firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Mon, 26 Sep 2022 22:15:24 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 a7d2a4ec2f50830f128dc406960aef9a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1alDrJBuUxtk_74j4NDOjB6ocN1U5wRFzmJPDWq2FKaTyg-MXO15tg==
Age: 1354
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11005
Expires: Tue, 27 Sep 2022 01:41:23 GMT
Date: Mon, 26 Sep 2022 22:37:58 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Mon, 26 Sep 2022 04:35:16 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 96c778ce6156d12f24b8b6cdaa0cbf66.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uHaUXEmi04_90v3gjXkJmk6m3i0hY0rtmR58yqVrgDhX6CGkKpXsKg==
age: 64963
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 26 Sep 2022 22:37:58 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
sabab2b.com/
18.138.91.122301 Moved Permanently 178 B IP 18.138.91.122:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Mon, 26 Sep 2022 22:37:58 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.sabab2b.com/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Mon, 26 Sep 2022 22:10:46 GMT
Expires: Mon, 26 Sep 2022 22:39:20 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 dac7cf040932e0c072eeed10afdd7b3e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: j9aPmi0Gqn74cAbmtDSHyZpP75cyWQZPGwq9aOtONCHmTLDAIemLLw==
Age: 1633
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 5adb7eb1d103eadeeafac36e663ffdd3
23b784388dd634fa736cd60aed71570661e73d02
5c95ba48bc342887b4f7ef697bd4def50f6f2f472f654169179e5ac44df883d9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1781
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:37:59 GMT
Last-Modified: Mon, 26 Sep 2022 22:08:18 GMT
Server: ECS (ska/F70C)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.215.91.121101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.215.91.121:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DivQVdFWLAjfD6PILIkEEg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: A8ZcX2aBQsLF1RVXFUB7+XIi48Y=
www.sabab2b.com/
54.230.111.61301 Moved Permanently 162 B IP 54.230.111.61:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Server: nginx
Date: Mon, 26 Sep 2022 22:37:59 GMT
Location: https://www.sabab2b.com/
Cache-Control: private
Via: mly, 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Mly-Id: f967d69373af324550a6574a68cc0eed
Timing-Allow-Origin: *
X-Cache: Miss from cloudfront
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: xlhH1z54iBT1gkGOBYYQ00_iUAS-YOvLjTS2Re4rljL7bx-qEI9upQ==
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1520d02cd498737b9b1d458559ad5dc3
daa4a988d77eec464f95d963b255ba1cbfc03350
6e0e6194c6ca388f8de61ea52809472ffcc897054ec3622b2854cc496342611b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6E0E6194C6CA388F8DE61EA52809472FFCC897054EC3622B2854CC496342611B"
Last-Modified: Sun, 25 Sep 2022 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21503
Expires: Tue, 27 Sep 2022 04:36:22 GMT
Date: Mon, 26 Sep 2022 22:37:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:38:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:38:00 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3198
Expires: Mon, 26 Sep 2022 23:31:18 GMT
Date: Mon, 26 Sep 2022 22:38:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
34.120.237.76200 OK 7.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4197a8a505b360b0c43142faf8cb7f48
4dbd2da7f7c45a97e3f6f6544ed428e892227cc3
434039a91ec37c8ff827c78f7613aa4f6416ded182b01140048a52654a2de4ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06b0646c-a8d3-4b51-ba84-a3c3dff2883c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7128
x-amzn-requestid: 5806782b-498e-427b-be73-a94695e3cacf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlPfFn4IAMFwMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bfc-07a420d631e463286c1dafa0;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:39:08 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: dVs6mb-XGvvd4DXu8yFwO11iheR3QU3O3jFpxjcHZnWCc6jlXpx0Rg==
via: 1.1 6c90b631453c435bd0022caa657b67e8.cloudfront.net (CloudFront), 1.1 cd858042f70b416ca05e042acf3908a4.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:54 GMT
age: 2766
etag: "4dbd2da7f7c45a97e3f6f6544ed428e892227cc3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
34.120.237.76200 OK 4.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash efaaa002eb6251769ea6dbf306ced3a1
9f99fa947a603fd6b10ff149e379cd04ad83d27a
238e0ca1aa29223416c34ef2dfcc6570c00e27a98991d91efc16e9bc4083c197
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8342bc11-d95e-4085-a7ca-d421aba94a91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4573
x-amzn-requestid: ff35a66a-caf2-4ff4-b850-01a584fc2aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1B8FzLIAMFSPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296872-5b4a410a2827baf5598d58e7;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:14:58 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NFjYOqhUeb3yyjMNWpoBNq_xcsX3wXvc3-rqJt4cGbJXY9Sxr5KpDA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 15:29:19 GMT
age: 25721
etag: "9f99fa947a603fd6b10ff149e379cd04ad83d27a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 08590e33d7c8ebc6360d1d631f29178d
b37a39808c82e85f1860a48b3f451ef8d172a336
393c2c891699d1c47cb9d73412229624bdb3cc10cc0b509d8ec582d2c9a97aa1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe1205d7e-1174-4788-b080-6eefdcf33480.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6836
x-amzn-requestid: 64bb0de3-8ea1-42eb-9f09-8ec659ee9298
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkrdFptoAMFmlA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b15-241d20bc25e670e12ff634cf;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: kYeh01s4UsRIkT9ASt--Gs5uUHPNIMrkY8eypOkjopOXBh4iwOshFw==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:51:13 GMT
etag: "b37a39808c82e85f1860a48b3f451ef8d172a336"
content-type: image/jpeg
age: 2807
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d478b7bea64d1a5998967c0a665e6be
b078452d30703ea98ad4a7f7fd411b3e2a42ee71
24158d741732109ae2be7314205ac35f4c8b29785876f2785e8bb0ea906762b0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc40a8f8a-3bc7-4223-a676-6960af975ebc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6628
x-amzn-requestid: 1f0e95f2-d860-422f-80ad-96c6e7c941c1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yv1vvHIaoAMFV4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63296997-5746c99d78e025945cfdd238;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 07:19:51 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 9-6jF5OoUb2I2HBasyNXBZC-L6rF1VINmgoBFZMuJ9eNelzkS-8BDQ==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:08:24 GMT
age: 1776
etag: "b078452d30703ea98ad4a7f7fd411b3e2a42ee71"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3140ec95f33c36599de95b25cdade940
932c74fa24b61ee1b1c672b6c19b1e736caab8d3
f7488246ca75fddc504812f4c5944a5a2494cdb14b6ef1db5fb28beca5cff194
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5bf02f4e-91c0-455b-8378-5eae82174db7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9737
x-amzn-requestid: aec3c3e9-42e5-4de5-8882-118002369ef8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreGJxoAMF-oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-527ccd70654c22891262279d;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ukn4d6yPeJJHN5trYK3xbhik2pX41zHki3nG5r6fCzQgm3vYw5lhAA==
via: 1.1 946b9edb2009c5508a0fbbd636f95014.cloudfront.net (CloudFront), 1.1 2ab6211e66998c8b58132661a7e3cade.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:43:16 GMT
age: 3284
etag: "932c74fa24b61ee1b1c672b6c19b1e736caab8d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f1af609199093985d73fd1d256482c12
a54f3f4af645c1c93299360bc7dcf06bbae8de81
047e15a2d3ea5b7d1f3d22cdac2ac0446c6267c99deb0b12576366088d29d5b3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5d8a8cc8-8c9a-4305-bb96-a248c5e44655.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8657
x-amzn-requestid: 172be66b-6140-4ff6-a061-22d177e75c23
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YtlXZGujoAMF2vQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63288295-6f74795f2b26d54409b2f388;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 14:54:13 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: RCHPkVe_BYTR3-jGiJZ6reK2ZNYa6rvqsK0_QZr0cTiR70JMRPSMuw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:02:04 GMT
age: 2156
etag: "a54f3f4af645c1c93299360bc7dcf06bbae8de81"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sabab2b.com/
54.230.111.27302 Found 123 B IP 54.230.111.27:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash ed2c0ec579ade5b0a05e7cec9d75ce84
956733ed4906d2dc2a1ce94bf85cb640ffa62208
1fda63f5a6c2b698939fca856ef912ef8a7b3e29bc86af7035106927380b4f0a
Analyzer Verdict Alert fortinet Phishing
GET / HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
content-type: text/html; charset=utf-8
content-length: 123
server: nginx
date: Mon, 26 Sep 2022 22:38:00 GMT
cache-control: private
location: /zh-CN
set-cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; path=/; HttpOnly; SameSite=Lax
x-aspnetmvc-version: 5.2
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: af1537668155f5847c5f0bb8c83703e4
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LfV_T1XhN6DXkTmzXsItvLgts3dzNEfNoCEmP9AaIyCJrsSMblf-aw==
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-NNCD9MB
142.250.74.72200 OK 37 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NNCD9MB
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash d516020f18645f50fc0361c5c3b35cca
8303fbd27f73de9c02dabfbfbbf7e95657ee028b
d36501811598ffb06d2f13dacdd039bc8183c988c8492efa0a0cdf64b9176746
GET /gtm.js?id=GTM-NNCD9MB HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 26 Sep 2022 22:38:02 GMT
expires: Mon, 26 Sep 2022 22:38:02 GMT
cache-control: private, max-age=900
last-modified: Mon, 26 Sep 2022 22:12:40 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37076
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:38:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sabab2b.com/icon/css?v=
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/icon/css?v=
IP 54.230.111.27:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /icon/css?v= HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 0
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: f1abeb819ecdc457404515ac3dafcaa4
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WAsayiNaLZi8fS971KeMJ0RH6-ihuV73vX-9XU6Ek1urdh1oaYSOkw==
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-W1VBK4NVK4>m=2oe9l0&_p=747506930&cid=1476008224.1664231881&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664231880&sct=1&seg=0&dl=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&dt=%E6%B2%99%E5%B7%B4%E4%BD%93%E8%82%B2&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-W1VBK4NVK4>m=2oe9l0&_p=747506930&cid=1476008224.1664231881&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664231880&sct=1&seg=0&dl=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&dt=%E6%B2%99%E5%B7%B4%E4%BD%93%E8%82%B2&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-W1VBK4NVK4>m=2oe9l0&_p=747506930&cid=1476008224.1664231881&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664231880&sct=1&seg=0&dl=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&dt=%E6%B2%99%E5%B7%B4%E4%BD%93%E8%82%B2&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.sabab2b.com
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.sabab2b.com
date: Mon, 26 Sep 2022 22:38:03 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.sabab2b.com/img/Path_8749.svg??v202209230003
54.230.111.27200 OK 271 B URL HTTP/2 www.sabab2b.com/img/Path_8749.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3699eaab8c7c34f02bf2534d1b6ed772
0c6f54af192edc97fd32284e86619a2b6c9121e4
a66f71231f478105f8965d30698a119f187e52835787c6ee6b2a4bb9a77fdb95
Analyzer Verdict Alert fortinet Phishing
GET /img/Path_8749.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 271
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 9a4268000e0860fea26e34df79499ea7
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hADRtitPdHfjKfFkXjLfhL-vkSjp5cVjNKTi9Pq2Fb1Y_q29B9m3MA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/checked.svg??v202209230003
54.230.111.27200 OK 567 B URL HTTP/2 www.sabab2b.com/img/checked.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash d1dbaf38dda31ea9ea4e46d7e769ddb1
cb5cd9a96dd8a2d3c059f05421dda9cf9ed12830
0b85900e846d7fd3c9c549919e8cec79719e725e9aea9c37233c95c43ffdb5a4
GET /img/checked.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 567
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c5a34e3e754224b5b355fe7e60f9de46
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z4fpXbiqxWDWzUUQm7eD_1cQ_jUoUbU1eCrdhzjRwUmCRoLIy9X5aQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/01_icon_1.svg??v202209230003
54.230.111.27200 OK 935 B URL HTTP/2 www.sabab2b.com/img/01_icon_1.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text, with very long lines (375)
Hash e722b5a965228d2d443c95f1d487afa5
32beebe4c98c05f7199fd495ca0eddf3cbb2edab
a29d85c5310f513fca6198d37765e7ec726a4877eaf01deca3143d0ab7f1b9cd
Analyzer Verdict Alert fortinet Phishing
GET /img/01_icon_1.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 935
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 7c78301f2788428a5d351f5af54ca7ca
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zo3eZonxJEau6Emv5jLn6ALSD1c9fPi2WmQxHyfzEpJdLrAsFL1veA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_close.svg??v202209230003
54.230.111.27200 OK 492 B URL HTTP/2 www.sabab2b.com/img/contact_icon_close.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text
Hash 2106d1c196dc3cf8d2495cf62fe0fe8e
1121668f753963cf9d07af1a23c3317e66158fda
f62b90add477d0d14e24b20d90926850a14e98b8e757f4f73b74f4b008db820b
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_icon_close.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 492
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "539375dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: e8a3fe0d5a2b07fc8bc37399a6b0e42f
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6VGxZtQHUedx7YuUE31fN0SAAdmf-2nsdubR0u2nNlkOz9aaFSGS9A==
X-Firefox-Spdy: h2
www.sabab2b.com/img/kv_mask.svg??v202209230003
54.230.111.27200 OK 549 B URL HTTP/2 www.sabab2b.com/img/kv_mask.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text
Hash de057b1eb39d903723d2d680c593fba7
e9b0e644eb2de59346a9b6c472dad077dcd9b8d0
7fbe3b8330e4349a76dac5a7b7585529f4521ec77b129509aa1484e5075da155
GET /img/kv_mask.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 549
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 8f4f0687296ab6de1b4ec8372c476c6f
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PE7MM0x_C12Gfvf_tiLWMu4aFU_fDihawUOlkbu6Zs2vmSptzLMvOQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/gototop.svg??v202209230003
54.230.111.27200 OK 582 B URL HTTP/2 www.sabab2b.com/img/gototop.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text
Hash 0922f7e66bc5a35487aae6e2b36ecded
197c942908d41c27a3c34016e97c3d4a412c0dc7
e15529a06f82d41299306db7a1653a47a32a13da53129866eb36b7c8202c0560
GET /img/gototop.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 582
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 4cdb292b96ff58e23684fcc9c37d52c5
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V8c6C55FLZwEcvtdkZhFavlfN1htmF2NnveHmzjo4QZVn6BdgciAwA==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/vintage-popup?v=5aeD3r3nLUHahliUCb8ydvwaWObqlyPxPIcU8aHXTMw1
54.230.111.27200 OK 5.6 kB URL HTTP/2 www.sabab2b.com/bundles/vintage-popup?v=5aeD3r3nLUHahliUCb8ydvwaWObqlyPxPIcU8aHXTMw1
IP 54.230.111.27:0
File type ASCII text, with very long lines (5620), with no line terminators
Hash e783b4237bc13907d5969c9393578695
7a0f504e04108f7b968c3f14a08d68d813f0f97f
526131e534f90c4146e03130f6ffdca4f184f43aa476726ef3ba9c43ef195653
Analyzer Verdict Alert fortinet Phishing
GET /bundles/vintage-popup?v=5aeD3r3nLUHahliUCb8ydvwaWObqlyPxPIcU8aHXTMw1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 5620
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 85142921ddd3feaf332ff995c10124e6
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: trzjQbvWqZmPwx3h1grw6p0KrRpbYjUSNuYf3vPsQhmY_q6Gl6zlQA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_Remarks.svg??v202209230003
54.230.111.27200 OK 708 B URL HTTP/2 www.sabab2b.com/img/contact_icon_Remarks.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text
Hash 11f7d512e65812172768cce612f97dc7
f46c75927be01da2280b72503b76c851ea26e718
1377a809bdaeb6bff8efaf25005ae800aab2c18acad44d69897f352a1116ce16
GET /img/contact_icon_Remarks.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 708
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "539375dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: af55df212aa47c2b137ebdba0ca6312f
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tYWoxZZxxKL1pZIVK4D3Z5vLBKMvmkfSB-FKQoXX2QW0MyKdlP9kpQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_telegram.svg??v202209230003
54.230.111.27200 OK 592 B URL HTTP/2 www.sabab2b.com/img/contact_icon_telegram.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash f8c9b1517f859d1574e4a80e528a9313
b51e7c96776eda467b63d9a99557398e12b5d641
0c0a9a2892da4010d896a6c432c8e19ca6032b3deddb0081aa7fbb79eabd6b9a
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_icon_telegram.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 592
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Thu, 22 Sep 2022 11:37:24 GMT
accept-ranges: bytes
etag: "31732faf77ced81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: b3569b16484f39243925f5e8d89b37a8
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: spk_8o2bwrp1xwlI4CrYoQSixyzvQKC9_Iw7NykN1WNEhYais4YtCw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_email2.svg??v202209230003
54.230.111.27200 OK 643 B URL HTTP/2 www.sabab2b.com/img/contact_icon_email2.svg??v202209230003
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 4867ea07f698bc587efab4b8efdabb5c
912902b4bc452bf634bd2787145340ee1ae145cf
fb1322aed74cdfc4f03261508de545b3ed1efcb18d38ede549c8a759e7788c10
GET /img/contact_icon_email2.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 643
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Thu, 22 Sep 2022 11:37:24 GMT
accept-ranges: bytes
etag: "31732faf77ced81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 20983b1dffdf58b8fae7b3580b96c166
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E1alZ9xLIjRsYOVTgi77FKwRgTCCDL5SnT7HbigMdji2CehQbVYEHg==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/home-sliderPlay?v=C-pcyFqhPmZavXAcqaJDy76e3-iDf6fuv5FSZviVEzk1
54.230.111.27200 OK 2.4 kB URL HTTP/2 www.sabab2b.com/bundles/home-sliderPlay?v=C-pcyFqhPmZavXAcqaJDy76e3-iDf6fuv5FSZviVEzk1
IP 54.230.111.27:0
File type ASCII text, with very long lines (2411), with no line terminators
Hash a7d183d746299d78dad87ceb77b73081
23cd46b05ce84ca3de3d439ab7c6739d53dc32d0
97eace4b03eaac8d71f3e7cc1d9cce8401ebb01dac110905fcd8ec6308d07e6e
Analyzer Verdict Alert fortinet Phishing
GET /bundles/home-sliderPlay?v=C-pcyFqhPmZavXAcqaJDy76e3-iDf6fuv5FSZviVEzk1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 2411
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c643723e12934967d4b887cef00e8a1f
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CfUS65raum0cW2Rgas-SWhYDamvn8CB8uvGk5IAmmwIdVxQIQiGcbw==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/jquery-validator?v=6apyXzViZtKu29BNAvUv6VX5ji6CXS2FNPxXgJYCjVA1
54.230.111.27200 OK 23 kB URL HTTP/2 www.sabab2b.com/bundles/jquery-validator?v=6apyXzViZtKu29BNAvUv6VX5ji6CXS2FNPxXgJYCjVA1
IP 54.230.111.27:0
File type ASCII text, with very long lines (23073), with no line terminators
Hash 05458e62916be70d7174f8fa2eacbd31
5e85e75c011b34102fbd283679510a6001473cbd
0b2a4c18054b3b768e60468c50779cf14695f07d9599ac2fe2fd00b3479b23cb
Analyzer Verdict Alert fortinet Phishing
GET /bundles/jquery-validator?v=6apyXzViZtKu29BNAvUv6VX5ji6CXS2FNPxXgJYCjVA1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 23073
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 2bf0c4c49f313c474222e023a2879811
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sEYHx8o9GIYyM3MyoH7hNmcZLE_VNszdxA3iH_0kpKZx8Xf3rMHEIw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/esports_m.jpg??v202209230003
54.230.111.27200 OK 54 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/esports_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x904, components 3\012- data
Hash 1f3d84dca1c57257c11ce7eee165095a
23cdd65f1c79df4fedf2eaa9158734826ee23681
0434a160e1ab35ea6028d5573ca0291fe11ea4091c41cef206cff86a5fefc162
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/esports_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 54495
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 7ba5f82c83dfc21e53ccd8d2efe605d5
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gHw8PJC-Xm0Rv9cOVcmTq2gXz1A1oP9eVVJfwTMuBrsKcJl6cJqeTw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_pg_3_2.png??v202209230003
54.230.111.27200 OK 71 kB URL HTTP/2 www.sabab2b.com/img/04_pg_3_2.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 800 x 624, 8-bit colormap, non-interlaced\012- data
Hash 7586738455bcce425c2f91789c24a8af
9c7cb8750f1ed400f2345b82b059e1a2a8c7874f
02634aba357323d74807993bd71c2e1d7401301eb5148f8b3953cc4082880fe2
Analyzer Verdict Alert fortinet Phishing
GET /img/04_pg_3_2.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 70601
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c18e38ecd2741125ddeb71d50bea11aa
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SW_FeI7mUxeyOP4CGdJrLT7i9pFvGhgJU4qyOIURb15I092Zihx5dA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/time_machine_m.jpg??v202209230003
54.230.111.27200 OK 81 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/time_machine_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x904, components 3\012- data
Hash b4cfa504479da48251053c1ecaf4de68
bf16cb24f5a403ecaf988a66a9b17ffbe399743e
7f489c38d31e65547964792d1e3f0288c1a21c191e3b256c7f949dff88d00423
GET /img/zh-CN/time_machine_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 80551
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: ff6b9cb01d045de83cf556d269b78497
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GcHmcB9AHbRnx0Ysi5gWInQrY2NmgEi4VRpSjzNk5GWlJLhaqsguQA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/bg_movie.jpg
54.230.111.27200 OK 49 kB URL HTTP/2 www.sabab2b.com/img/bg_movie.jpg
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1320x751, components 3\012- data
Hash 8d0d55cac045c8072ef9c997fddeea1b
8f2e81592478489f5f59bcc7ec4b96e445ed3ccd
b251d26a88bd9156ee571ca71f7aa8fef462d0b169c33cfc5125efb47e29ae10
GET /img/bg_movie.jpg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 49412
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f2ce70dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 70bd82b8a12a61777ac5926a4f932afe
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PgVHadhBo7qdaOQJzeKOB0EuyPruTz6aKrQ1axsocPGl1rWtw60Ptw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_pg_3_1.png??v202209230003
54.230.111.27200 OK 72 kB URL HTTP/2 www.sabab2b.com/img/04_pg_3_1.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 800 x 624, 8-bit colormap, non-interlaced\012- data
Hash 802bb912cf5ad9e4df5bec241eaade67
75b5fd99347cfb9fea76800fd92f9145f40cffdb
815d1b27f82b1e16ec887daec747052da0655d3db32acbca38c046ee587c0f2f
Analyzer Verdict Alert fortinet Phishing
GET /img/04_pg_3_1.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 71721
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: d5a150b1fda03144a338a30b5eb87ef7
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QlV3niazBztdwk1fawkraYTSIsKcT4jmAwRe-3a_hxAKRC4r9fYrPA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/saba_virtual_soccer_m.jpg??v202209230003
54.230.111.27200 OK 82 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/saba_virtual_soccer_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x904, components 3\012- data
Hash d7b47387563d836bd8cf7092cea3b5d0
894ac80f90d7fdd171e986f09b54eea4661ded35
3fe40c7696e897e23e69959ef3dfc7e51bc55ce9d731c5c3929e994cd769fec9
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/saba_virtual_soccer_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 82257
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 3867d829b3b9b71f92b11694e6c58734
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q7FA9o3L79jVfYypdEQOuA3LBX8Mfm9UdReVGRakIa5iAhkw7vSqwA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_pg_1.png??v202209230003
54.230.111.27200 OK 54 kB URL HTTP/2 www.sabab2b.com/img/04_pg_1.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 800 x 624, 8-bit colormap, non-interlaced\012- data
Hash de88b9263c0d7f3443d8777bccfb6f83
6354f6c9d26c7c09028d32207fa83b2772890911
9a5b239b999d8622f77edd0748ff866bbfa8eccd21025961814d4c18a66b5aba
GET /img/04_pg_1.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 54164
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 9dd09584b65df31ca738c88574600245
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VkpgXeM4xd-7f3hE_PN7vqgbFryOD5MXts9_772pef5SgPVloy2G6w==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/owlcarousel?v=bUTI2JXsz_hJtSDtBMfyxkSRJmjM0VzyS83Qc6woNyU1
54.230.111.27200 OK 44 kB URL HTTP/2 www.sabab2b.com/bundles/owlcarousel?v=bUTI2JXsz_hJtSDtBMfyxkSRJmjM0VzyS83Qc6woNyU1
IP 54.230.111.27:0
File type ASCII text, with very long lines (44121), with no line terminators
Hash 6c0060781af40b4f4a78f80698651977
858b23ea960e108e0b51083b4dbe04215173febb
e08d9ffac527ae24bcc0ddc4eff92e2d077dcf7e0e7b69938263b88bbd0bc174
GET /bundles/owlcarousel?v=bUTI2JXsz_hJtSDtBMfyxkSRJmjM0VzyS83Qc6woNyU1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 44121
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c67c399b69de0fea3fa53c1ef0cd467e
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LghVqwNMWL5Iid2_3RyiBFWf6ub7-81WkDDuJnOo5Ua3OkY2ge6cJw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/whitelabel_m.jpg??v202209230003
54.230.111.27200 OK 122 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/whitelabel_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x904, components 3\012- data
Size 122 kB (121892 bytes)
Hash 2a72c2d3cd0e80b7b01e76676e8095fc
14c560f3f7fe8096acbdeaefa557b05edd96927e
a0007d90f4f8639e40a753e093e45c30b5699bc10b9189a89dca537033ce1081
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/whitelabel_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 121892
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Thu, 09 Jun 2022 09:53:39 GMT
accept-ranges: bytes
etag: "16ba5dcbe67bd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: ba1b66f982f8a147503752476757badd
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p-0cJIM91piIIezaHBjjhfdsdiwi9KpAzfyGd_l4wGduzY-jW5MLmg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/experience_m.jpg??v202209230003
54.230.111.27200 OK 125 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/experience_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, baseline, precision 8, 750x904, components 3\012- data
Size 125 kB (124856 bytes)
Hash 1d5beac0d42bdd8819c4c417e1759f82
afc338423782f3700657d39e1d8f33b3957f385d
f512d74c20455e3fd1a95cbd04c47b8f148c91d00658f791abc77a15bdb85afb
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/experience_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 124856
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 142296e702efc18dc510feb01532c965
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Oq-DjH5grDoFhLZBts95Q6Y0lY3qmk2Tpe8kKGA3z4slmnEesTT1Pw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/pingoal_m.jpg??v202209230003
54.230.111.27200 OK 183 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/pingoal_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 750x904, components 3\012- data
Size 183 kB (182664 bytes)
Hash 652f758f1b28fef0cd77b4b5397f9a39
88f594158ab9a348f8b66a8c9001dd725ee249a1
5a02de75d5795144efbd67c28f656479d9b75adcb4b7fc0f999f2a169f8b4b4f
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/pingoal_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 182664
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 4833ecf7f541667fc37b496d057a5438
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wb1Ra5E_snVLWK4KbjpCTrsPapxdK3-MXXgsqK-OctS4M9VzdnEn1w==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/common?v=QuZgzCM4v2ZhzC4c49GO-9ZtAYUKszJurU8Jmw7hJ2Y1
54.230.111.27200 OK 114 kB URL HTTP/2 www.sabab2b.com/bundles/common?v=QuZgzCM4v2ZhzC4c49GO-9ZtAYUKszJurU8Jmw7hJ2Y1
IP 54.230.111.27:0
File type Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Size 114 kB (114229 bytes)
Hash 7138f3614110e504b0f41bc50d8e6cd8
89aa613a8b2a37f03072e8c1d3ddfc820cd12cd5
a76c50957c72854e40927ffd6903eea07f5e7076b806fe2ff2854752e3d9641e
Analyzer Verdict Alert fortinet Phishing
GET /bundles/common?v=QuZgzCM4v2ZhzC4c49GO-9ZtAYUKszJurU8Jmw7hJ2Y1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 114229
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 4ee85f91c71e16bb5f6054a6bb37762b
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CTYnpQW3iDyJZUtryQvY6BCzY97zd-SUg_t80RoBAT4AULFYRVr3DA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/time_machine_d.jpg??v202209230003
54.230.111.27200 OK 198 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/time_machine_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 198 kB (197764 bytes)
Hash 301d87a1e702b2c301d90fc6c2495a30
ab2f53109bb4fa1e0f594bce576ad0d39253f52b
8917543c3321791f015a1d5243bd17554385c70914859dfeea76629d869ac92d
GET /img/zh-CN/time_machine_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 197764
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: cb5fb5eb5f8cc78c48229cba82a96ae3
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oL9oRq4V2yAohUZ2jPctEeCAArmtNI0Aon_ked3GfWGEhPvRLuMoSA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/esports_d.jpg??v202209230003
54.230.111.27200 OK 120 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/esports_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 120 kB (119599 bytes)
Hash 2aac566645099e879d165adf6d3e17cb
3fd47dc0a1fdec787d0bc21874daf7df693a2b25
9598b6946e9c74526eab2457bcf8211a834e5e3d4a5e6f112b1ad3523d98c3f4
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/esports_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 119599
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 146810de8cc98e4b4f336b4d80ee971c
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4ASTIFF0SDupgZmR272Y4EYBbzhUfeyClzQBWBKpiarcwS_7yBR2ag==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/pingoal_d.jpg??v202209230003
54.230.111.27200 OK 201 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/pingoal_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 201 kB (201310 bytes)
Hash f48a5a54bdf25742201b03463fbcd06a
ad0190b80aada6a2b6301b281d9e392c94c795bd
e112d591da53f9c4b024c4195b7cab8e2aa362a7a88807ac3a3259f3599ba300
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/pingoal_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 201310
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 586d50a0a0dc599916cb7073b7c92622
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s8yvl81leuu7r_QIoaSfQLDAvuaIgqh3m-BvLeL6gRZvi8I8Src3DA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/cashout_m.jpg??v202209230003
54.230.111.27200 OK 127 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/cashout_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x904, components 3\012- data
Size 127 kB (127161 bytes)
Hash 3eee6cb32d9110324e29f8218784538e
19b6ff0187f2ffc25f8039371e806f7e968c7e0d
346628a02d517079c7c8ec0a14adc7ef9afa6187dfa28c4ba17cd6558da418a1
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/cashout_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 127161
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Tue, 02 Aug 2022 07:19:54 GMT
accept-ranges: bytes
etag: "5efb564340a6d81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: d718db881fc60d4985bfee42ae34ef6b
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3VitFQOdxksD-yooCKxQYZU9OgMiMNzcsrg8h2GFOVJhzNMk6_cLWA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_pg_2.png??v202209230003
54.230.111.27200 OK 98 kB URL HTTP/2 www.sabab2b.com/img/04_pg_2.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 800 x 624, 8-bit colormap, non-interlaced\012- data
Hash 50403ec4f6639ecab1b6de7b625d1a15
30f13e539a268289d81b47aa47368d850182352f
cbe24790f244016c63d88973a38933a6f17acdb602ba066eff67f716b142dc50
GET /img/04_pg_2.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 98510
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5e103db1ef3804fbfcf5d2d8177f59b2
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Im3gQP7nhB4GeIaLwu728F2vCs7UahuDPzTyS8P5zzNuDnD_Z9cjGQ==
X-Firefox-Spdy: h2
www.sabab2b.com/bundles/swiper?v=tOVjmXVTL3raFacrP6kJOLlo1nlHZ7RhA0_V0DPkZc41
54.230.111.27200 OK 128 kB URL HTTP/2 www.sabab2b.com/bundles/swiper?v=tOVjmXVTL3raFacrP6kJOLlo1nlHZ7RhA0_V0DPkZc41
IP 54.230.111.27:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 128 kB (128105 bytes)
Hash d5dc816a08f554d4e93299ecdeab4054
782846b92c84a507dd4ea26575e97bcbc9e08b3f
b39164f4d80afdb8cc67b1a826317085227eed153f39ae8ef2c1f82dead096cd
Analyzer Verdict Alert fortinet Phishing
GET /bundles/swiper?v=tOVjmXVTL3raFacrP6kJOLlo1nlHZ7RhA0_V0DPkZc41 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 128105
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 9906f1bd709e03513a0d2ca9f25eb3df
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wFaslZJby2blIA89UOS9pz1LVya5crsBn-xQQBmwyn6S6_Ig3BqzZg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/papa_thumb.png??v202209230003
54.230.111.27200 OK 80 kB URL HTTP/2 www.sabab2b.com/img/papa_thumb.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 340 x 362, 8-bit/color RGBA, non-interlaced\012- data
Hash f806c73d38d519663dc6b7674190e15a
86862cfc1626f4709ad8dee3f36c95520ed39127
70c41a6e870052f8a003230efd7e421dd1a59d0f356ac0bcadd9c41a842292b2
GET /img/papa_thumb.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 80523
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: cf1ae347a4e66956b265c24426e1b345
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DYE-IRV72YiWqZMiunLT4X7pMDaWdAu5ptZ-KMU-U5cbOKF180QTlg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/01_pg_1.png??v202209230003
54.230.111.27200 OK 129 kB URL HTTP/2 www.sabab2b.com/img/01_pg_1.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 897 x 650, 8-bit colormap, non-interlaced\012- data
Size 129 kB (128728 bytes)
Hash 30aec5c83904e47d34e7b63b65bd1ce4
929ab039dda7425e213a3829460aeacfa9ceed4c
567ed0ab6b8110046e946f5afff465988d9019397a375c4cd10e259b7d0268ed
GET /img/01_pg_1.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 128728
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 463b2c86386a1d857cbc77501dd43350
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: StsbkdSUdYFTAcy7GXRtzgFmmwNJDsoYIkYZ0ykXNrpG3jSP5ciQSw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/dropdown_saba.png??v202209230003
54.230.111.27200 OK 256 kB URL HTTP/2 www.sabab2b.com/img/dropdown_saba.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 580 x 416, 8-bit/color RGBA, non-interlaced\012- data
Size 256 kB (255672 bytes)
Hash 80a2e1bcf616c14c2f25f65c5fab2a18
82ed63cf83dffa6b98500cce76969bcb96115d72
dcb9b26c9d9a1318073602be575f3e436527fbb76581b3315f0d61649231601c
GET /img/dropdown_saba.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 255672
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 949a7e37725c296dfe8b9baf24a1b8e7
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CM4TmfCBwHroPgPBm-pbhf0QcQMpReD8TTiBzllIlVImGnGn3IOJzQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/dropdown_cv.png??v202209230003
54.230.111.27200 OK 307 kB URL HTTP/2 www.sabab2b.com/img/dropdown_cv.png??v202209230003
IP 54.230.111.27:0
File type PNG image data, 580 x 416, 8-bit/color RGBA, non-interlaced\012- data
Size 307 kB (306898 bytes)
Hash 6e12a868fcc182cbe301e5df55715c00
bc1e3794ba0b5cfd26c25f069bf5345bfeb212ba
db6f601a2915a4eaae2ba6287e66d182306e7c64d0c85ba48289b0f00c70c502
GET /img/dropdown_cv.png??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 306898
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5b087e47048a20e759158cad2a9a2327
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YfPur2sWxCk9uKJ7a_ky3WNnJ1IFGeJPoK3_13-SV3haHzT7dAt01w==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/whitelabel_d.jpg??v202209230003
54.230.111.27200 OK 228 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/whitelabel_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 228 kB (228000 bytes)
Hash 525e2f7fcfe01bd0c8585419b196b879
29375a7524c36a7518b72d25a1452ddf9d4e5f26
c587e270e444dac754c033266c45cee7838c7e09b95c86e2fdc612bb5ada0843
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/whitelabel_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 228000
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Thu, 09 Jun 2022 09:53:39 GMT
accept-ranges: bytes
etag: "16ba5dcbe67bd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: db1e3fbff3664d66267c6c7c188314eb
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xlY8Vhc4ELlMMYl9MIQ1p5RCCEJx7VHBjgVcCytcI75_FGIpNBgg4w==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/experience_d.jpg??v202209230003
54.230.111.27200 OK 224 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/experience_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, baseline, precision 8, 1920x1080, components 3\012- data
Size 224 kB (223615 bytes)
Hash ffa72480205dbebda6745787c3fbe537
b45119c2506d8781ba211ecd3eb85778c865edcf
2c735405cef2e2630f4bb05f3b13426a7f9941f8de01d26279238d829565c908
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/experience_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 223615
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 55877babaaa651c460e88adad5ba82a9
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VhxNQsoSvOLkkSCjZUcwXKF-spO-1fc5hFJ-MmWvwSbAIYjFjeLGDA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/euro-b2b_d.jpg??v202209230003
54.230.111.27200 OK 270 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/euro-b2b_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 270 kB (269995 bytes)
Hash 44025ed483b14649421d1b879ffa048d
9d8fc66e32ea9f6471e1854669ffa2a4aabef8ff
ccf66c8d7f93c92445ed23212bcd1ad996057fea402f37c00b2545448aa50711
GET /img/zh-CN/euro-b2b_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 269995
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "58b9fdc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: b9d8f8e4813a9566a4e6783d68da1d45
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7hBxEwkK3U_T1jsY4ED20DgSDccUb1CqJTLK5Fa-QMG7ES3ymU9jSg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/cashout_d.jpg??v202209230003
54.230.111.27200 OK 260 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/cashout_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1080, components 3\012- data
Size 260 kB (260435 bytes)
Hash 64443a2d90bee7dd351bcccc8d062320
4b288a3e5bc43b7b731d15f8798e96708eeff18d
5a184c5f054d8ceebc2a76f7146b0c423352e8be88867b47416a5ba0430bac10
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/cashout_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 260435
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Tue, 02 Aug 2022 07:19:54 GMT
accept-ranges: bytes
etag: "58d4564340a6d81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c82d41cab8c8c1779a28a00343dbffb8
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gEIynxFIJViDq4gf_OLkPQisnHGYqz8F3oL92nZCb0nMa7cez3huvA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/saba_virtual_soccer_d.jpg??v202209230003
54.230.111.27200 OK 226 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/saba_virtual_soccer_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1080, components 3\012- data
Size 226 kB (225654 bytes)
Hash 7366c650360a4841bb3dc9a36ab0cda0
28ba94bc02fe4b4b6c1e2a180939a3bef70d5d75
78659ad3a33ae4dec7222289901f8543e17c566c6ad814933a37eb89e3cfb548
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/saba_virtual_soccer_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 225654
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c0b224fe919a40563806856c9db9e9c6
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0Ot8MTbOslTiT8cOJVzlECgV2FB2kim_0KcnJUbhmwbSBjY7Xc947Q==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/euro-b2b_m.jpg??v202209230003
54.230.111.27200 OK 124 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/euro-b2b_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 750x904, components 3\012- data
Size 124 kB (123799 bytes)
Hash c3d386e451544459c005a07fa68d1fd0
a9cc8db5b94879947a191a669ac605f99d58a939
556f6f2c8693fe54586c7f2cec34b730b4854f7f03d67f2aabd07f17eeb493dc
GET /img/zh-CN/euro-b2b_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 123799
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "58b9fdc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: a75583ff55c1942ae6bb915649eef4a5
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hKZo9pKQ6XCrhGUvGXl2mWAMGS_2Ny-3sTEM3xjScHskHt2PHK4b1Q==
X-Firefox-Spdy: h2
cdn.livechatinc.com/tracking.js
23.36.79.17200 OK 26 kB URL HTTP/2 cdn.livechatinc.com/tracking.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash bf94569bb3e0f1ffc8335c85b8beb771
9e821813aaa1fad1013aba3b77d1efef35b77f82
f034d896fc8f593a46fa51d25e5f10945783cca9a33cbe186cc3c37da2081624
GET /tracking.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 10:03:22 GMT
x-amz-version-id: O_IWnJ8_6UFnDnYWNYZfebEg7uBCf6_J
server: AmazonS3
content-encoding: br
etag: W/"08c0746873a649a99ee8d47403496ba9"
vary: Accept-Encoding
x-amz-cf-pop: HAM50-C2
x-amz-cf-id: efJRQRRQf3l5tBSzCgKucs8b5uK9Cp1s5KEJtFWxVBNfu_suo-lsZg==
content-length: 25722
cache-control: max-age=28800
expires: Tue, 27 Sep 2022 06:38:04 GMT
date: Mon, 26 Sep 2022 22:38:04 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
www.sabab2b.com/img/icon_arrow.svg
54.230.111.27200 OK 278 B URL HTTP/2 www.sabab2b.com/img/icon_arrow.svg
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , ASCII text
Hash 3da1eb4b01745b48ca8c60d50c83a33f
75c588197724627d459ae3af6eff3704fc9cb14b
836a2e9f68d71caf35cb326d31bc80c1453284639791cb451d4db19f1e4e6da8
Analyzer Verdict Alert fortinet Phishing
GET /img/icon_arrow.svg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 278
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
accept-ranges: bytes
etag: "d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 98c9e20d05534e1b4714e70a0368dac7
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EGeJNZw4JpFvFCa9QZ08xIOx0t6VxJ2g8puBzPG7AGTazPSDMXWTcA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_2.png
54.230.111.27200 OK 7.3 kB URL HTTP/2 www.sabab2b.com/img/title_2.png
IP 54.230.111.27:0
File type PNG image data, 508 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash e5a39783e0a67712920ef0cbc55b5678
6e3abe0e9d92bc419e614cf129fe3714c27121dc
13c978f6342297af2ce79eb23d1c589d449ed32f718eb7294e88f99b0e0671c0
GET /img/title_2.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7269
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5bc8191d44348e9c18870373231d021e
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WK-lMNCTl4p2UEyibzkf9kGjPAL05_Xf2nndAqbUNPN4G6zh1T_NSQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_icon_sun_w.png
54.230.111.27200 OK 458 B URL HTTP/2 www.sabab2b.com/img/04_icon_sun_w.png
IP 54.230.111.27:0
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 58b8899c496f5e27fe0d993a297be553
c1f91acb95d69d28a419013f769a192c4ad622a0
1f382c458d6e3401823f5448af5cdc3cbfc043793fd054c8a7518ef7c170f35d
GET /img/04_icon_sun_w.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 458
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 45bf02913d51750ffe424f52c02686e7
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7AyU4S00m7_GiOUIV5wD75vL3nITjvwMasCO-Y7zpFq4qD11RfQxpQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_slider_btn01_off.svg
54.230.111.27200 OK 895 B URL HTTP/2 www.sabab2b.com/img/04_slider_btn01_off.svg
IP 54.230.111.27:0
File type SVG Scalable Vector Graphics image\012- , Unicode text, UTF-8 text
Hash 676c07e1a0f68a34e117a257aa5f7b02
9f9071f35ab117f1bf93894a3f482e5f68cf9a08
88a2ab42cbdbea7544c14388699e25b594d6b175513cfd3ad37dbbd9eff6cedc
Analyzer Verdict Alert fortinet Phishing
GET /img/04_slider_btn01_off.svg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 895
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 6298e5a8acb88ff3905843e44139eabf
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dk9I4QYjI8uq0w7Bzp0mDnfm2IPWbjRAgOTcyJjlH3zkXOn8lhvcDw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_6.png
54.230.111.27200 OK 9.6 kB URL HTTP/2 www.sabab2b.com/img/title_6.png
IP 54.230.111.27:0
File type PNG image data, 404 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 56afa7dd1b2de9a35b0c802cb1c22d07
2cf8623895b60cf1b47ef9da1a0d126026b95bd4
833be2f00e3ffc587325c0dc2d59fd12f5ae1dc8e2b3e414643a2c5251570e7a
GET /img/title_6.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 9643
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: c55f88da078a433178aff7fbd3ee9b33
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MAkQ1Dz0FWnx74KVObq0VJYNUBsK28uOKgKpOPhosVZKt_cJNofBcw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_8.png
54.230.111.27200 OK 8.3 kB URL HTTP/2 www.sabab2b.com/img/title_8.png
IP 54.230.111.27:0
File type PNG image data, 404 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d30c6dbb892ff9c1ab0e61a4e6f0a3e
e353b8e7a627201539363a94d82e3319ae88e537
ad79c387632906ae417e492091491009f32260ed221fd7d3c3726155e4623f28
GET /img/title_8.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 8321
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 86533a46a8e44d9f98c022568be68f25
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F1G-72f3aqGyCMbAvTAqzgXak0Tb-rtWk0NcoC-FRAYJzkZdi7y2XA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_icon_moon_b.png
54.230.111.27200 OK 644 B URL HTTP/2 www.sabab2b.com/img/04_icon_moon_b.png
IP 54.230.111.27:0
File type PNG image data, 29 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash fb310b7c5699cc32aadf427d882ea2f0
699e5fae41c1eca43e58679a9f1ef0dce8382063
fe09915890c65426baae943ecc70aab2d1f18002c0380c5e3133ff1f93d58cb2
GET /img/04_icon_moon_b.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 644
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 8ff4c536b5bff9e3000f6bc04cf05603
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7EHlwmieCLXAa8miGGbYlqHD3JtJvTfBLJGH2jNQcldJrxkU-N1Wvw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_1.png
54.230.111.27200 OK 7.6 kB URL HTTP/2 www.sabab2b.com/img/title_1.png
IP 54.230.111.27:0
File type PNG image data, 404 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 2fc5abd2c0ad2984fb1c38b844d785f0
e846642d89140b31eb7010bf48ba8653d9058c87
18de896d0e296c2552b8d356ba4a72a40d7829db40c025cc5418cdc368608572
GET /img/title_1.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7576
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 18c35fa7d3a8655ab515853fb78f4614
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sxDtJ4IBijB2xSRAmCryfI0s124QtLTE2hBPp2R2NRT87WzfRJHKPw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_3.png
54.230.111.27200 OK 5.3 kB URL HTTP/2 www.sabab2b.com/img/title_3.png
IP 54.230.111.27:0
File type PNG image data, 406 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash af6a21ac44fa5763c82519501d34437c
d06364f3b28693c75fa4340eb18642df934ac170
7de4aa51e4df0bc3c80a133bbbd8273d3f8c486760a938b0bad8be695b102ac9
GET /img/title_3.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 5305
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: ec6479c87aba2e8ab83904abe9d6a44e
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VFNLmliazhVz85ilik1jiqH2q6JtTt9CNudJFWN_1ILknzwmi5ZKdA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/icon_slider_bg.png
54.230.111.27200 OK 2.3 kB URL HTTP/2 www.sabab2b.com/img/icon_slider_bg.png
IP 54.230.111.27:0
File type PNG image data, 60 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 19f0c7ca863b7dbcfac6b8a0cae6b4c0
d148dfb4d28710582739cd24360f3720e6b5f161
c51df4e9c682845aeed92c49b8402da251ee796dd822c7fbb3def6528aac1341
GET /img/icon_slider_bg.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2327
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 8ff8bc78b981ceba4d0b4a5d307d348f
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NlB5ceWzvKupaWFge_u4hTSzallY2URbG6eiXbeHi49nsQ8uRzlYyA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/title_4.png
54.230.111.27200 OK 11 kB URL HTTP/2 www.sabab2b.com/img/title_4.png
IP 54.230.111.27:0
File type PNG image data, 404 x 90, 8-bit/color RGBA, non-interlaced\012- data
Hash 15cd643c12304f8fae7436017f9744ff
043c0561b94fc00e4fed62212efcbd32e6154706
8c93b9f275fa89dd495bfe0ea78875b78a4e726425eab4d064fa222d27c6bfad
GET /img/title_4.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 10755
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 0686aac8e524f56431a7b66f82982571
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fgv969nVCHpwwEbJsVkisfCGnQsp1HYh01icChKDlCYZCA9kbjvM0g==
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12352845&url=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&channel_type=code&jsonp=__dwd17a6918f
23.36.79.17200 OK 266 B URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_dynamic_configuration?license_id=12352845&url=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&channel_type=code&jsonp=__dwd17a6918f
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with no line terminators
Hash 959ef693441bdcb610dcc631aa248f11
dada1a9ffd946b32109fb3f27c1f308806f4bdae
3dbf0971ee65c2ed2bd03ae69da9e4c119078d502757e9daad2406fdb41676d5
GET /v3.3/customer/action/get_dynamic_configuration?license_id=12352845&url=https%3A%2F%2Fwww.sabab2b.com%2Fzh-CN&channel_type=code&jsonp=__dwd17a6918f HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-security-policy: frame-ancestors https://www.sabab2b.com/;
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
x-frame-options: allow-from https://www.sabab2b.com/
content-length: 266
date: Mon, 26 Sep 2022 22:38:04 GMT
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_btn_bg.png
54.230.111.27200 OK 21 kB URL HTTP/2 www.sabab2b.com/img/contact_btn_bg.png
IP 54.230.111.27:0
File type PNG image data, 337 x 356, 8-bit colormap, non-interlaced\012- data
Hash 03e2f59a01eccdaab6c78a83ae2a7aa0
479a4daf1a9e366acbf627bb74ce8ab0d8bd068b
ff3b69134366cce682afed757208c04643d2d8d39b3e70716d592caa44638189
GET /img/contact_btn_bg.png HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 21014
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f2ce70dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5f11fe94c6b4d4aa6fdbeb8960c67a84
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PvS4a3jorArt7k3mSAAnbQKJUQSBz_ba9GEL-ScGFFF_ThQCcDQr3A==
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12352845&version=671.1.1.967.232.138.13.3.2.1.2.4&group_id=0&jsonp=__lc_static_config
23.36.79.17200 OK 1.6 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_configuration?license_id=12352845&version=671.1.1.967.232.138.13.3.2.1.2.4&group_id=0&jsonp=__lc_static_config
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (4145), with no line terminators
Hash 4c57843d916dde46645213bb1868cced
47894ecd724129ee5b24f6ecb8d4c56e713b9c75
593c2b81fe0274c63d48279366c7fa17f05c2be8784edcef0b2f55e9f704467a
GET /v3.3/customer/action/get_configuration?license_id=12352845&version=671.1.1.967.232.138.13.3.2.1.2.4&group_id=0&jsonp=__lc_static_config HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 1576
cache-control: public, max-age=599
expires: Mon, 26 Sep 2022 22:48:04 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/sportslottery_d.jpg??v202209230003
54.230.111.27200 OK 696 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/sportslottery_d.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, progressive, precision 8, 1920x1080, components 3\012- data
Size 696 kB (695913 bytes)
Hash e207cd90f2a1bb1ba94d7a72acbd8693
09ee87024355517161bb1c54eaa91b2f56138c90
187deb13b58655988a8324e2a6624db64e58f1a8cdaee8cbf3c669650fd39793
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/sportslottery_d.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 695913
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Tue, 22 Mar 2022 08:27:35 GMT
accept-ranges: bytes
etag: "9b5aa7aec63dd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 4309313f68b0fca95fab87789cf443f2
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VGJ7_FVe9gd0RFTrPNQsvEEmp5w_FVJGvyR21WN08VLINYONXq6R7g==
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12352845&version=5e1168e902142152e22c4b338741d7fe_587f37a42aa10d7a7fc2e3175b9e54ed&language=cn&group_id=0&jsonp=__lc_localization
23.36.79.17200 OK 4.8 kB URL HTTP/2 api.livechatinc.com/v3.3/customer/action/get_localization?license_id=12352845&version=5e1168e902142152e22c4b338741d7fe_587f37a42aa10d7a7fc2e3175b9e54ed&language=cn&group_id=0&jsonp=__lc_localization
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (7428), with no line terminators
Hash 84b65af2ff95b36740f41bf390b38b09
f6a8d050eed71ce0b4f8cb4b8d8066caf388b1e9
e6df2b9850efc06796d531761c9047d8469d4a1f7410cc8ca037fd165e043057
GET /v3.3/customer/action/get_localization?license_id=12352845&version=5e1168e902142152e22c4b338741d7fe_587f37a42aa10d7a7fc2e3175b9e54ed&language=cn&group_id=0&jsonp=__lc_localization HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript; charset=UTF-8
legacy: 2023-06-30
vary: Accept-Encoding
cache-control: public, max-age=600
expires: Mon, 26 Sep 2022 22:48:05 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
content-length: 4813
X-Firefox-Spdy: h2
secure.livechatinc.com/customer/action/open_chat?license_id=12352845&group=0&embedded=1&widget_version=3&unique_groups=0
23.36.79.17200 OK 2.0 kB URL HTTP/2 secure.livechatinc.com/customer/action/open_chat?license_id=12352845&group=0&embedded=1&widget_version=3&unique_groups=0
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (4424), with no line terminators
Hash 9c3f16244be088f5cecf655868ac333a
597c9d5cc676f8391f669a8b63f0f2c79e7fe5cd
bcb414813b0925c5998a0ab7ceabf75130cfbcde72418189844ddcc0ef5e5e46
GET /customer/action/open_chat?license_id=12352845&group=0&embedded=1&widget_version=3&unique_groups=0 HTTP/1.1
Host: secure.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
content-type: text/html; charset=utf-8
vary: Accept-Encoding
content-length: 1966
date: Mon, 26 Sep 2022 22:38:05 GMT
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
23.36.79.17200 OK 70 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/0.96a16c18.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash 4e94f8d92e0b5b5d837c91a71518ae93
3a901f88735fe470d89fabae6f6da1bd6ef57370
ad40d01aa34c47aa7e9bc7bf52adc65074e90e7ea81a3646ee536b79a278be8c
GET /widget/static/js/0.96a16c18.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Wed, 07 Sep 2022 12:23:44 GMT
etag: W/"6a835528d087d08b1f0fe0642cb6d223"
x-amz-version-id: D3auGCHl.1EBD8fIsGg0TVEJ4vGgzVLu
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: 2Z3Jj0ChNSBBVMOnJi6CzXCHxdv4j89b_Ig-RZcY8UGtT5nFkSAmPg==
content-length: 69542
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 22:38:05 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/2.a65e7be1.chunk.js
23.36.79.17200 OK 94 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/2.a65e7be1.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65462)
Hash e1f86388fc53362dedcbdf4fa64da3be
25d35495db05ca6314204f14e1b3bdbb719adc66
3094dc7ea9c9fc782b217ee70520a59339ac167fc218c784553b2463a6d343d2
GET /widget/static/js/2.a65e7be1.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 10:03:22 GMT
x-amz-version-id: jKznX1AdEp8f6wadV31xCsDL1skHM78l
server: AmazonS3
content-encoding: br
etag: W/"4a3412eb638f4f47764705ca249f34e6"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: bdR8SwMrZoUGJnrXeTdIt7iEW68wTmUkvJiXQ0VpabfIoBv3PPM2wg==
content-length: 94247
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 22:38:05 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
cdn.livechatinc.com/widget/static/js/iframe.ded6051a.chunk.js
23.36.79.17200 OK 134 kB URL HTTP/2 cdn.livechatinc.com/widget/static/js/iframe.ded6051a.chunk.js
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (65536), with no line terminators
Size 134 kB (134457 bytes)
Hash 18bbdc45f833eb7de38cd159d3264ee9
2ee49b0a9d91f18af0952991043880facb715fc6
74ce7bfa68ad78f1ff4f449f610f077a5ba4ecf672cb1eaf09e8944d5ff5754e
GET /widget/static/js/iframe.ded6051a.chunk.js HTTP/1.1
Host: cdn.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
last-modified: Thu, 22 Sep 2022 10:03:24 GMT
etag: W/"2e8c291599908b1794e098530f0794c8"
x-amz-version-id: hH.VnI4gZdhI06TOf.rjAvldynmm8Xga
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-amz-cf-pop: HAM50-P2
x-amz-cf-id: b31kM9YB-gBTlwEm-T93MqQ0siqwchD6c_LBjMySxoADzmPEz6XoDg==
content-length: 134457
cache-control: max-age=31536000
expires: Tue, 26 Sep 2023 22:38:05 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 737756d717fd215d94458a21028ae486
ee3c3097bcb2ff3f5482b0dc6056b1549afa8f1f
8e705bae2060960e1b2f79c42ebc445d52f307aeac41b34d3a1789879e51b85a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 26 Sep 2022 22:38:05 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.sabab2b.com/img/04_slider_btn03_off.svg
54.230.111.27200 OK 2.2 kB URL HTTP/2 www.sabab2b.com/img/04_slider_btn03_off.svg
IP 54.230.111.27:0
Hash 82f3e37ee7faf74886365d7781938c1f
836e05bfd688f8f81d1c715ded7cf94e114c4de6
a39504d838e5c7bb824c0fd317b1e0c21fe5776d372b23950333ded006aa05f6
Analyzer Verdict Alert fortinet Phishing
GET /img/04_slider_btn03_off.svg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 038ccd4274b78885e31ded05558a1d2a
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N0IvoZuOOPRW4ypunrrTUy0c05qDbM06s-XHr5FmJz0Vr3vtvEEpug==
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:03:13 GMT
expires: Tue, 26 Sep 2023 21:03:13 GMT
cache-control: public, max-age=31536000
age: 5692
last-modified: Mon, 09 May 2022 18:27:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
142.250.74.163200 OK 13 kB URL HTTP/2 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12684
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 21:03:15 GMT
expires: Tue, 26 Sep 2023 21:03:15 GMT
cache-control: public, max-age=31536000
age: 5690
last-modified: Mon, 09 May 2022 18:28:04 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_slider_btn02_off.svg
54.230.111.27200 OK 1.1 kB URL HTTP/2 www.sabab2b.com/img/04_slider_btn02_off.svg
IP 54.230.111.27:0
Hash bff09e502b33339886247f55b11263c1
cf691b22ace3e08a5dad0c44b12131c661673d29
3ecef5a11a72290f187fbfc0bded0e7d7f48483736b0b501112f1500a94193fd
Analyzer Verdict Alert fortinet Phishing
GET /img/04_slider_btn02_off.svg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 171d52c9a88a12992c5a71578553ab0f
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2sY9xQBtS8IVJRZrwI9Q1eOd_r7uS-eJCVk9_9ReQ0P0BBX1BS4LnQ==
X-Firefox-Spdy: h2
api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12352845
23.36.79.17101 Switching Protocols 0 B URL HTTP/1.1 api.livechatinc.com/v3.3/customer/rtm/ws?license_id=12352845
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3.3/customer/rtm/ws?license_id=12352845 HTTP/1.1
Host: api.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://secure.livechatinc.com
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FQwUTE014QL8U0dIutmVxg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
sec-websocket-accept: NiOMMEJYMantG9xptS86RPlq3hc=
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://secure.livechatinc.com
legacy: 2023-06-30
Date: Mon, 26 Sep 2022 22:38:05 GMT
Upgrade: websocket
Connection: Upgrade
accounts.livechatinc.com/customer/token
23.36.79.17200 OK 138 B URL HTTP/2 accounts.livechatinc.com/customer/token
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text
Hash a4d6e67bbb962eb8cf4d0c4a8bbf2404
37dc6e6435a72ee37542d0edbb0642ec4ff0391b
7f8e1f14e97c5df51c6d016834abc782350c5f19f0e3a8d8354e7b0e580ec653
POST /customer/token HTTP/1.1
Host: accounts.livechatinc.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 190
Origin: https://secure.livechatinc.com
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://secure.livechatinc.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-type: application/json
expires: Fri, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
content-length: 138
date: Mon, 26 Sep 2022 22:38:05 GMT
set-cookie: __lc_cid=940e970f-ff15-4891-6e93-2702b5429ac7; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 26 Sep 2024 22:38:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b6e2efe4ff71afb2009b3d2259c177eeafca062ff8a342a66b2683709da93f0e4d9bbc904523a5923aa692261745f9bd01bdbe40d0ac1242d6d13f4d7a40; Path=/v2/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 26 Sep 2024 22:38:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cid=940e970f-ff15-4891-6e93-2702b5429ac7; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 26 Sep 2024 22:38:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__lc_cst=b6e2efe4ff71afb2009b3d2259c177eeafca062ff8a342a66b2683709da93f0e4d9bbc904523a5923aa692261745f9bd01bdbe40d0ac1242d6d13f4d7a40; Path=/customer/token; Domain=accounts.livechatinc.com; Expires=Thu, 26 Sep 2024 22:38:05 GMT; Max-Age=63072000; HttpOnly; Secure; SameSite=None
__oauth_redirect_detector=counter=1&t=1664231915&tag=e7143d1e628bb90e3b5b7e6d3484241c899012fc; Path=/; Expires=Mon, 26 Sep 2022 22:38:35 GMT; HttpOnly; Secure; SameSite=None
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_pg_1_d1221.jpg
54.230.111.27200 OK 222 kB URL HTTP/2 www.sabab2b.com/img/02_pg_1_d1221.jpg
IP 54.230.111.27:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3840x2160, components 3\012- data
Size 222 kB (222108 bytes)
Hash de6244a88d85c9c042704ff9ec1204a8
e3603d6fe1c3ab20a339b6bfbe5fa6ed945fdd75
8eea1aa71abd5c2a6081be41bb8534578ee39f376d365de33c24dfaf052898f2
GET /img/02_pg_1_d1221.jpg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 222108
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
accept-ranges: bytes
etag: "817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 9a7305de04e66a96541786b63c4db7a1
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o13dSFMbxLuV1J-Yow3wC9jfon77aOksRUt64flRS-EWnhQwaBVclw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/sportslottery_m.jpg??v202209230003
54.230.111.27200 OK 353 kB URL HTTP/2 www.sabab2b.com/img/zh-CN/sportslottery_m.jpg??v202209230003
IP 54.230.111.27:0
File type JPEG image data, progressive, precision 8, 750x904, components 3\012- data
Size 353 kB (352697 bytes)
Hash 61f2dad4b0217d03662f28e7cd39a248
9ddbab34fcd293500a9b857eafa53042a5e4863a
679cf6bb45680109924d8f6789cc8bf8659626a9dad2093d7e341035c6ee61fb
Analyzer Verdict Alert fortinet Phishing
GET /img/zh-CN/sportslottery_m.jpg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 352697
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Tue, 22 Mar 2022 08:27:35 GMT
accept-ranges: bytes
etag: "1bbda9aec63dd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: baae5dd514e0b7493ee3072c523c9aa8
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vxXTKafd-Y-3hK7W6QvRwTACr5AvLcul1MWQ8ILEUnUz781783JAVA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_pg_1_d.png?v=20220914
54.230.111.27200 OK 485 kB URL HTTP/2 www.sabab2b.com/img/06_pg_1_d.png?v=20220914
IP 54.230.111.27:0
File type PNG image data, 1920 x 1700, 8-bit colormap, non-interlaced\012- data
Size 485 kB (485083 bytes)
Hash 5707a0e519dc6f50e3d2caec7e186355
d76dfadcd9cd739cb3b3fe4ce0c9c10af2f2c464
62da30a1e71dbe094b7016bed10fe66d3decca5d32af56b9ba2af7f17f9e106f
Analyzer Verdict Alert fortinet Phishing
GET /img/06_pg_1_d.png?v=20220914 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 485083
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Thu, 22 Sep 2022 11:37:24 GMT
accept-ranges: bytes
etag: "b1102daf77ced81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 0a671ad743423b0091ab72b65e76ee15
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kl6zXF6DfXd5a0bXH371gUFz39C6k8ZhnnX79UsmCTyiK1QLza62QA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/footer_bg_d.png?120701
54.230.111.27200 OK 250 kB URL HTTP/2 www.sabab2b.com/img/footer_bg_d.png?120701
IP 54.230.111.27:0
File type PNG image data, 1922 x 683, 4-bit colormap, non-interlaced\012- data
Size 250 kB (249721 bytes)
Hash 68e69e4656373c64c00edd107fb42c4f
4650dfcf03fe58679cb4786b7e71735cdc54bce3
a8b825d29c3ad087ecc8250a73e2c8492a2f414f3a18090702a1371a3fb2c82c
GET /img/footer_bg_d.png?120701 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 249721
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 601c9e5b7a9387fd33f4d056b72f0a06
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pmj759fjz5ztJ8YqvImn_N8lBj7mZNNYtstg9DbDbCx9zOeQOIHA7g==
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
142.250.74.10200 OK 1.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Noto+Sans:400,700&subset=latin-ext&display=swap
IP 142.250.74.10:0
Hash cceb963d3f042e2433c88ec17449cbf5
2197da3ff4608a887d8e0a0ff0674e4738de8d58
c1c7ca5120215ebb4a13ef04d189c99fb502e07ea126bd754c30d771277e1b9a
GET /css?family=Noto+Sans:400,700&subset=latin-ext&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://secure.livechatinc.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 26 Sep 2022 22:38:05 GMT
date: Mon, 26 Sep 2022 22:38:05 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_abe_fail.gif
54.230.111.27200 OK 1.8 MB URL HTTP/2 www.sabab2b.com/img/contact_icon_abe_fail.gif
IP 54.230.111.27:0
File type GIF image data, version 89a, 600 x 734\012- data
Size 1.8 MB (1847006 bytes)
Hash 55fd5bd48a08b8738fb18aa87fd34ad5
2eeff03abd5614556c206e1afca32cda1161d609
bed7757ff0de7f093d082ced3553a41a7973eab43da3ce913e83b3ea5ab222c9
GET /img/contact_icon_abe_fail.gif HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1847006
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "fe3073dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: b69ab7a7200d7a53822417a6d6ced24b
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KhENmjtIfS1qEAwjGWnoGZCkEmif0lbEK3ABYHrSwi8lphQiWWQdfw==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62ece01d7e0036711832df5a25175b3b
c80d9ce02eeaa7b0166a696e811d2cffde4997d0
8a1968c18b44495571ff382a9cacfb7f98d3e1275d650e84cb310d635eae7e70
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb5538bec-989b-434a-bf80-699456665fd7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6829
x-amzn-requestid: cc3229a7-7c7e-472b-b7a4-1216594c4068
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Yshb2FwhoAMF2EA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632815e5-0964e463192712fb08a29ee7;Sampled=0
x-amzn-remapped-date: Mon, 19 Sep 2022 07:10:29 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 5cPZZOqAPyLdASSDpGDdne0bUt_SswKXMjufitPEjmp6tG5XtYz5Ag==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 22:05:59 GMT
age: 1928
etag: "c80d9ce02eeaa7b0166a696e811d2cffde4997d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sabab2b.com/img/01_icon_3.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/01_icon_3.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/01_icon_3.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 54bdb9e499644108018d5b9388436221
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xxRrzJ-mdo9LMXpRecxpZMCMQe_KrmdhyF0K3iwvpVDoaJcJVti7AQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_abe_flash.gif
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/contact_icon_abe_flash.gif
IP 54.230.111.27:0
GET /img/contact_icon_abe_flash.gif HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 4857024
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "539375dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: df231d5ef9f0cd7cadd9dfd39c24bb86
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UOeQhfmG7QPYlzn44xDs_TO1jqJ7P1WCKLcRtektJqN0f-1iENm-wg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_6.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_6.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_6.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 03931673ba854bb2acc9c08e94886bab
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: B9rtG2DekcnbAIXOrhkm0-2mTv6uSh0ii5Knm8QJDy4-JMORSptE9A==
X-Firefox-Spdy: h2
www.sabab2b.com/img/home_bg.jpg
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/home_bg.jpg
IP 54.230.111.27:0
GET /img/home_bg.jpg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 49171
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 6d8b7c51298a198b98fa1e1179bbfbf6
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1MOGmn618khB_7k617cUTIhvCAaMBTyPi7DKHX0q3-xViO0XWQg7_Q==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_btn_papa.png?=20210203
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/contact_btn_papa.png?=20210203
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_btn_papa.png?=20210203 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 47299
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f2ce70dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 69d42d42c18f3cbe7c95f0e726ff36b8
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fa7Enkp_25AWFwJkI5sc98Le2m9WhSWsqJpi6nr-MSoNH6amCIK5mg==
X-Firefox-Spdy: h2
www.sabab2b.com/Content/swiper-css?v=MvkC0DDN91Fg_uanuSA9AK5uXYjO6eR83wGdaJhO1n01
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/Content/swiper-css?v=MvkC0DDN91Fg_uanuSA9AK5uXYjO6eR83wGdaJhO1n01
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /Content/swiper-css?v=MvkC0DDN91Fg_uanuSA9AK5uXYjO6eR83wGdaJhO1n01 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: Accept-Encoding, User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5cae3acc8eff8667a95363774a8f274d
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: s5iUUopXxEu0mcZEXrn1dU-i1gh-4EienMPJNP9zehWimGNLykSrUA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/04_slider_btn01_on.svg
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/04_slider_btn01_on.svg
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/04_slider_btn01_on.svg HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: cae6c96370fd74e672e20cf954aa3aaa
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oorIqXL9Sqvk64lJy42Z6CQxEZ2N4m1X8XUVpQDjUAwr0o58xgkCXw==
X-Firefox-Spdy: h2
www.sabab2b.com/zh-CN
54.230.111.27200 OK 0 B IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /zh-CN HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
vary: Accept-Encoding
server: nginx
date: Mon, 26 Sep 2022 22:38:01 GMT
cache-control: private
x-aspnetmvc-version: 5.2
x-frame-options: SAMEORIGIN
set-cookie: __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; path=/; HttpOnly
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 72c9ff22b69065c2f0f750fff7b73928
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 79wJ0jmAv9_LpTAvSoZ0YWTdFrrIc8LZwr97Ee4J9M2WnQLf9zWXig==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn05.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn05.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn05.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 288ead08bb75560361a91445b3d535f5
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7W7mjrM8dzaO5k7msvciYv6pN-fpxpClyRbxJ202ydW8hD0nmRzJQQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/Group_15821.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/Group_15821.svg??v202209230003
IP 54.230.111.27:0
GET /img/Group_15821.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Fri, 20 May 2022 07:53:56 GMT
etag: W/"d752fbc11e6cd81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: d2f12fcf4e494ef1963ac1889e3ffe83
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zsOeqBiJzHtUlUXRlWL6XT_tJXvmiOVoqBXTPT4ctMNEIavxHCiWwQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_5.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_5.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_5.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: cd4bee2f4c7588f8e339f7b4352b0e43
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3bCv_l1mJGHh5LVD4LKsBXyG6oHruHX4qWajZpL0PQIB4jJ6JraXLQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/03_icon_1.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/03_icon_1.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/03_icon_1.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 5fa1ee1afc8661bc5a162be901903637
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: a4h_WeJXWzZYgDolZ3ORobSdZvJXeD5ug7hXDFGq_ItJDQ1CYzPxNw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_letstalk.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/contact_icon_letstalk.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_icon_letstalk.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Thu, 22 Sep 2022 11:37:24 GMT
etag: W/"31732faf77ced81:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 8c43ea67efdd2248c0f366583423dd16
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1O9z2YWTQFsIOxggiulGIBiQkGNY7GHRq3t6zOUi0zFDDLThp2Zs1w==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_4.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_4.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_4.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: bffff7bd80b2e41d79aa3d8944150750
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gs8bK-URRYU6alBrU8xfjRr52tidIeE9BR9_Ts0KWvF2Fvb1Tft3UQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/video.mp4??v202209230003
54.230.111.27206 Partial Content 0 B URL HTTP/2 www.sabab2b.com/img/video.mp4??v202209230003
IP 54.230.111.27:0
GET /img/video.mp4??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: video
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 206 Partial Content
content-type: video/mp4
content-length: 981180
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
accept-ranges: bytes
etag: "f8ba7cdcd3d9d71:0"
content-range: bytes 0-981179/981180
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: f2e877cc6bdffb860182394f83f3ded4
timing-allow-origin: *
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j-3YUmXgZY1hMdaRhQfVwLCMi6qoAxZcmh2siG0h-sLxOVuswSTHbA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/03_icon_3.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/03_icon_3.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/03_icon_3.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 7f70597a85accca49c87304241613754
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hhy82rZe37dQr7Lz51Xd9cl8XnpTORPsebiVpGy8Fkb9QD1ieMs3bA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/zh-CN/sabalogo.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/zh-CN/sabalogo.svg??v202209230003
IP 54.230.111.27:0
GET /img/zh-CN/sabalogo.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"151d7fdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 24d46b025a72f0c3d7580845b6876a62
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Yl1aU-Ku8PW9QKNz4nhtuEjHQqm3sDSG4ZkbtlRQvErpeHrwiAxp9Q==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_7.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_7.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_7.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: df30c5133e9bdbaba1c01ef279a85f8e
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lTTRC-pq-R0Yo5bvTaoTuHfWgESGtPjIL4RMf-0cIUPwUKqpwn5qEg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn03.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn03.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn03.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 2312b89f15ae40cb741ec8dded7d2b5d
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7uZKEQZqXdpD40QJe0ctUE4KYiJhAJiBns-nffe301ML8yUDgDNoBA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/01_icon_4.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/01_icon_4.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/01_icon_4.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 914d581b2052b1f98ca1319f5379f773
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xMjkZa8GdtJSPIt7p9ogwUlGrPKCdJqY4AYHMs76UKPX9PWTPkuY7A==
X-Firefox-Spdy: h2
www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /Content/css?v=hMidmJPgse4yIRwmnJU4L4XnLMezaG00aJXUvuHoNnQ1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: Accept-Encoding, User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 0bc1b0d206e3a9be4804af5fdf92a253
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Uo7Rqzrj3kX9ikOXvMWweRUtSYBzgAmCpJ4l0aZB_rD7O-fJmSXnmQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn02.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn02.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn02.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 86cef9c7f1e6a3a5189c8a8c4bcbd388
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nt4dF86bdLoktZhUbLnLIVOsELkae3x8LqoKJ2rDfGBGU8IG5KpxFQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_email.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/contact_icon_email.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_icon_email.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"539375dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: b1afcd1da51ba40385ab21a9592b08c7
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4ug-GGyZ-hdudZKowWRiJmp6laXJ_wWAER8zILwreVxttMzuDnJ96g==
X-Firefox-Spdy: h2
www.sabab2b.com/img/icon_flagEN.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/icon_flagEN.svg??v202209230003
IP 54.230.111.27:0
GET /img/icon_flagEN.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: fe223350155acdf3fc921d53fdcb7b8c
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YDhiOhGEs8dt3DRIq2o_BDKOrFKG9BFaRXWWAWQBNhF_5He2CaL16Q==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_10.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_10.svg??v202209230003
IP 54.230.111.27:0
GET /img/02_icon_10.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 0503cd3cf791746b89c98ec58e3ebc87
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ywD6gVAB6yqW3yt5Xl8x0zKMPYbfvGSE-6WrNfoAuKbsg-vTESGV-w==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_3.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_3.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_3.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: fac2af7821e7851589d382d0fd27384e
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -Q_sf7TuXdmC61nMAvNeguBCR7d01aVhWcR2AklEMmjb3ykJy2VUpQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/contact_icon_Brand.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/contact_icon_Brand.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/contact_icon_Brand.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"f2ce70dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 622f1f336f3ecf7888913b00293c8ea8
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RWGRFs6rM2nuBhjPayCFU4ncDS04nPEc6B7hbgQwLBZ7aFzMqLrCdg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn06.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn06.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn06.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 187a183ed652e88d72a94b63aaf77220
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5nnODSTuJNTVkfth0TNprz40bi5NcBpEbxciLKNUv-6v_oQ0hUzoJw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_1.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_1.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_1.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: f94dcd20a4a52f6e371b1c5bcd83b479
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vlD4tR0icxkcIixNeAB6vqpKpLCjnqKKpfqIKjDSQrs6Quk07L4y1Q==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_8.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_8.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_8.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: a73f4b417af0203b39e103cb5818b067
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dcKGE2ta7mp4um6X4eW0G-K-bvEP0VPzZwU-j8itnn0-nG3VeTMeAg==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_2.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_2.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_2.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: a4990daacbf3497e88dff2bc9166c26b
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pf9mujfxyUI15Sm4OCuL5hK0V2KkBA0H1Rz03zrTwANFCnXLCM-Yow==
X-Firefox-Spdy: h2
www.sabab2b.com/img/02_icon_9.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/02_icon_9.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/02_icon_9.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: bc5acdc0593a9640b9451e88898614e7
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xFT1pm7uHIgAMu_-typtFzko2Iw1xz1YUYc309panRdbSbvI_BlTFw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/03_icon_2.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/03_icon_2.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/03_icon_2.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"817669dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: f83a86a014509c6046bc963c8deea963
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HXyRhcZkYTbuZAjaqpEY1hYNJFUW3A0iUtPkBX2vesFj_hmsT_dIdA==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn04.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn04.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn04.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 85e184b9afb26108a786a76f7baf4d53
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gFS2U04EHg3QF2NKmCSF8I6n-r3AJAmKw6Cfdc2xQLr6Hj0k_2syWw==
X-Firefox-Spdy: h2
www.sabab2b.com/Content/owlcarousel-css?v=o_SaICeEW8rR_GxC77shiDNINr2_a_75Jt1IXhbZ9Hk1
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/Content/owlcarousel-css?v=o_SaICeEW8rR_GxC77shiDNINr2_a_75Jt1IXhbZ9Hk1
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /Content/owlcarousel-css?v=o_SaICeEW8rR_GxC77shiDNINr2_a_75Jt1IXhbZ9Hk1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: Accept-Encoding, User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 0c8e5bc8df36aaac11f974516e4f790d
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kOhJ6NL5FwoYCM_Axyni02cEWEwzKIV2X3EAktaDHnW9gnFBh2Df0g==
X-Firefox-Spdy: h2
www.sabab2b.com/Content/vintage-popup?v=SEJXGqlgxg5VZCjFlZrOnf07LDNCzUvwwI8NZB0l8Zw1
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/Content/vintage-popup?v=SEJXGqlgxg5VZCjFlZrOnf07LDNCzUvwwI8NZB0l8Zw1
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /Content/vintage-popup?v=SEJXGqlgxg5VZCjFlZrOnf07LDNCzUvwwI8NZB0l8Zw1 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=utf-8
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
cache-control: public
expires: Tue, 26 Sep 2023 22:38:03 GMT
last-modified: Mon, 26 Sep 2022 22:38:03 GMT
vary: Accept-Encoding, User-Agent
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 9f8167593ca2cb6347cb6dad1cdefbbf
timing-allow-origin: *
content-encoding: gzip
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7evEaevR2dffYJ3Upcrrs5Y4KVhN_Y7kTCEokAlf_OccfSMkGRaNJw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/06_slider_btn01.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/06_slider_btn01.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/06_slider_btn01.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"d2d86bdcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: b2330047f76bb95042db4166d01ca2f6
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PlL7xc3cwErloWMFQ1L557v7ubtspHVWleoFtJJOqM30cU1pXWm6Uw==
X-Firefox-Spdy: h2
www.sabab2b.com/img/01_icon_2.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/01_icon_2.svg??v202209230003
IP 54.230.111.27:0
Analyzer Verdict Alert fortinet Phishing
GET /img/01_icon_2.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:03 GMT
last-modified: Mon, 15 Nov 2021 03:49:58 GMT
etag: W/"311467dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: 3bb2d5c2376773a4a4b956a18a29428a
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uWu6DKdRIbm8ScubxZtN-HWX2TiPoqNdzO5RNyp_LG2hBlwVejZ1XQ==
X-Firefox-Spdy: h2
www.sabab2b.com/img/icon_flagCS.svg??v202209230003
54.230.111.27200 OK 0 B URL HTTP/2 www.sabab2b.com/img/icon_flagCS.svg??v202209230003
IP 54.230.111.27:0
GET /img/icon_flagCS.svg??v202209230003 HTTP/1.1
Host: www.sabab2b.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.sabab2b.com/zh-CN
Cookie: ASP.NET_SessionId=gnqirzed24b5sqoihb14xdrh; __RequestVerificationToken=GXGUshfUHtI0FsYG2tcvMILVxwCKx9Lp1zRVR01yoJgc1eACsWdGf5-8yJCEYpywRixuoIiDTLzUk9jlW8tOMwDwHrs1; _ga_W1VBK4NVK4=GS1.1.1664231880.1.0.1664231880.0.0.0; _ga=GA1.1.1476008224.1664231881
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Mon, 26 Sep 2022 22:38:04 GMT
last-modified: Mon, 15 Nov 2021 03:49:59 GMT
etag: W/"faf777dcd3d9d71:0"
via: mly, 1.1 4bbc14b5834fc74ccd249b954b43a08c.cloudfront.net (CloudFront)
x-mly-id: ad1f772536ab0a2a4c2fa76811b5c72b
timing-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6yWm26u-GG5co0j-iIiAFBaiI0jhbn0Fak-Vq3C7gQ34mZ9Cm-7vWQ==
X-Firefox-Spdy: h2