS9BT1Z6QVJlSDc2MnJGOU1BcHU4YnlVNGJVdmxYam14STNDTHJnc3RVRTh4YTU2b1gweXdKN05JTHVNT2ZpUVRlWml0UGpKb050d3lPTEJHTVFPb3M0eDBMQlp6NlRpNWNRT01HcUliZUlGOHJ4dVU0VmM3NzdmTFkwL0QiLCJtYWMiOiIxNDRiNTliM2M5MDU0MjdhMzgxOWJiZWIyM2VmNTJiODZlMTVhOGIwNDIxYmIzZmM2YzVhZWQ2NThkODIwMmYyIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 301 Moved Permanently
content-type: text/html
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-length: 707
date: Fri, 25 Nov 2022 09:16:25 GMT
location: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF, LF line terminators
Size:   707
Md5:    1304294c0823ca486542ba408ed761e3
Sha1:   b2a70fb2d810ca13985882e6981f33998823e83e
Sha256: 3bbe72f3baa8ec61de17a1d767fca58704769684b7abe9161d0c4eaf4c8f0982

Alerts:
  urlquery:
    - Phishing - DHL
  Blocklists:
    - fortinet: Phishing
                                        
                                            GET /public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://package.blurrybooks.com/public/
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IjE0blBSQWJ3N0E5Z21YLy9GUFR5Snc9PSIsInZhbHVlIjoiTDlyMXVKRk5XYS9RYzhFQXUxWURpQ0I3Q0tyQlMzbVhzWEhVRDVWQ0JlbVU2MTB4MDJEY2p4UFh2ZHlWcDMxN0NhYVB5YXVvRFN6VEp1eUxzWnNUZHlNMTFCWU9HSVhCbEUwdUQ2enF2TUs5Nk1NellDaGprVVA1WTN4S1RTRkoiLCJtYWMiOiI4OTQyMGI0ZTZlZmY0YTg1NjA2NjFmMmFjZDkwZDdhODFlNWJkODMxYWRkZjQ0NTA3YTg2ZTE5ZmVjZjA0ZDkxIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6Ik9jUkIwTjE3OENXNk41Q2xOWXd3VHc9PSIsInZhbHVlIjoicDYzdS9BT1Z6QVJlSDc2MnJGOU1BcHU4YnlVNGJVdmxYam14STNDTHJnc3RVRTh4YTU2b1gweXdKN05JTHVNT2ZpUVRlWml0UGpKb050d3lPTEJHTVFPb3M0eDBMQlp6NlRpNWNRT01HcUliZUlGOHJ4dVU0VmM3NzdmTFkwL0QiLCJtYWMiOiIxNDRiNTliM2M5MDU0MjdhMzgxOWJiZWIyM2VmNTJiODZlMTVhOGIwNDIxYmIzZmM2YzVhZWQ2NThkODIwMmYyIiwidGFnIjoiIn0%3D
Upgrade-Insecure-Requests: 1

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: no-cache, private
set-cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:26 GMT; Max-Age=7200; path=/; samesite=lax laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D; expires=Fri, 25-Nov-2022 11:16:26 GMT; Max-Age=7200; path=/; httponly; samesite=lax
content-length: 5767
content-encoding: gzip
vary: Accept-Encoding
date: Fri, 25 Nov 2022 09:16:26 GMT


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text
Size:   5767
Md5:    c96c48075575fd5c25b3eb2e880c0595
Sha1:   10517875459f7cd9a342d5558abbf1057aa344d8
Sha256: 8b04f172e1fe5f20b68c35fbc10e5d540a4718f94977cea5541915000bc56358

Alerts:
  Blocklists:
    - fortinet: Phishing
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5606
Cache-Control: max-age=108714
Date: Fri, 25 Nov 2022 09:16:27 GMT
Etag: "637f77af-117"
Expires: Sat, 26 Nov 2022 15:28:21 GMT
Last-Modified: Thu, 24 Nov 2022 13:54:55 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /jquery-1.12.4.min.js HTTP/1.1 
Host: code.jquery.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         69.16.175.42
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
date: Fri, 25 Nov 2022 09:16:27 GMT
content-encoding: gzip
content-length: 33738
last-modified: Wed, 16 Feb 2022 10:50:39 GMT
accept-ranges: bytes
server: nginx
etag: W/"620cd6ff-17b8b"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1669367787.dop204.sk1.t,1669367787.cds207.sk1.hn,1669367787.cds251.sk1.c
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (32077)
Size:   33738
Md5:    fc7624613c4e25843694cdb7fa956f05
Sha1:   7765bb4016ae929e22be579ccde505b94c2a63c1
Sha256: 49c97d70ef48bfdc1d7b96271b5613bb099b2c040ebdf5624962aea92ff428ae
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 889
Cache-Control: max-age=103997
Date: Fri, 25 Nov 2022 09:16:27 GMT
Etag: "637f77af-117"
Expires: Sat, 26 Nov 2022 14:09:44 GMT
Last-Modified: Thu, 24 Nov 2022 13:54:55 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 279

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Fri, 25 Nov 2022 09:16:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /public/dinzab/newcc.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Thu, 02 Jun 2022 11:41:52 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 1463
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   1463
Md5:    6e0232fe4f5ef20203f7999783986f7e
Sha1:   d9d4e554d3be7250a771ce3f3e6b85e4e06a758b
Sha256: b85960c24d35c9f584297d7288d60e25d2ceca88a5aa0cc36ce674a27a67a9dd
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=129041
Date: Fri, 25 Nov 2022 09:16:27 GMT
Etag: "637fdcfc-116"
Expires: Sat, 26 Nov 2022 21:07:08 GMT
Last-Modified: Thu, 24 Nov 2022 21:07:08 GMT
Server: nginx
Content-Length: 278

                                        
                                            GET /SPASSDATA/media/cache/portail_vignette_xl/SPASSDATA/attachments/2022_02/17/114223-serencontrer-messages-solid.png HTTP/1.1 
Host: cdn.s-pass.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         104.26.11.170
HTTP/2 200 OK
content-type: image/png
                                        
date: Fri, 25 Nov 2022 09:16:27 GMT
content-length: 4984
cf-bgj: imgq:100,h2pri
cf-polished: origSize=1313415
etag: "620e522e-140a87"
last-modified: Thu, 17 Feb 2022 13:48:30 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-xss-protection: 1; mode=block
cache-control: max-age=14400
cf-cache-status: HIT
age: 1792
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wr8rzeLa5EwmRjQO51FVGbrkfgcckQgslqooozpf1VLcUHa3IcsGFAlHK3uV2hNLc6eiZeCy6gWqlwYPCg0qSfH7LikOjoExjABMWGwZEL442EG7L%2FPVjZl56fdetW%2F6"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 76f9491e7da5b4f3-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 640 x 512, 8-bit colormap, non-interlaced\012- data
Size:   4984
Md5:    faa2a37bbdf6a4d7eb92f4df1396e1bc
Sha1:   b63e5a7323f771d2294a58b3251bb6036ae33fce
Sha256: cff8856b01d09b6e68b3d6b75172ea259363b4268be55229a963e86edc77e627
                                        
                                            GET /public/dinzab/intlTelInput.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 3030
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  ASCII text
Size:   3030
Md5:    f705cb958e570f0b99eadb5edeb83d95
Sha1:   0d838e705fb92752d19b8989b1a4017cbb312d4a
Sha256: 00fca5bbba92e9e7df00d3f40430a14a97824c230307b7d76e1c60345beea585
                                        
                                            GET /public/dinzab/font-awesome.min.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 6989
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  ASCII text, with very long lines (30837)
Size:   6989
Md5:    73fafde2ed0b8af35533aef217310350
Sha1:   07ffb382423d12967d70ae85b36a6bbf16327678
Sha256: 8448460374395f6645aa937ab83a5b7eebd7b35cdc8f8e875fa4cb7a92a63eab
                                        
                                            GET /public/dinzab/mine.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Mon, 17 Oct 2022 07:48:22 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 745
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   745
Md5:    7379cc6ede3a2f2008d5f0504959fe48
Sha1:   0bad315c94cde8a8782181e2b70ba71796a228c9
Sha256: dc27fa68a3b54e5cc07995d6685ffd45e0d9ad9bfcec73ad3ba1fa439cd4b35c
                                        
                                            GET /public/dinzab/countrySelect.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 11424
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (347)
Size:   11424
Md5:    b99d84430cfc714ead440c8f2fc45179
Sha1:   82cb0004f68d3ba0e9fb61e5e0d74329f95ff029
Sha256: cc81e985d9da85f9e99276c935c0df1edd7089356c3bc0e37e4bf47de102a570
                                        
                                            GET /public/dinzab/app.css HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: text/css
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Thu, 02 Jun 2022 16:04:20 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 63778
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  assembler source, ASCII text
Size:   63778
Md5:    0f314c30652212c9abecb777a28a87cc
Sha1:   f0cd8c2e939f6762e87c83f631c2fe7db50690f7
Sha256: 659bb75c3d40716b8ed8334c6e2ec48176ba89844953ccfef498434abfae4640
                                        
                                            GET /public/dinzab/intlTelInput.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 20972
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9885)
Size:   20972
Md5:    887257c2c08e189a4c561f8aad87b7b8
Sha1:   6acdad0b3de46c2f9e9c4919bfe7514024d2b86d
Sha256: 80dd903b280c1dbd3fb31b34891bc8d447bd72be31e3ad249842ab4ecd059ed2
                                        
                                            GET /public/dinzab/data.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 5443
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (9881)
Size:   5443
Md5:    902e27c2fcc4ffe1cbe8e7c37fd7a284
Sha1:   3a9802b51bb2af56111c3d319000c4de0545a93a
Sha256: cebda19a40bdae30d1afcf2a6fe66dbb01059e0713b870ef9b5f440ea5cf023e
                                        
                                            GET /public/dinzab/card.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 14227
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (51786)
Size:   14227
Md5:    b8ffbe921405363d9b732989d8af5b3e
Sha1:   17de2c62f1aacbb7b4e4ee631c0ef102a38bfb05
Sha256: 7b4ba5d1bd3122907549eb4b22fc410abf7320d46ee2074c05187117c43ecc2d
                                        
                                            GET /images/foo.png HTTP/1.1 
Host: dispatching-centre.lasamericascargo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://package.blurrybooks.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         135.181.58.223
HTTP/1.1 200 OK
Content-Type: image/png
                                        
Date: Fri, 25 Nov 2022 09:16:23 GMT
Server: Apache
Last-Modified: Sun, 13 Mar 2022 04:36:32 GMT
Accept-Ranges: bytes
Content-Length: 3878
Keep-Alive: timeout=1, max=100
Connection: Keep-Alive


--- Additional Info ---
Magic:  PNG image data, 187 x 18, 8-bit/color RGBA, non-interlaced\012- data
Size:   3878
Md5:    11ff7152775863d8bf58eb585a3cfa46
Sha1:   25127f0e304d9145ef8a824a8be504664a799b7f
Sha256: 5c4b801e60c49235941cfc562ed465a951c937c668db31e3c1ba152513c672d3

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /public/dinzab/logo.png HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/png
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 1998
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  PNG image data, 214 x 20, 8-bit/color RGBA, non-interlaced\012- data
Size:   1998
Md5:    5d14ab93691604e826e1319d53599eb9
Sha1:   78724360e9d25da584445b851e37bca05abe6b85
Sha256: 3f0c62b5ccdcdbf3b3ae3885f1e6959e2d937eba9b29dea9a6bdb98788041756

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /public/dinzab/app.js HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: application/javascript
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:27 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-encoding: gzip
vary: Accept-Encoding
content-length: 175899
date: Fri, 25 Nov 2022 09:16:27 GMT


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (7706), with CRLF line terminators
Size:   175899
Md5:    e43588d3971ec83841aa04ae4c18040c
Sha1:   6b6327ec062d3380f83bb30b87eadad6636de851
Sha256: 055b4f331c5283a0f5900945fbb6105548a78de762e0aac49d77fdd84f5db69f
                                        
                                            GET /public/dinzab/flagscountry.png HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/png
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:28 GMT
last-modified: Wed, 22 Sep 2021 15:06:48 GMT
accept-ranges: bytes
content-length: 65960
date: Fri, 25 Nov 2022 09:16:28 GMT


--- Additional Info ---
Magic:  PNG image data, 5630 x 15, 8-bit/color RGBA, non-interlaced\012- data
Size:   65960
Md5:    ae33acae404631e997ef8d91dae08ccd
Sha1:   19fae9a6aa4bb419eba378b0d0573906dc1be38a
Sha256: 38025784bedeb5e4cae496b131c85cabbd95ae0b1c0a3c9d9cb474d7262db04b
                                        
                                            GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1 
Host: ws-mt1.pusher.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://package.blurrybooks.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: z0d+IS0WdcTD73XUc+1WAw==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.208.67.56
HTTP/1.1 101 Switching Protocols
                                        
Date: Fri, 25 Nov 2022 09:16:28 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: s4PPJ1FxeMXEn6rK80wsUzPSB5E=

                                        
                                            GET /public/dinzab/loading.gif HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/gif
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:28 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 17585
date: Fri, 25 Nov 2022 09:16:28 GMT


--- Additional Info ---
Magic:  GIF image data, version 89a, 200 x 103\012- data
Size:   17585
Md5:    f3ffb13cf88b13ec557e6149371b361d
Sha1:   3c72f0855b4bd6e3b45675a5e8b08c8fb7a98f49
Sha256: ce6a239fde88d8fb01c7a10d6f7b27d1bc23f5462d02f5ebb4927479fa32a302

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /app/bc5ba70500b3342fb1aa?protocol=7&client=js&version=7.0.3&flash=false HTTP/1.1 
Host: ws-mt1.pusher.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Sec-WebSocket-Version: 13
Origin: http://package.blurrybooks.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: fhuccs5GQRmsLp1kT+7bYg==
Connection: keep-alive, Upgrade
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         54.236.96.55
HTTP/1.1 101 Switching Protocols
                                        
Date: Fri, 25 Nov 2022 09:16:29 GMT
Connection: upgrade
Server: nginx/1.17.7
Upgrade: websocket
Sec-WebSocket-Accept: 5ldJQagT7rdJmLEiO3rqDS/urq0=

                                        
                                            GET /public/dinzab/favicon.gif HTTP/1.1 
Host: package.blurrybooks.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://package.blurrybooks.com/public/QLgTu9xB66fiEQmvWpNfoJMPWyZyj82a
Cookie: XSRF-TOKEN=eyJpdiI6Ik81T0dJVFhiSkdLM204OHIvbC9VZ3c9PSIsInZhbHVlIjoiREo2THZtTmFEM1dGK3dsSGVtY0UvVzB0SHFZTFNJczVtQllYaVRMMFdmZS92OEZJMitXY29NbUxlUGRQM3g4cmlZcm1TVm4wcUx1VG0vQllSTlc0THhrTHgydkVwQllUMDBDanhsM2hGRitlMVFaL1ZDWXNoOEdSSmtqeWVhRlIiLCJtYWMiOiJjOWFiOGRkZmMzMDE4YWMyMmFmNmNlY2Y2MmJlZTY1YTNkYjVhNDE3NDA5YWVlMTJkZGZhZDhiNjUzNjAwMWZjIiwidGFnIjoiIn0%3D; laravel_session=eyJpdiI6InVIM0hJRDVtQ25MSXFkaXJCaktrclE9PSIsInZhbHVlIjoieUdHSEsvOU40TGQya0F5WUtZdzF4SFkyWEFNL05NemN4SU5Bb0NPUnY2UHlqM285QVBoamtpZCt1QzlDcFFKNG1BYTNyRHhVd1NnejdJWFNKRi80bExQRWM5UUpTeVEyZUFFZm1ybnZXNWRwdWVSQmU5R1M1STVWb1IrUDhRVEgiLCJtYWMiOiIxYTY3NzM2YzE5MjhmZTRlODM1ZmRiYWQ3OWE1OWVkYzMzYWVmZTQzYmNiMzFlYTE3MDIyODZmMTkwZjNkNmY4IiwidGFnIjoiIn0%3D

                                         
                                         194.233.86.76
HTTP/1.1 200 OK
content-type: image/gif
                                        
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
cache-control: public, max-age=604800
expires: Fri, 02 Dec 2022 09:16:29 GMT
last-modified: Tue, 31 May 2022 06:05:50 GMT
accept-ranges: bytes
content-length: 2238
date: Fri, 25 Nov 2022 09:16:29 GMT


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Size:   2238
Md5:    a6f1af8e79a11829ba9a66474b06bb97
Sha1:   d99e3ec7747c865033a8dfad43c9f49634404bc1
Sha256: b0dbd00f3650fa6b931e678a9d8f79a405d23c7adf111ab91b1a01a0e7109807

Alerts:
  urlquery:
    - Phishing - DHL
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44e0daff-bc52-4621-aa2f-d9c59da29c1c.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 3955
x-amzn-requestid: 42c8d309-a8d2-47cc-8d97-c7fa3a63f8cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCM9NGJHoAMF4sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637d8eba-2a06cda9346bd02c46955444;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 03:08:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5MlzpHpq7auKLSAYikINuPAylXI11VJL3xxIJ9Dyub-7rjQaPfg0WQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 25 Nov 2022 04:23:00 GMT
age: 17611
etag: "74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   3955
Md5:    4006a9037ab5f28dca62b0aa7a704c41
Sha1:   74cb2ccd6ae38b171bfbe5a74f0eccb09aa3836b
Sha256: 556ae6516a1f272a96569a3637858292731a34e82672b682f6e7442ca68f4b1d