r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash f5e46725831d8d722872bf68d752f4c5
cf37793a1b73e3f84fe6c37fb27382c83b49dbc0
0582b6180687dd95c7fd728f1b9db4495b807151e309b608ad203d69708f9da6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0582B6180687DD95C7FD728F1B9DB4495B807151E309B608AD203D69708F9DA6"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6370
Expires: Thu, 26 Jan 2023 08:31:12 GMT
Date: Thu, 26 Jan 2023 06:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 58ffdcb539c3b250fdf31ed761627fc1
5b55b1522ef84c39b5c42f9bbfbc62b806c1269f
eb783cfa8c8544b0574b345abc0bf3c150979d4efce1a013f17b6cd48076fc63
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB783CFA8C8544B0574B345ABC0BF3C150979D4EFCE1A013F17B6CD48076FC63"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2574
Expires: Thu, 26 Jan 2023 07:27:56 GMT
Date: Thu, 26 Jan 2023 06:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 49049f3c92aad686cd7ff28ecd2a5a4f
9cc2bc9c055450dbc4fae93eabe4ef8509b3ff57
02cf421968192286bb174ff0e6c818a843c4eca61a02cd493e6f95bb58a37015
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "02CF421968192286BB174FF0E6C818A843C4ECA61A02CD493E6F95BB58A37015"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3889
Expires: Thu, 26 Jan 2023 07:49:51 GMT
Date: Thu, 26 Jan 2023 06:45:02 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: U0WOwPq/7Zn+G8j+ZXYSiEbZJYZb6Eu04mCnzxvpF+8zWdU4zVxwFn4S/9PpLqpHO2T8zvPuBvs=
x-amz-request-id: 24WH6TAXT71CBS0X
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 06:19:59 GMT
age: 1503
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 06:42:52 GMT
content-type: application/json
age: 130
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:02 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.ethmining.info/
182.16.75.94301 Moved Permanently 162 B IP 182.16.75.94:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 26 Jan 2023 06:45:02 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://www.ethmining.info/
Strict-Transport-Security: max-age=31536000
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 06:41:40 GMT
age: 202
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1e2970e1480a4759282d63bb213051e4
ed5194d4d25dfc199821129be5d74be0ce49197d
18e19ea4c9c262cb9a94f89172eef2604222e779346589d470bf2e95ea295563
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "18E19EA4C9C262CB9A94F89172EEF2604222E779346589D470BF2E95EA295563"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15647
Expires: Thu, 26 Jan 2023 11:05:49 GMT
Date: Thu, 26 Jan 2023 06:45:02 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4762d3dab106c5852e08e4bf037b8479
88383c10001e2fa226f71bdfc738cbb734e13a8f
637c1f85ea71f6a0d964d91e7f954ae6fea0ecb99a8681ad4042597453df84c0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "637C1F85EA71F6A0D964D91E7F954AE6FEA0ECB99A8681AD4042597453DF84C0"
Last-Modified: Tue, 24 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 26 Jan 2023 12:45:03 GMT
Date: Thu, 26 Jan 2023 06:45:03 GMT
Connection: keep-alive
push.services.mozilla.com/
54.148.213.75101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.213.75:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: H686SHAJN03aF3Nya3arKA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: xkmPLhJy+OLwIGtiliTGAKUoLd4=
www.ethmining.info/
182.16.75.94200 OK 1.3 kB IP 182.16.75.94:0
Hash 71daff627b35974b12053edc9b6fd992
733282fba2c287b83f383fcd113b28e592ab8161
370ac7a44a1a5ecc0affea6f6b29899b7845fb1c05fece8a9f906cccb9dcbca3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: text/html
last-modified: Sun, 30 Oct 2022 01:53:45 GMT
vary: Accept-Encoding
etag: W/"635dd929-87d"
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 8210923a0cab662068be077aa20397a2
10edfce9fdfd52b761158e9df24705bfd56676ad
1931387393abac43e134000d88a671f4a92812e48cfb4e40e78e00e5b880bd17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4389
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 06:45:03 GMT
Last-Modified: Thu, 26 Jan 2023 05:31:54 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 06:45:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 06:45:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 06:45:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 06:45:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 176ab888cb4eeee86431993b3ef960e2
0eb79ca64f0f6b29837d1d7dfe12d38a3d5c3822
47984ce01d5a6281b9f2841cb119d3623e0d4202602f354628469e9158a2d6fa
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "47984CE01D5A6281B9F2841CB119D3623E0D4202602F354628469E9158A2D6FA"
Last-Modified: Tue, 24 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7850
Expires: Thu, 26 Jan 2023 08:55:54 GMT
Date: Thu, 26 Jan 2023 06:45:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c8917dd-84f1-4b51-823e-8394ce6d04f6.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c8917dd-84f1-4b51-823e-8394ce6d04f6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24ca6fe6ace94b3419e983b642430801
0fc50e2a122e2ac8d11cda7c886bb24025e5ad8a
0f9ab65a01f482cfcf6fc0f755e5b517c99f59fa91d6374539733e9b9f06cb37
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c8917dd-84f1-4b51-823e-8394ce6d04f6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6865
x-amzn-requestid: 28d6a047-16c7-4032-8e85-5fcdc0694ad2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSYDGENhIAMFfgg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d3ad-19bf771b1ae98d051303544d;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:01:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: qMsclXvyJBsmEpbALfzG5ntE7n6wps8S-C5J4cC0GSYuB7dkR0C9mQ==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:34:47 GMT
age: 83417
etag: "0fc50e2a122e2ac8d11cda7c886bb24025e5ad8a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
34.120.237.76200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ba0a42dadf6a976df148f652e9cc1844
4d825b74865effa4a858ddcad1d0969671facc07
7276a38c9ba6b13a06f24ab8b802f210f98c5541df53fbcd8e879a14d2957d95
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6418a71b-f89d-45d1-bc77-36d6312f560b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5943
x-amzn-requestid: 6774f4a4-ed83-49df-868f-4517c2af914b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXxNF2UIAMFlYw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a007-75b1e8975c3f4b503e0a1c5b;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:55 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VATQ0SjZfM_btXwR4M5keLmd-EE6717EHEiXrF2zpHNrli93EhN6Rw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:48:42 GMT
age: 32182
etag: "4d825b74865effa4a858ddcad1d0969671facc07"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 41fd0074a6ce752b1271302feade4cee
6311d1365504f06cb7516606c56c502d553c9d16
544c508899fe8855b0975a87cb0bf35663ab4ad0ec8fd057b3962d50cc001b8c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71e9b44e-6d59-411b-90e8-54e0efae62a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7365
x-amzn-requestid: c2a8ae3d-47f8-415f-bf08-78dd12ede3d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUYRwEUbIAMFnag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a0d7-38f72fec78120cf113c7a4f7;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:36:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: rB4HXb1BDKiMZ5Xsb_U1UzBInPftuAryrVUhcE7v6C5qprrGRFooFg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:51:26 GMT
age: 32018
etag: "6311d1365504f06cb7516606c56c502d553c9d16"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f62e9b7bdca82d18c945851912d8fea8
a7ca44d337c43bc5c6145b26778661c71cc50484
5da02cc405c1cada55813ffe376844375f1d6ad222cbb63405348b1f5132a0b1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a8a63ec-e0a4-4297-b143-649ad3968ae8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9595
x-amzn-requestid: c257bfbe-1bd7-4540-bbfa-e4c49a2624a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fUXwfGigoAMFvBw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d1a002-226c08656eeefbfa3c2dddb6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 21:32:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k9njnQmggD7UkVJzZqSzo90HJJjTjGK0QIoPU0HWYKrSstjM6s1rOw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 21:57:18 GMT
age: 31666
etag: "a7ca44d337c43bc5c6145b26778661c71cc50484"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b242645f0cc22e3b12c132e6d03722ac
dec70f83182de58e03bfcb95fc240b7c33f20674
59a2d8c972d27598dfe38637197f90053186c4f68b80a5a90283cb11ddaf8a31
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46a5d7d6-d259-4246-b28c-8e4355fbc747.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6609
x-amzn-requestid: 129067f4-c79b-493d-8863-2eb6c1565ee6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fSZABF4IIAMFsig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d0d533-4908ab6e5c751213084de3c6;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 07:07:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wjUfYG_uxTe4x91OXaKxABbPpmQ1rmscm3ANlGqW20OyarNjJFcjVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 25 Jan 2023 07:34:47 GMT
age: 83417
etag: "dec70f83182de58e03bfcb95fc240b7c33f20674"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab1_active.0be9c68e.svg
182.16.75.94200 OK 2.4 kB URL HTTP/2 www.ethmining.info/static/icon_tab1_active.0be9c68e.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (442)
Hash 0be9c68e2f60877be2e6bc2ac6106587
1acb99ca6fa00d195ae5e429809d2c9284b3496d
60540fa18ab33167e4bc2ea5f7cb4c6ad5f03ea921272c7736f81d3ca61b8707
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab1_active.0be9c68e.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: image/svg+xml
content-length: 2352
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-930"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab2.b3f62613.svg
182.16.75.94200 OK 2.4 kB URL HTTP/2 www.ethmining.info/static/icon_tab2.b3f62613.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash b3f626134d7728d888167ec2835a2c3a
5f059fbe1ecfe5cabc91ee8b431a1c9bbba68d39
c6f152bf0ce83dc1abff888ae63105b40f5d5dbfead227139f6158ead00827bf
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab2.b3f62613.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: image/svg+xml
content-length: 2362
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-93a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab3.e16e3b2d.svg
182.16.75.94200 OK 2.4 kB URL HTTP/2 www.ethmining.info/static/icon_tab3.e16e3b2d.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1656)
Hash e16e3b2d879f65e40fbfa4bd9e62e6d6
7a0bfa263c49a0fb90bf97b33acd138a0acedab0
37534826562d21c8e93b79d20c420feb0e1de6b1cdb6a5fcf8cd83cf0cb5465e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab3.e16e3b2d.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: image/svg+xml
content-length: 2404
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-964"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab3.e0fa067c.svg
182.16.75.94200 OK 1.9 kB URL HTTP/2 www.ethmining.info/static/icon_tab3.e0fa067c.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash e0fa067c64ab858df11c778636d0588a
ebaee241e52f0a487fd88285b5fd87c9efd1902e
52463a7ac607b02f3971816259cb04f260c71883f948b88b0e2a0cd5c568e798
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab3.e0fa067c.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: image/svg+xml
content-length: 1924
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-784"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab4.030de8bb.svg
182.16.75.94200 OK 2.3 kB URL HTTP/2 www.ethmining.info/static/icon_tab4.030de8bb.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash 030de8bbd6624be0e07786eb7b3c51f8
7df78cfc4c330cb207c3b2f904d887a16c4680cb
130d47f13609135e1bcbecf8e84eb8da063235b51254fdf4b6ced213f6a59331
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab4.030de8bb.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: image/svg+xml
content-length: 2292
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-8f4"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/js/pages-defi-defi~pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-orderType-orderIn~b51393e9.718228dc.js
182.16.75.94200 OK 32 kB URL HTTP/2 www.ethmining.info/static/js/pages-defi-defi~pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-orderType-orderIn~b51393e9.718228dc.js
IP 182.16.75.94:0
Hash a8be4647ba7a4c7c1855647bd16e9fcc
4d96276163849b5a0b67b89d6076302225502e01
735d7a009907dde572d3a5827aec6126f5951d3119976650d27646c5d65f2d34
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/pages-defi-defi~pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-orderType-orderIn~b51393e9.718228dc.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
vary: Accept-Encoding
etag: W/"632a94eb-d82c"
expires: Thu, 26 Jan 2023 18:45:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/js/pages-index-index~pages-pledge-pledge~pages-record-record~pages-share-share~pages-transfer-transfer.49c02c9a.js
182.16.75.94200 OK 12 kB URL HTTP/2 www.ethmining.info/static/js/pages-index-index~pages-pledge-pledge~pages-record-record~pages-share-share~pages-transfer-transfer.49c02c9a.js
IP 182.16.75.94:0
Hash 006b4c2a79fb1c29d6f6be1203fbf191
d557ea2fc91640052716c69bc862b49525ace097
aa6f2bc30a7e7fbd45c0ef2b9015f0b001e4834f45360e3578c9dc0e43bd0cc9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/pages-index-index~pages-pledge-pledge~pages-record-record~pages-share-share~pages-transfer-transfer.49c02c9a.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
vary: Accept-Encoding
etag: W/"632a94ec-bc97"
expires: Thu, 26 Jan 2023 18:45:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/san.png
182.16.75.94200 OK 1.2 kB URL HTTP/2 www.ethmining.info/static/san.png
IP 182.16.75.94:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash a128ceb553a9828a774fc643f1f1ef0d
015185e497b69647589922d451cc1cf586288c9b
514e55f567e0a0697c6ddadf760373c0ebf38591f70b06f4e018d945f0922c38
Analyzer Verdict Alert quad9 Sinkholed
GET /static/san.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 1167
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-48f"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/js/pages-index-index.debcd4b7.js
182.16.75.94200 OK 153 kB URL HTTP/2 www.ethmining.info/static/js/pages-index-index.debcd4b7.js
IP 182.16.75.94:0
Size 153 kB (152940 bytes)
Hash 52b5017150e58fef70a18e7d6454d01f
16e86206addfa03add8499d19d6dfdf3deaa415f
821fea056d3e971f1542012b1d3e85c7858ec6ce32da126d15186b1de76b96ae
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/pages-index-index.debcd4b7.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
vary: Accept-Encoding
etag: W/"632a94eb-7cbb4"
expires: Thu, 26 Jan 2023 18:45:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/fonts/Verdana.7652f550.7652f550.ttf
182.16.75.94200 OK 150 kB URL HTTP/2 www.ethmining.info/static/fonts/Verdana.7652f550.7652f550.ttf
IP 182.16.75.94:0
File type TrueType Font data, digitally signed, 20 tables, 1st "DSIG", 40 names, Macintosh, Typeface and data \251 1996 Microsoft Corporation. All Rights ReservedVerdanaRegularMicrosoft:Ve\012- data
Size 150 kB (149752 bytes)
Hash 7652f550f74d065c79f44da613344338
da80da32b18cf7f7feb663715fcb20b993ef2a9b
886eedb1df75504d383d10cc40404e56f6361be50e50986d7568ba94ea43cac3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/Verdana.7652f550.7652f550.ttf HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: application/octet-stream
content-length: 149752
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
etag: "632a94eb-248f8"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/fonts/verdanab.daedaf09.daedaf09.ttf
182.16.75.94200 OK 138 kB URL HTTP/2 www.ethmining.info/static/fonts/verdanab.daedaf09.daedaf09.ttf
IP 182.16.75.94:0
File type TrueType Font data, digitally signed, 18 tables, 1st "DSIG", 64 names, Macintosh, Typeface and data \251 1996 Microsoft Corporation. All Rights ReservedVerdanaBoldMicrosoft:Verda\012- data
Size 138 kB (137616 bytes)
Hash daedaf09cc827df4b0f600758a637215
85195abd5a4af09897808ba841197b5f254ea4dd
2b1ec02c0463ce5e312913da8825002165999b6f370c276cd378ef0f3e16db27
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/fonts/verdanab.daedaf09.daedaf09.ttf HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: application/octet-stream
content-length: 137616
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
etag: "632a94eb-21990"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/1.png
182.16.75.94200 OK 90 kB URL HTTP/2 www.ethmining.info/static/1.png
IP 182.16.75.94:0
File type PNG image data, 750 x 300, 8-bit/color RGBA, non-interlaced\012- data
Hash 74c89cfdbac2c0717e3a0696844d852c
f4991cd204b8047f717158cf425a7e7bb604e78e
3a820e256ff6f91b18f0b9372749c2e775f0bc5da307bbfc38844cbd0b0eec92
Analyzer Verdict Alert quad9 Sinkholed
GET /static/1.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 90032
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-15fb0"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/developers-eth-blocks.png
182.16.75.94200 OK 18 kB URL HTTP/2 www.ethmining.info/static/developers-eth-blocks.png
IP 182.16.75.94:0
File type PNG image data, 320 x 229, 8-bit colormap, non-interlaced\012- data
Hash 08017f2596edaf10ea527d833d898bec
d9e4fa4d0b4d52a39c3f06f41a515ea4a5bbae4b
97242e93c64c43d5c5b2f0a5877a6c119751c3873434e2e1f14f25526c6eae38
Analyzer Verdict Alert quad9 Sinkholed
GET /static/developers-eth-blocks.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 18155
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-46eb"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_pool_eth.95e447b5.png
182.16.75.94200 OK 6.4 kB URL HTTP/2 www.ethmining.info/static/icon_pool_eth.95e447b5.png
IP 182.16.75.94:0
File type PNG image data, 80 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 95e447b59bf57f9ee0387524df32869b
d0246556c7a72b96d61927a87d7c30bf54c02afb
6374221cd3a828728d0ad1c384dd353d1cf2281c42ba7c78a2db5366081f3bb3
Analyzer Verdict Alert quad9 Sinkholed
GET /static/icon_pool_eth.95e447b5.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 6412
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-190c"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/js/index.f4b59844.js
182.16.75.94200 OK 52 kB URL HTTP/2 www.ethmining.info/static/js/index.f4b59844.js
IP 182.16.75.94:0
Hash d86ea98454028f54e5de8baa887e34a4
e1bb05d92f2b721d3bc59ad7e1e099e679eb0de3
e51d443b82d930d8a2f075998fdeaae6e30f2beeeac617ea3256ee6c514f8597
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/index.f4b59844.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
vary: Accept-Encoding
etag: W/"632a94eb-39c86"
expires: Thu, 26 Jan 2023 18:45:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/TronWeb.js
182.16.75.94200 OK 274 kB URL HTTP/2 www.ethmining.info/static/TronWeb.js
IP 182.16.75.94:0
Size 274 kB (274066 bytes)
Hash ddfa2c577395e7b56da14b4e939c8aab
fdc7b2dcfbe93b6882161de89996ff7d2962540e
288bba1bad2414a5e6dce82b7dbe050868c4a13a7ad34bfe8558dfe4b9404b2e
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/TronWeb.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
vary: Accept-Encoding
etag: W/"632a94ec-b12e1"
expires: Thu, 26 Jan 2023 18:45:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/income.png
182.16.75.94200 OK 2.1 kB URL HTTP/2 www.ethmining.info/static/income.png
IP 182.16.75.94:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash c1daa5432d4376f1d46a0ca5d69b2612
07a286d38bf78baa988398e9ef0ce648fe36b2eb
40522801c0988d608d17a42796b51efa86dfb533b03bbda6020afdc47e538f24
Analyzer Verdict Alert quad9 Sinkholed
GET /static/income.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 2110
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-83e"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/d.png
182.16.75.94200 OK 527 B URL HTTP/2 www.ethmining.info/static/d.png
IP 182.16.75.94:0
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash 5dacd5639b4e15bbe62b6139cdafd75b
b58875288f4386ef1f7e183e8bd8aeb6e7b38fa7
7841339c459d3a9c549e814de1742be4a096fe4a1d73efbf094688e8b0efb4dc
Analyzer Verdict Alert quad9 Sinkholed
GET /static/d.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 527
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-20f"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0330439ba96a59c4a72646535bd60c77
fac4b951d25160d664703f6840328962b38504a9
4c4f5cf0a75ecc83e3dfe22cf910196908ddb140bd44106078dbb7d4f44ccf69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C4F5CF0A75ECC83E3DFE22CF910196908DDB140BD44106078DBB7D4F44CCF69"
Last-Modified: Wed, 25 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21513
Expires: Thu, 26 Jan 2023 12:43:38 GMT
Date: Thu, 26 Jan 2023 06:45:05 GMT
Connection: keep-alive
www.ethmining.info/static/img_partners.692b477b.png
182.16.75.94200 OK 285 kB URL HTTP/2 www.ethmining.info/static/img_partners.692b477b.png
IP 182.16.75.94:0
File type PNG image data, 1360 x 676, 8-bit/color RGBA, non-interlaced\012- data
Size 285 kB (284993 bytes)
Hash 692b477b9ba9101e1919f07509e8c453
c98eae8cea76b7e85d6915c8aa9aa3a8e89df9a0
b2a6941c8c820da27a4b1e84030233084febfbfce04a13b43335c8d2ceec8328
Analyzer Verdict Alert quad9 Sinkholed
GET /static/img_partners.692b477b.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/png
content-length: 284993
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-45941"
expires: Sat, 25 Feb 2023 06:45:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab1.6838def5.svg
182.16.75.94200 OK 2.9 kB URL HTTP/2 www.ethmining.info/static/icon_tab1.6838def5.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (700)
Hash 6838def53a014aa08d9d5bf89d6067db
5fbe2e8117544fb2b8dcab914a9a8a9f4ccadf4a
3b4367b30b0cd4018f2662da2ac19b00ee40a57892e1177cac96c57c708d4069
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab1.6838def5.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/svg+xml
content-length: 2874
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-b3a"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab2_active.9431786c.svg
182.16.75.94200 OK 2.5 kB URL HTTP/2 www.ethmining.info/static/icon_tab2_active.9431786c.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (309)
Hash 9431786c60e0d89148c6c5468254a9f8
c26d0a5e4495884cf546f710bb35fef22328a3bf
1003d446b823b4c29090ff57f69cca532d4d676fe4cfae61e2b2f1f1756fcb53
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab2_active.9431786c.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/svg+xml
content-length: 2512
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-9d0"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab3_active.2ad16b42.svg
182.16.75.94200 OK 3.2 kB URL HTTP/2 www.ethmining.info/static/icon_tab3_active.2ad16b42.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (1287)
Hash 2ad16b42b0ffe838e4686563cf59980a
e43c6b78e2629f600118d4aabb120c7967a55cef
59879e3e9d509563bd3b894cd77a0bba53e26bcc560affcc508e3892953abb58
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab3_active.2ad16b42.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/svg+xml
content-length: 3223
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-c97"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab3_active.bb8f3310.svg
182.16.75.94200 OK 1.2 kB URL HTTP/2 www.ethmining.info/static/icon_tab3_active.bb8f3310.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text
Hash bb8f3310bfcd61e1cec1bdd412ce0296
ffb7d65f79cd8774df5f042e83f3cfa5789c23ad
e7ab02bfb21efda73c5783af83bb86d9e99ac6d68a3e79509afc2fbd2a56706f
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab3_active.bb8f3310.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/svg+xml
content-length: 1169
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-491"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/icon_tab4_active.87bb6cb1.svg
182.16.75.94200 OK 2.7 kB URL HTTP/2 www.ethmining.info/static/icon_tab4_active.87bb6cb1.svg
IP 182.16.75.94:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document, Unicode text, UTF-8 text, with very long lines (332)
Hash 87bb6cb169b1267f77b6689ab83ebab1
ff5db4e1f5d21461286b0bb94a29619779f1c0f9
53095c191a860c160b862818ce1f62e776056d20df7159794ebcbd1a1ab6054d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/icon_tab4_active.87bb6cb1.svg HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: image/svg+xml
content-length: 2724
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-aa4"
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
www.ethmining.info/static/js/pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-pledge-pledge~pages-record-record~5dff76e8.c2c98268.js
182.16.75.94200 OK 5.8 kB URL HTTP/2 www.ethmining.info/static/js/pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-pledge-pledge~pages-record-record~5dff76e8.c2c98268.js
IP 182.16.75.94:0
Hash b40fca6cc6eba29236cb9c32ed842d20
470641f615f7a6deac2293b7c3baae52d0c2c860
ad37ed294b947e1dae0ff3e063c243ed8c0e4d1d7fc015a0ded570cca519a3b4
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/pages-hashGame-hashGame~pages-index-index~pages-index-index1~pages-pledge-pledge~pages-record-record~5dff76e8.c2c98268.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:04 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
vary: Accept-Encoding
etag: W/"632a94eb-3409"
expires: Thu, 26 Jan 2023 18:45:04 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.ethmining.info/Help/chain_status?lang=en-us&session_key=&token=&tourist=
182.16.75.94200 OK 1.6 kB URL HTTP/2 api.ethmining.info/Help/chain_status?lang=en-us&session_key=&token=&tourist=
IP 182.16.75.94:0
Hash 7470f29907d1eed0563d8f52243ff082
53df52ba3a9b5811b4c5ac713e87072eb28cec0f
f75c76caec3b8b8ed76b7caafba91e7d15d5dfde4f1038d1f6cef7622ec8b903
Analyzer Verdict Alert quad9 Sinkholed
GET /Help/chain_status?lang=en-us&session_key=&token=&tourist= HTTP/1.1
Host: api.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://www.ethmining.info
set-cookie: think_language=en-us; expires=Thu, 26-Jan-2023 07:45:05 GMT; Max-Age=3600; path=/
PHPSESSID=mpjd56svcbf1e0u0oduvh9ttus; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/cccc.png
182.16.75.94200 OK 80 kB URL HTTP/2 www.ethmining.info/static/cccc.png
IP 182.16.75.94:0
File type PNG image data, 928 x 836, 8-bit/color RGBA, non-interlaced\012- data
Hash 99b7dfe9f25800ef2c013d74ebd56009
def060c50fa86b660a01a61b9c7715e54821e7eb
5b1573fd00988108053ce261c28e18c73bcb1d371cc1c390c78c268671bf4a3a
Analyzer Verdict Alert quad9 Sinkholed
GET /static/cccc.png HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:06 GMT
content-type: image/png
content-length: 80353
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
etag: "632a94ec-139e1"
expires: Sat, 25 Feb 2023 06:45:06 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/widget/ruTvzzmXy5
92.223.124.24200 OK 6.0 kB URL HTTP/2 code.jivosite.com/widget/ruTvzzmXy5
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (17537), with no line terminators
Hash 69852c52507415a99029b96cfd024ba9
fe591f9ee6f059cb472a7ea117d808540e9c713e
1938915f08c01c8ad4275e86c8abcbbf8e113cd1d7fd53898e67aacfcb6a6017
GET /widget/ruTvzzmXy5 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:06 GMT
content-type: application/javascript
content-length: 6030
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: br
etag: "63cf9ee6-178e"
expires: Thu, 26 Jan 2023 08:45:06 GMT
last-modified: Tue, 24 Jan 2023 09:03:34 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: MISS
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/script/widget/config/ruTvzzmXy5
92.223.124.24200 OK 1.1 kB URL HTTP/2 code.jivosite.com/script/widget/config/ruTvzzmXy5
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type JSON data\012- , ASCII text, with very long lines (2696), with no line terminators
Hash 22aac75361ba36743ef0df88f62f59c8
ccc5c851ba141f24f85b7d4018ca384b24153b12
a046aef22ca331c4b76978f663b818073f9dea814dcd4b3244128eeee30ecda7
GET /script/widget/config/ruTvzzmXy5 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:06 GMT
content-type: application/x-javascript
content-length: 1067
access-control-allow-origin: *
cache-control: max-age=7200
content-encoding: gzip
expires: Thu, 26 Jan 2023 08:45:06 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: MISS
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
node-ya-3.jivosite.com/widget/status/1821667/ruTvzzmXy5?rnd=0.4760417527140791
158.160.7.212200 OK 79 B URL HTTP/2 node-ya-3.jivosite.com/widget/status/1821667/ruTvzzmXy5?rnd=0.4760417527140791
IP 158.160.7.212:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 0a5cd8c47a93682e6ef744f0bf28ae53
191fd58540456f5fd1e5edbca6eb871f94ac1fa2
b63342a6f633804e94e8b35e3198cb220eda23e2a2ae3923dc6305b8c69b77ce
GET /widget/status/1821667/ruTvzzmXy5?rnd=0.4760417527140791 HTTP/1.1
Host: node-ya-3.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
access-control-allow-origin: https://www.ethmining.info
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
content-security-policy: frame-ancestors 'none';
content-type: application/json; charset=utf-8;
date: Thu, 26 Jan 2023 06:45:06 GMT
pragma: no-cache
server: foxy/2.0.1
x-botmode: no
x-frame-options: DENY
x-geoip: NO;03;Oslo (Alna District)
content-length: 79
X-Firefox-Spdy: h2
code.jivosite.com/js/bundle_en_US.js?rand=1674643820
92.223.124.24200 OK 312 kB URL HTTP/2 code.jivosite.com/js/bundle_en_US.js?rand=1674643820
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Unicode text, UTF-8 text, with very long lines (65489), with no line terminators
Size 312 kB (311597 bytes)
Hash 113dfdaba97c2605851c4f6cdaa800fa
ba1413c879f5ea9a0e38417a6cab69c629b1c2cd
04ad57ac813f929db72f966e0607bfb50833d84dfcb171aed2f7ddfdbb5a414f
GET /js/bundle_en_US.js?rand=1674643820 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:07 GMT
content-type: application/javascript
content-length: 311597
access-control-allow-origin: *
cache-control: max-age=86400
content-encoding: br
etag: "63cf9f3b-4c12d"
last-modified: Tue, 24 Jan 2023 09:04:59 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2023-01-26T06:28:38+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/css/0272fc0/widget.css
92.223.124.24200 OK 55 kB URL HTTP/2 code.jivosite.com/css/0272fc0/widget.css
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash e68ebe49f2e12c6c4acb3a8cd589f822
9d53cdb14836baebd0951d03547185509291b18d
321d1de341cd17888a8d1aa7df9b019bed2f91e7d9cb4b36d64bade67807a8e9
GET /css/0272fc0/widget.css HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:07 GMT
content-type: text/css
content-length: 54801
cache-control: max-age=864000
content-encoding: br
etag: "63cf9f24-d611"
expires: Sun, 05 Feb 2023 06:27:26 GMT
last-modified: Tue, 24 Jan 2023 09:04:36 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2023-01-26T06:27:26+00:00
x-id: fr5-up-gc15
accept-ranges: bytes
X-Firefox-Spdy: h2
code.jivosite.com/sounds/agent_message.mp3
92.223.124.24206 Partial Content 3.8 kB URL HTTP/2 code.jivosite.com/sounds/agent_message.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 8e9a165c4cb185ffd0b2658fa088e43b
195873e5e8bbb2f5ecc32d95f90d6fb75817a649
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
GET /sounds/agent_message.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 26 Jan 2023 06:45:07 GMT
content-type: audio/mpeg
content-length: 3760
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63cf9eb6-eb0"
expires: Sat, 25 Feb 2023 06:29:00 GMT
last-modified: Tue, 24 Jan 2023 09:02:46 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2023-01-26T06:29:00+00:00
x-id: fr5-up-gc15
content-range: bytes 0-3759/3760
X-Firefox-Spdy: h2
code.jivosite.com/sounds/notification.mp3
92.223.124.24206 Partial Content 5.8 kB URL HTTP/2 code.jivosite.com/sounds/notification.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type Audio file with ID3 version 2.3.0, contains: MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Monaural\012- data
Hash 9aa341af370c4e59155717260ba0f282
0c1216ecead8d1409557c843d96202c063f3f252
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
GET /sounds/notification.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 26 Jan 2023 06:45:07 GMT
content-type: audio/mpeg
content-length: 5808
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63cf9eb6-16b0"
expires: Sat, 25 Feb 2023 06:31:00 GMT
last-modified: Tue, 24 Jan 2023 09:02:46 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2023-01-26T06:31:00+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5807/5808
X-Firefox-Spdy: h2
code.jivosite.com/sounds/outgoing_message.mp3
92.223.124.24206 Partial Content 5.0 kB URL HTTP/2 code.jivosite.com/sounds/outgoing_message.mp3
IP 92.223.124.24:0
ASN #199524 G-Core Labs S.A.
File type MPEG ADTS, layer III, v1, 128 kbps, 44.1 kHz, Stereo\012- data
Hash 7bf3e4962a5ecf1f8cbcc2ff3428f531
f75c694461a643d2e096ae8d0f6c1a9d19602eee
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
GET /sounds/outgoing_message.mp3 HTTP/1.1
Host: code.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: audio/webm,audio/ogg,audio/wav,audio/*;q=0.9,application/ogg;q=0.7,video/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: audio
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 206 Partial Content
server: nginx
date: Thu, 26 Jan 2023 06:45:07 GMT
content-type: audio/mpeg
content-length: 5014
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: max-age=2592000
etag: "63cf9eb6-1396"
expires: Sat, 25 Feb 2023 06:28:23 GMT
last-modified: Tue, 24 Jan 2023 09:02:46 GMT
vary: Accept-Encoding
via: 1.1 sharxy
x-geo-shard: ya
cache: HIT
x-cached-since: 2023-01-26T06:28:23+00:00
x-id: fr5-up-gc15
content-range: bytes 0-5013/5014
X-Firefox-Spdy: h2
dvcasha2.ocsp-certum.com/
23.36.79.17200 OK 1.6 kB URL HTTP/1.1 dvcasha2.ocsp-certum.com/
IP 23.36.79.17:0
ASN #20940 Akamai International B.V.
Hash ee2fc0afff5a4fbfe4c0f93d89d7bfdc
d5e260a868b5fcfe4c7c09c7d70b98dfe417fe49
ab6398de4b854c466c491b95036bf7f61095772c8b41bc5ea80d73b1c3eecaf2
POST / HTTP/1.1
Host: dvcasha2.ocsp-certum.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 1599
X-Cached: HIT
Strict-Transport-Security: max-age=63072000,includeSubDomains,preload
Cache-Control: max-age=900
Date: Thu, 26 Jan 2023 06:45:08 GMT
Connection: keep-alive
X-N: S
vi-ya-1.jivosite.com/ruTvzzmXy5?d48f14137dc342eb
51.250.109.133101 Switching Protocols 0 B URL HTTP/1.1 vi-ya-1.jivosite.com/ruTvzzmXy5?d48f14137dc342eb
IP 51.250.109.133:0
ASN #200350 Yandex.Cloud LLC
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ruTvzzmXy5?d48f14137dc342eb HTTP/1.1
Host: vi-ya-1.jivosite.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: https://www.ethmining.info
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: n5XK/foUiLLZXd2xbG3xeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Access-Control-Allow-Origin: https://www.ethmining.info
Sec-WebSocket-Accept: bWgjyB0cYng6wLXDna6X2BnIEVk=
Server: hand/2.8
api.ethmining.info/Pledge/language?lang=en-us&session_key=&token=&tourist=
182.16.75.94200 OK 199 B URL HTTP/2 api.ethmining.info/Pledge/language?lang=en-us&session_key=&token=&tourist=
IP 182.16.75.94:0
Hash 4d81eb9fa382a621eacf0ae823642d04
7805d3185af9e280162de77e92f9a9b094a2dcbb
9a4ec63774a772098bb1cdbc09d7914b572cd8f2c4f86794d7233f54159733e1
Analyzer Verdict Alert quad9 Sinkholed
GET /Pledge/language?lang=en-us&session_key=&token=&tourist= HTTP/1.1
Host: api.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:06 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://www.ethmining.info
set-cookie: think_language=en-us; expires=Thu, 26-Jan-2023 07:45:06 GMT; Max-Age=3600; path=/
PHPSESSID=h8nbu4j761batij5v6m40rmdk4; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/index.css
182.16.75.94200 OK 0 B URL HTTP/2 www.ethmining.info/static/index.css
IP 182.16.75.94:0
Analyzer Verdict Alert quad9 Sinkholed
GET /static/index.css HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: text/css
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
vary: Accept-Encoding
etag: W/"632a94ec-17031"
expires: Thu, 26 Jan 2023 18:45:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
www.ethmining.info/static/js/chunk-vendors.6130bde1.js
182.16.75.94200 OK 0 B URL HTTP/2 www.ethmining.info/static/js/chunk-vendors.6130bde1.js
IP 182.16.75.94:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/js/chunk-vendors.6130bde1.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:36:59 GMT
vary: Accept-Encoding
etag: W/"632a94eb-ba910"
expires: Thu, 26 Jan 2023 18:45:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.ethmining.info/Connect/connect?lang=en-us&session_key=&token=&tourist=
182.16.75.94200 OK 0 B URL HTTP/2 api.ethmining.info/Connect/connect?lang=en-us&session_key=&token=&tourist=
IP 182.16.75.94:0
Analyzer Verdict Alert quad9 Sinkholed
GET /Connect/connect?lang=en-us&session_key=&token=&tourist= HTTP/1.1
Host: api.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:06 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://www.ethmining.info
set-cookie: think_language=en-us; expires=Thu, 26-Jan-2023 07:45:06 GMT; Max-Age=3600; path=/
PHPSESSID=7e61kr8gtmam7eplupm1rgi825; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js
104.16.89.20200 OK 0 B URL HTTP/2 cdn.jsdelivr.net/npm/web3@latest/dist/web3.min.js
IP 104.16.89.20:0
GET /npm/web3@latest/dist/web3.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-jsd-version: 1.8.1
x-jsd-version-type: version
etag: W/"163759-IwpZDBwarMNpRlZFtitwZD1oxeo"
x-served-by: cache-fra-eddf8230054-FRA, cache-yyz4523-YYZ
x-cache: HIT, MISS
vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 22896
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ljvvtnjb7jUrIFid48LlouNV%2BdS9tMxxXcY7dJTUa2oFs5VduGrbursO94bKHEnCjXaP25fS5dp3PnhL0FGdgov1Q%2B%2FGbjDrKRhFnBd%2FkKKnAH5LPgC00ILpbgiF3VwJ0Bw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78f74897ceedb500-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.ethmining.info/static/jquery-2.1.1.min.js
182.16.75.94200 OK 0 B URL HTTP/2 www.ethmining.info/static/jquery-2.1.1.min.js
IP 182.16.75.94:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /static/jquery-2.1.1.min.js HTTP/1.1
Host: www.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:03 GMT
content-type: application/javascript
last-modified: Wed, 21 Sep 2022 04:37:00 GMT
vary: Accept-Encoding
etag: W/"632a94ec-14914"
expires: Thu, 26 Jan 2023 18:45:03 GMT
cache-control: max-age=43200
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2
api.ethmining.info/Connect/kefu
182.16.75.94200 OK 0 B URL HTTP/2 api.ethmining.info/Connect/kefu
IP 182.16.75.94:0
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
POST /Connect/kefu HTTP/1.1
Host: api.ethmining.info
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.ethmining.info
Connection: keep-alive
Referer: https://www.ethmining.info/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
Content-Length: 0
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 06:45:05 GMT
content-type: text/html;charset=utf-8
vary: Accept-Encoding
access-control-allow-origin: https://www.ethmining.info
set-cookie: think_language=en-US; expires=Thu, 26-Jan-2023 07:45:05 GMT; Max-Age=3600; path=/
PHPSESSID=f2oq1da1d7gkjkh8ff4h95rlb6; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
X-Firefox-Spdy: h2