r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11817
Expires: Wed, 30 Nov 2022 18:30:11 GMT
Date: Wed, 30 Nov 2022 15:13:14 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f3cf023c797da81728c0ac84c8759331
fa07c5e39e4b0741ea484101cccb2202acea9d9c
5206a0bac8bf78d6b84322519271a1ece2c1039a0090e583de6d6192d88873d0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6080
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:13:14 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:54 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 30 Nov 2022 14:18:02 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3312
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10168
Expires: Wed, 30 Nov 2022 18:02:42 GMT
Date: Wed, 30 Nov 2022 15:13:14 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TAYkHWHS30YAOA9lAg6ULIPqlbvP41frJijN27rzhoyYolJH76uA6SclIpBrwaEC8j9S5LZzGog=
x-amz-request-id: W9YYXEF7FNGW2HT2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 30 Nov 2022 14:45:54 GMT
age: 1640
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 30 Nov 2022 15:13:14 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 30 Nov 2022 15:11:14 GMT
cache-control: public,max-age=3600
age: 120
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
18.138.38.47/
18.138.38.47302 Found 340 B IP 18.138.38.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 6ad094ba43d27a4ad96cbea25d451169
a1d3deea11c7d3a9997788ce77013d00c05e2218
e48699da44b1fa23f52e13feef81dc24ac0f634ac8e3bf1901259d6c5a45c819
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 15:13:14 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Location: http://18.138.38.47/home
Set-Cookie: XSRF-TOKEN=eyJpdiI6ImRmandISUQ3VWtMUzFsNDk3SGoxVHc9PSIsInZhbHVlIjoidzN0RVVzdGdpeDZPOFFLaE04M2pGNmlRRXJcLytnRWpFdjAwWXJSbWZzbWN0YjBETW5DOU5cLzdwbTdsNFBCR3VWT2tBcVZTQ2FQekluWWRmRTdrYlRrUT09IiwibWFjIjoiNTIwNjliMTFlZDRjNmI3NmM2ZWE4MmY1ZGYwZjc1NGE4ZDI3MDhiODk5YjlmODQ2ZmVjZmE0M2MwOTQxNDhlYyJ9; expires=Wed, 30-Nov-2022 15:43:14 GMT; Max-Age=1800; path=/
alivehq_testing_session=eyJpdiI6IjZqa25SaFwvTTQyK2xSOFBIRkx2NWVnPT0iLCJ2YWx1ZSI6IityY2tJekFcLzBFZ1dSaDY0V25HOUViSnN0Z3hrbGZ5NnY5VHBnOHJlMVpldjV2SnB5cmh4K2RnWnJiY0RJVVR5NTQxb2E4THpUTkRLcXd4VjlTcjVldz09IiwibWFjIjoiNGVlODQ5MjQzZmYwMDFkYjliYzk5ZDYwMTkwOGZmZTVhODczMDhiMzQ1ODYwMzQxYjM0YTI5MDQzN2UyOGVmOCJ9; expires=Wed, 30-Nov-2022 15:43:14 GMT; Max-Age=1800; path=/; httponly
Content-Length: 340
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cfdd00e67ee6ca21712b867eb5288ab6
b61d5d6ec3b7ad71619e13e32c87f2d01871b88a
f740cac6dfedc1bf0f82efb10dac4f6ffb22f9bb5d4a9b68a4cd971dd2f65793
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6077
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 30 Nov 2022 15:13:15 GMT
Last-Modified: Wed, 30 Nov 2022 13:31:58 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
44.237.93.5101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.237.93.5:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: orKoKriVPAyH0qEhObVflA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: hJ84qdAcxfJSZl/tSqoxGytGSSE=
18.138.38.47/home
18.138.38.47302 Found 344 B IP 18.138.38.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7552ee8bcdd816b2c52395c94e72e32
0899e1e30672c9bcc30d3219d375673e7b793735
4a100f09935b37e1e4bca7b0804484246e10d8a629d71bd795abedb4124cfafa
Analyzer Verdict Alert quad9 Sinkholed
GET /home HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImRmandISUQ3VWtMUzFsNDk3SGoxVHc9PSIsInZhbHVlIjoidzN0RVVzdGdpeDZPOFFLaE04M2pGNmlRRXJcLytnRWpFdjAwWXJSbWZzbWN0YjBETW5DOU5cLzdwbTdsNFBCR3VWT2tBcVZTQ2FQekluWWRmRTdrYlRrUT09IiwibWFjIjoiNTIwNjliMTFlZDRjNmI3NmM2ZWE4MmY1ZGYwZjc1NGE4ZDI3MDhiODk5YjlmODQ2ZmVjZmE0M2MwOTQxNDhlYyJ9; alivehq_testing_session=eyJpdiI6IjZqa25SaFwvTTQyK2xSOFBIRkx2NWVnPT0iLCJ2YWx1ZSI6IityY2tJekFcLzBFZ1dSaDY0V25HOUViSnN0Z3hrbGZ5NnY5VHBnOHJlMVpldjV2SnB5cmh4K2RnWnJiY0RJVVR5NTQxb2E4THpUTkRLcXd4VjlTcjVldz09IiwibWFjIjoiNGVlODQ5MjQzZmYwMDFkYjliYzk5ZDYwMTkwOGZmZTVhODczMDhiMzQ1ODYwMzQxYjM0YTI5MDQzN2UyOGVmOCJ9
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 30 Nov 2022 15:13:14 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Location: http://18.138.38.47/login
Set-Cookie: XSRF-TOKEN=eyJpdiI6IitHTVdTenBPUHBMVWI0Ulhwb1RcLzd3PT0iLCJ2YWx1ZSI6Im9SZjE3am5qVTNvaEltbnIrVE1ZMjk1MEtVZTdrOWNJcFVyMFNnQ0Mxa1g3Sm9wczFpaDRFdW96aVVIcUoxTkZJYXNCMTNQYzlJcUlyclFKaHZBeHNnPT0iLCJtYWMiOiJjMGFiOTJkZmRiNWYxNGI2ODgwNGQxM2VhYzNmYjNjOGU2YTczODlhMDdmYzcwN2FlMzg2OGY2OWEzMGU1ODhhIn0%3D; expires=Wed, 30-Nov-2022 15:43:14 GMT; Max-Age=1800; path=/
alivehq_testing_session=eyJpdiI6Im50RmtYcE9tWld5T3VDTmFYRHV6OEE9PSIsInZhbHVlIjoiVWlWNnlFZFdYSWg2c1pKUDFvK25Zb3hkdkJTU1FHZUp1TU4yV1cxckdlMTNsYkNXRjMxQWhIVE9wbndmZDJFZElZYnFkSlBiekRnWHlKMlUwZktZelE9PSIsIm1hYyI6IjdiZTU4MDI4NzEwZTNiOTkwZjIwMTgzZjhiMGQ1ZDdhYjIxMzVmMmZiNjlmOThmOTU4MDY3ODU1MjkyOGQzM2MifQ%3D%3D; expires=Wed, 30-Nov-2022 15:43:14 GMT; Max-Age=1800; path=/; httponly
Content-Length: 344
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
18.138.38.47/login
18.138.38.47200 OK 1.3 kB IP 18.138.38.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ff6946fc0c641fbecb74f8d0a959f336
db9bdebe9fa6d241bbf9927ebd605b10fde64b50
d02f94d2002eef42d01758d1616ea5f5b5cf41fc329f501773f33c6183c29053
Analyzer Verdict Alert quad9 Sinkholed
GET /login HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6IitHTVdTenBPUHBMVWI0Ulhwb1RcLzd3PT0iLCJ2YWx1ZSI6Im9SZjE3am5qVTNvaEltbnIrVE1ZMjk1MEtVZTdrOWNJcFVyMFNnQ0Mxa1g3Sm9wczFpaDRFdW96aVVIcUoxTkZJYXNCMTNQYzlJcUlyclFKaHZBeHNnPT0iLCJtYWMiOiJjMGFiOTJkZmRiNWYxNGI2ODgwNGQxM2VhYzNmYjNjOGU2YTczODlhMDdmYzcwN2FlMzg2OGY2OWEzMGU1ODhhIn0%3D; alivehq_testing_session=eyJpdiI6Im50RmtYcE9tWld5T3VDTmFYRHV6OEE9PSIsInZhbHVlIjoiVWlWNnlFZFdYSWg2c1pKUDFvK25Zb3hkdkJTU1FHZUp1TU4yV1cxckdlMTNsYkNXRjMxQWhIVE9wbndmZDJFZElZYnFkSlBiekRnWHlKMlUwZktZelE9PSIsIm1hYyI6IjdiZTU4MDI4NzEwZTNiOTkwZjIwMTgzZjhiMGQ1ZDdhYjIxMzVmMmZiNjlmOThmOTU4MDY3ODU1MjkyOGQzM2MifQ%3D%3D
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:15 GMT
Server: Apache/2.4.18 (Ubuntu)
Cache-Control: no-cache, private
Set-Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; expires=Wed, 30-Nov-2022 15:43:15 GMT; Max-Age=1800; path=/
alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D; expires=Wed, 30-Nov-2022 15:43:15 GMT; Max-Age=1800; path=/; httponly
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1310
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
18.138.38.47/vendor/font-awesome-4.7/css/font-awesome.min.css
18.138.38.47200 OK 7.1 kB URL HTTP/1.1 18.138.38.47/vendor/font-awesome-4.7/css/font-awesome.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (30837)
Hash 52f1a8a2ce85fa8432308b33bc1a2e79
fd80917af5371c8ecad0198592a1e7cce4b77b0e
07bd6a9ea0213e20f362485aadc17a88c486ecfb394004b41b8b38db6e6a35f6
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/font-awesome-4.7/css/font-awesome.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:15 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:20 GMT
ETag: "7918-5b1626ad19805-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7053
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/font-awesome-5/css/fontawesome-all.min.css
18.138.38.47200 OK 7.8 kB URL HTTP/1.1 18.138.38.47/vendor/font-awesome-5/css/fontawesome-all.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (35179)
Hash e61cc7e8af17d4eec0b7c2b7d71c6107
7133f17a2823a0acf14a1a8e04f872acb7483465
9b0a1edac95e8ee98d28f526c402a1eb0c96d464891ad2b54f69ca8a54165361
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/font-awesome-5/css/fontawesome-all.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:15 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:19 GMT
ETag: "8a1f-5b1626ac0bf86-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7762
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/css/font-face.css
18.138.38.47200 OK 935 B URL HTTP/1.1 18.138.38.47/css/font-face.css
IP 18.138.38.47:0
Hash 62fc71171cd5f97d1277718c03091e1c
fb436dcf04d03cf9db256c67f40587fb01d0c069
55d8fed487fe6989fd57860888aa9c1cc8437677bd3f66fd59c98d8625eb1980
Analyzer Verdict Alert quad9 Sinkholed
GET /css/font-face.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:15 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:51 GMT
ETag: "36a1-5b162691d421d-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 935
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Wed, 30 Nov 2022 18:06:11 GMT
Date: Wed, 30 Nov 2022 15:13:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Wed, 30 Nov 2022 18:06:11 GMT
Date: Wed, 30 Nov 2022 15:13:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Wed, 30 Nov 2022 18:06:11 GMT
Date: Wed, 30 Nov 2022 15:13:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Wed, 30 Nov 2022 18:06:11 GMT
Date: Wed, 30 Nov 2022 15:13:16 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a97c452e75cf1d4833e777d7ba7f2c47
58f15763fd33f742ce870f49f1c2dbed5b41205f
39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10375
Expires: Wed, 30 Nov 2022 18:06:11 GMT
Date: Wed, 30 Nov 2022 15:13:16 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbe350ea797a0fec5a19a450fc5de4b4
2f3a39a528d3b759060203931de33c12303592e1
4d661dac2e19e07ae15d0f8cf00bd268c6c2defb2f5e4de38fcb6e7031dfd605
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F13e1db4e-7108-464a-85b6-24ac0c4609f9.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9330
x-amzn-requestid: 3fad352d-7664-43e0-9395-e840f671ca61
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFQFIdoAMFSmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a21-5e9847852f8435231d401fe6;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: mCEtSOenWKxay4vNy5mN9cexxXKXKt7TMuLaLw-M86tLKwQ2MwuxPg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:00:54 GMT
age: 61942
etag: "2f3a39a528d3b759060203931de33c12303592e1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 777ce44582c70bf01a31da4cab366f36
57e1d34f146d5ccd9943aa97bcc3158f7103bb07
fbdc8f65ae74dc13b7aafec464f08fdc9902af519946200ec52432ac3ca55982
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd170538c-f8cf-4acb-ba33-2ead00b9db73.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10958
x-amzn-requestid: abfea5b0-58f5-49e1-b78e-7cf456d03cb3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgFHF9oIAMF5lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a20-5ab719292d440d083b07a478;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: gCt9oHpZ68tLCYHIYpI1XLtADkScxwf12kDFnU0o5WoQIVSzWlqozw==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:16:52 GMT
etag: "57e1d34f146d5ccd9943aa97bcc3158f7103bb07"
content-type: image/jpeg
age: 60984
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: 768fc69c-e91b-4dd9-8add-63634762b2d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMpbgEFOIAMF71A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bc49-21756db31c4714af0553f21b;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:12:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jS-AS3x8V3XacXRNkU63UJjBxA6unvBer5WcxUYseR5p4eZPK64o2g==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 30 Nov 2022 04:55:46 GMT
age: 37050
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59baec8db5ced0210ab766ea5636a5fd
f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b
33ff55891f18c22970804f1b8b2ba6821ddfd7426b01486410bd43f2b4295a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F250668cd-c9db-4014-b576-3aaad4eb9150.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5785
x-amzn-requestid: ee77265b-8e90-4035-8ef1-92a2d26aaefa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDaHdWoAMFqmw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-0d10d74030e7aee74804b654;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: QhUrNKIJUxXTYFTgfCwizAd9L4PdLMVLbqv1sHmmnrWya0xz1MTSiw==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 22:08:46 GMT
etag: "f7cf3a0f89751a02fbcf8d21f505f24a74e8b30b"
content-type: image/jpeg
age: 61470
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e00769bd1391b8f4f5b8ab128a825355
e4ddf955e8ac1986045ed55880c43c69e588a021
81ca4d20c28fed8fd3135515daadc1fdbfb4198535d7c46021b418b8b98e59a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F67bb1888-5971-4b4a-923b-dc9d4050182b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7298
x-amzn-requestid: 381e55bb-876b-46ad-84b6-1ddf9f876f56
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYgDcE3poAMFaAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867a15-7c12394600900afc7281e858;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:31:01 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8heT2eN5oLbO14R9qLq78Vma_TkteufTyKM5i3K2XoJYXfWNwLMEwQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:56:25 GMT
age: 62211
etag: "e4ddf955e8ac1986045ed55880c43c69e588a021"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 05196ec43964cf559caa0c0279148d62
6170d6776615503e3e29f86783febc3e3e78ca66
47f3a5cde661987e3496ce110a0170b10087dd9ba8d4fd691c4830587ba3fa3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff2730750-552d-4852-8ce1-503874565f75.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9051
x-amzn-requestid: 1032dd9c-a15e-4e8a-9c81-07419e8caf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cYhGvEMNIAMFaKw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63867bc4-1005c20a33320dbf6567ca31;Sampled=0
x-amzn-remapped-date: Tue, 29 Nov 2022 21:38:12 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IMaVlQblNnh9mFKwb2LG7hw7h_f1_nVYqO4aEUqY01a2HofnnQqcFQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 21:49:31 GMT
age: 62625
etag: "6170d6776615503e3e29f86783febc3e3e78ca66"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
18.138.38.47/vendor/animsition/animsition.min.css
18.138.38.47200 OK 2.2 kB URL HTTP/1.1 18.138.38.47/vendor/animsition/animsition.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (27282)
Hash de74660f0ccc8bee854064e0036baf8f
ee96f6364955f5cf9cd4abff5233fc56e1720cf1
7cc0066820711213a2b600397cf645ff206e85d13d1bd1758a462c17bb8d455a
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/animsition/animsition.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "6b56-5b162696297a8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2241
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/wow/animate.css
18.138.38.47200 OK 4.5 kB URL HTTP/1.1 18.138.38.47/vendor/wow/animate.css
IP 18.138.38.47:0
Hash 0411dbcbebc713bd4502c106d1a37458
38c525cc07ad24cd52d0bf59b7ce9613ddc6d152
4d6ee5c53aa941055dda6921a1c9235ce6124d2910da05ec1b1704377b040eef
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/wow/animate.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:58 GMT
ETag: "1252c-5b162697fa503-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4468
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/mdi-font/css/material-design-iconic-font.min.css
18.138.38.47200 OK 8.0 kB URL HTTP/1.1 18.138.38.47/vendor/mdi-font/css/material-design-iconic-font.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 8e52d20cf4fddc255d601b84eb80ff21
bfee70e6b9023a19bdc803e525759d1baca76e3d
64e48e86e8ca9bb84b40fe9dddaec3c3f131552445fc9d9d5593a6174f9b8269
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/mdi-font/css/material-design-iconic-font.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:31 GMT
ETag: "1149f-5b1626b7d7816-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8004
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/css-hamburgers/hamburgers.min.css
18.138.38.47200 OK 2.3 kB URL HTTP/1.1 18.138.38.47/vendor/css-hamburgers/hamburgers.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (21991)
Hash 93ce448226744cfc9ff717b7595d95d1
aeb13e81a4eb8634ea7cebbffd44388e6a81bdc0
04e6b2acfafb00e591d9d48eab8b5b24605ace810227f57fee8938ef59c3febd
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/css-hamburgers/hamburgers.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "569c-5b1626967e701-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2312
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/slick/slick.css
18.138.38.47200 OK 569 B URL HTTP/1.1 18.138.38.47/vendor/slick/slick.css
IP 18.138.38.47:0
Hash 8089b828484e2269d5dcb1089c4004ba
9b61a0f5bf48ef08890dbae954ee9b5a90015d2c
35c1c8741af6e18aa88caca3d060e26808e1103a29b3ee0415ae3e3b648bcd09
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/slick/slick.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:57 GMT
ETag: "6f0-5b16269715cd5-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 569
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/perfect-scrollbar/perfect-scrollbar.css
18.138.38.47200 OK 655 B URL HTTP/1.1 18.138.38.47/vendor/perfect-scrollbar/perfect-scrollbar.css
IP 18.138.38.47:0
File type troff or preprocessor input, ASCII text
Hash 17746aab8ba4b2c7030c4e03914baff1
4dd77be805f076828eca2a5d45fb79d04fa9cdf8
ea7c7b652eaab9beeb8b2860489d41aaa7ca14a0870b4e9e36ae4f9507c2df5c
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/perfect-scrollbar/perfect-scrollbar.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:18 GMT
ETag: "a26-5b1626ab0a287-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 655
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/bootstrap-4.1/bootstrap.min.css
18.138.38.47200 OK 21 kB URL HTTP/1.1 18.138.38.47/vendor/bootstrap-4.1/bootstrap.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (65324)
Hash 38f745174e06995541ce3df4e12cf121
033967295cf3e90282570b349f644c28a1ac89bf
c5662e0d63e606d98a53572f86ce46faa93a63faacf94200d35982886d0263f1
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/bootstrap-4.1/bootstrap.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "22485-5b162695e32af-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 21021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/bootstrap-progressbar/bootstrap-progressbar-3.3.4.min.css
18.138.38.47200 OK 774 B URL HTTP/1.1 18.138.38.47/vendor/bootstrap-progressbar/bootstrap-progressbar-3.3.4.min.css
IP 18.138.38.47:0
File type Unicode text, UTF-8 text, with very long lines (4898)
Hash c3cd3bcc19e4837bab7911c8e60982a3
b7dfb8e59c527b090ffb02e718fbdf67fcf37352
d6867502e1c55f6aa2d0742f47344c98eda43c592ea3c96b5ed6cef25d1650c0
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/bootstrap-progressbar/bootstrap-progressbar-3.3.4.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:19 GMT
ETag: "1396-5b1626ab9ab06-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 774
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/bootstrap-4.1/popper.min.js
18.138.38.47200 OK 7.2 kB URL HTTP/1.1 18.138.38.47/vendor/bootstrap-4.1/popper.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (20322)
Hash aedb3996bacdd3cd0b958c2d47e51b7c
0f78cb5a4586342bf26e1afad7349a72ce27361b
0b97cd9f1f5218974f0314faeedfa15a951e4f77d0984fe7aa61c616cc34f6d8
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/bootstrap-4.1/popper.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "500f-5b162695f2cad-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7241
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/bootstrap-4.1/bootstrap.min.js
18.138.38.47200 OK 14 kB URL HTTP/1.1 18.138.38.47/vendor/bootstrap-4.1/bootstrap.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (50395)
Hash 98fd10e90180b9fe7206cef03c39ef26
3dd717f34a0e86aee9acaf8d29ff9b2892c82459
fc3cbdfca4a27cddc2b7441a46134a9c365c6d9643b5671c341c9eea8ddfea14
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/bootstrap-4.1/bootstrap.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "c5f4-5b162695e618e-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14038
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/css/theme.css
18.138.38.47200 OK 25 kB URL HTTP/1.1 18.138.38.47/css/theme.css
IP 18.138.38.47:0
Hash 355408082a9bf4f6e8443e48c2eb96d4
843272d7b558fab1115ae2c54b596a212319b0f3
268033d9b9a34dee24c5d2391c42cc84525af94fbb8bfdea47ae0852ca8ed4e1
Analyzer Verdict Alert quad9 Sinkholed
GET /css/theme.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:52 GMT
ETag: "396b6-5b162691dbf1c-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25202
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/vendor/slick/slick.min.js
18.138.38.47200 OK 10 kB URL HTTP/1.1 18.138.38.47/vendor/slick/slick.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (42862)
Hash a200e519b47aabb15179d3d44b42a20d
40f67edd6550052b130507ed1a56650c6bdb798f
ea316b7198f70a2c53e9f534e6c2b9f6e570e4a7369d5c0508cd38de275717db
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/slick/slick.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:58 GMT
ETag: "a76f-5b1626981b840-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10442
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/jquery-3.2.1.min.js
18.138.38.47200 OK 30 kB URL HTTP/1.1 18.138.38.47/vendor/jquery-3.2.1.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (32058)
Hash 3430607b4301113ad9394c9260eef3f0
8c4db68b161b17e31be300e968a30ab0116b3193
31e4d11375322cd6f94dba7338570426f2412d6c5fa670427966d45c3648098c
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/jquery-3.2.1.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:16 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:55 GMT
ETag: "15283-5b162695a1bd4-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30138
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/wow/wow.min.js
18.138.38.47200 OK 2.7 kB URL HTTP/1.1 18.138.38.47/vendor/wow/wow.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (8385)
Hash 642cdb5c8cacc5096438747217356e26
096d52889973afaa9e73bb4b76463c6af8f69df0
c929db744440739263b08afd47af845626a5f7b5b879177c194a91d72f668f02
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/wow/wow.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:58 GMT
ETag: "20df-5b162697bcca7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2741
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/animsition/animsition.min.js
18.138.38.47200 OK 2.0 kB URL HTTP/1.1 18.138.38.47/vendor/animsition/animsition.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (5415)
Hash 6b8d8e542ec21b7658458e71ea366450
bb1c66a03904ee41c573b012766b9b460347951f
f1089652852ef18875de26da2f0747141a4507a813b5aa8e105d965fef52a813
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/animsition/animsition.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "15ef-5b1626961dc29-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1976
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/bootstrap-progressbar/bootstrap-progressbar.min.js
18.138.38.47200 OK 997 B URL HTTP/1.1 18.138.38.47/vendor/bootstrap-progressbar/bootstrap-progressbar.min.js
IP 18.138.38.47:0
File type Unicode text, UTF-8 text, with very long lines (2217)
Hash 7094bcae7e04526ed94493d7fb70e6d4
ff8b4e965a38b76eff750dab975e2d04daf67a87
f54f342839b25690f0d2b89d37a2d404a4bc80d96826456e4fe10009901a08f4
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/bootstrap-progressbar/bootstrap-progressbar.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:19 GMT
ETag: "91d-5b1626ab9ca46-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 997
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/counter-up/jquery.waypoints.min.js
18.138.38.47200 OK 2.7 kB URL HTTP/1.1 18.138.38.47/vendor/counter-up/jquery.waypoints.min.js
IP 18.138.38.47:0
File type Unicode text, UTF-8 text, with very long lines (8668)
Hash d27e098f0ca17ded43229251576106e5
c230da645e92889aa2e7dcacd2100bde838498f9
b43cd887c25cdea88282bbf09f1d0d509f0416a960bb8139460f42e493552db7
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/counter-up/jquery.waypoints.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "2281-5b1626965e364-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2698
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/counter-up/jquery.counterup.min.js
18.138.38.47200 OK 852 B URL HTTP/1.1 18.138.38.47/vendor/counter-up/jquery.counterup.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (2181)
Hash ca5469ea6cc1d91da4306a0d8e99af7d
3928aa77c7f9cc5be40271606e034941805fb87b
648d1cf71ab891b4acb77cb1af10c3b0ba75a0c43535d289d62f972a08247870
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/counter-up/jquery.counterup.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:56 GMT
ETag: "886-5b1626965f304-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 852
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/circle-progress/circle-progress.min.js
18.138.38.47200 OK 1.9 kB URL HTTP/1.1 18.138.38.47/vendor/circle-progress/circle-progress.min.js
IP 18.138.38.47:0
File type ASCII text, with very long lines (4187)
Hash 17e03c25c1adace35a69d497d96aceb5
c7aae6a89c5ae89a5897a72814ce0f722132ffcb
b9763cd47467fbb908ad8b2552a7f44d8313afb0ace7934ffb9119a7e78a8048
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/circle-progress/circle-progress.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:19 GMT
ETag: "115d-5b1626abbed26-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1865
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/perfect-scrollbar/perfect-scrollbar.js
18.138.38.47200 OK 7.7 kB URL HTTP/1.1 18.138.38.47/vendor/perfect-scrollbar/perfect-scrollbar.js
IP 18.138.38.47:0
Hash 32fabc2212d25ab7d9517631e7f768e8
d2bc2792b2118537c5dd9fa10e43cc82252cba08
68a9e088ff85fbc89844ed81486febdcdbea298ad9cf3fde6e339dcf8d6ba5b6
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/perfect-scrollbar/perfect-scrollbar.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:18 GMT
ETag: "8818-5b1626ab75946-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7699
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/select2/select2.min.js
18.138.38.47200 OK 19 kB URL HTTP/1.1 18.138.38.47/vendor/select2/select2.min.js
IP 18.138.38.47:0
File type Unicode text, UTF-8 text, with very long lines (32091)
Hash 781d26c70b32fe18c93c2c7a20060370
8b7b946db6b1f7d151ed0f76012641f8e7ba83d6
180879347b62f29bcc5f5b1898566dca64827329582317fb70e275ea4c2d80be
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/select2/select2.min.js HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:17 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:18 GMT
ETag: "10468-5b1626aaaa747-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19023
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
18.138.38.47/vendor/select2/select2.min.css
18.138.38.47200 OK 2.0 kB URL HTTP/1.1 18.138.38.47/vendor/select2/select2.min.css
IP 18.138.38.47:0
File type ASCII text, with very long lines (15195)
Hash 74cafc55fd4afb3a6c0a72a2d7f9cde3
61fafd31da714aca39ae881c63f6592c65fef75d
484d79735bd0cc611276b69fa005afe594b1160b816d6ed93775fc7258108110
Analyzer Verdict Alert quad9 Sinkholed
GET /vendor/select2/select2.min.css HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:18 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:12:13 GMT
ETag: "3b5c-5b1626a643812-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1987
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
18.138.38.47/fonts/poppins/poppins-v5-latin-regular.woff2
18.138.38.47200 OK 7.9 kB URL HTTP/1.1 18.138.38.47/fonts/poppins/poppins-v5-latin-regular.woff2
IP 18.138.38.47:0
File type Web Open Font Format (Version 2), TrueType, length 7904, version 1.0\012- data
Hash ce0c9ae08840a0b43bccb9f5a86e155d
cf8f4eb352625f35367336662ef71539870b638c
44bae3586c48283835d9e8155b181de3f59c660b72e3a2b3f2ccb1c0ee618487
Analyzer Verdict Alert quad9 Sinkholed
GET /fonts/poppins/poppins-v5-latin-regular.woff2 HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://18.138.38.47/css/font-face.css
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:19 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Sun, 11 Oct 2020 10:11:52 GMT
ETag: "1ee0-5b162692c45c0"
Accept-Ranges: bytes
Content-Length: 7904
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
18.138.38.47/favicon.ico
18.138.38.47200 OK 0 B IP 18.138.38.47:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 18.138.38.47
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://18.138.38.47/login
Cookie: XSRF-TOKEN=eyJpdiI6IlFZanpybEdCSXZzU3RCelIza2w5dFE9PSIsInZhbHVlIjoiY0ZNdVVDUG04eDBjdjl0QXZmaWQzTGl2TUl4MDlMRHpvSXg1a1BEZXlJcks0NnRGUDl0MEdTV2NrZHlGdVwvbk5BakRzOVcxNFRYXC9YdzVITGk0SGJidz09IiwibWFjIjoiNDU4MzA5MTZiYjg5YWNmYzlkODQ5ZjRjYmY3YTFlYzJjZmYzODJjNjQwMzlmNDA0YThmMTQ4YjJkOGIyMjQ0MiJ9; alivehq_testing_session=eyJpdiI6IlczS29xNE95UkR5eHpQRVA0dFJcL1wvdz09IiwidmFsdWUiOiJvRFgrWm16RUFQcHZnODdNTDdUeExrbFBYaXR2NjU0UE14U0VXXC9BVGxwblh1d3daTmk0K3ZFeUNWUVJvdjVBMEd5VXBzUE9jTThCQzBjNXpxTjkzTHc9PSIsIm1hYyI6ImRlMWJkYjFhZDg1ODVmMzg5OTkyZGM0ZWZkZDQ0ODBhMTcwYmU1NmY3NDMxOTczNjY5ZjBiM2E3Y2JlZDRjYWMifQ%3D%3D
HTTP/1.1 200 OK
Date: Wed, 30 Nov 2022 15:13:19 GMT
Server: Apache/2.4.18 (Ubuntu)
Last-Modified: Wed, 05 Oct 2022 02:00:00 GMT
ETag: "0-5ea3fef2c89dc"
Accept-Ranges: bytes
Content-Length: 0
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon