www.exploraelparc.cat/
5.56.60.174200 OK 6.0 kB IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3747)
Hash 51202e047c354601d4378b6c73354c3b
06bd29dfabe2ba4bc23953bff504fbffac35ee81
57433215555dd7c026c04eabdc752b9b57fbad5a93e9731a99b4443ddda038db
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 5965
Connection: keep-alive
X-Drupal-Cache: HIT
Content-Language: ca
X-Frame-Options: SAMEORIGIN
X-UA-Compatible: IE=edge,chrome=1
X-Generator: Drupal 7 (http://drupal.org)
Cache-Control: public, max-age=0
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie,Accept-Encoding
X-Content-Type-Options: nosniff
Etag: "1667739503-0-gzip"
Last-Modified: Sun, 06 Nov 2022 12:58:23 GMT
Content-Encoding: gzip
X-Powered-By: PHP/5.4.45, PleskLin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8286265a56e3e10efd41b41618a54071
5f10ac9a050e15f5598674dc7ee3865b325d01a8
2da2fa0b2b86ccc4029d0baa4e9c5b21a6433228b84b451b72b1d318561d4ef2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2DA2FA0B2B86CCC4029D0BAA4E9C5B21A6433228B84B451B72B1D318561D4EF2"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2314
Expires: Sun, 06 Nov 2022 13:37:03 GMT
Date: Sun, 06 Nov 2022 12:58:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3257
Cache-Control: max-age=167211
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 12:58:29 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:25:20 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a21dcd6794c5ba4178522096f695511
d731cf49db5e048d0d820d5cee03417cdd8c1c7b
c4981ce849fcfce045d1c9eeb2978767d87fcbf6087626f3d6541ec8b1938a37
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C4981CE849FCFCE045D1C9EEB2978767D87FCBF6087626F3D6541EC8B1938A37"
Last-Modified: Sun, 06 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14199
Expires: Sun, 06 Nov 2022 16:55:08 GMT
Date: Sun, 06 Nov 2022 12:58:29 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 05978511215be8462d0b69e33b3a91a3
61535ba131d547f1c5108d9e7763ee3fc8d8c824
cfdbf0f9e88e3c1ae8eb03e46c352633a75d4b2edbfbd57c1c6b52ff1623a109
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3257
Cache-Control: max-age=167211
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 12:58:29 GMT
Etag: "63678ce7-1d7"
Expires: Tue, 08 Nov 2022 11:25:20 GMT
Last-Modified: Sun, 06 Nov 2022 10:31:03 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: LH6HC3A4NSHFGQI3iTw1Ge6/IgaFCoFygoja/Fc8O+otWqIJU9ZnpHslbO74/lqnPdudyjL58M8=
x-amz-request-id: A3CEC5RJ1KBAAZBF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 06 Nov 2022 12:10:26 GMT
age: 2883
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 06 Nov 2022 12:58:29 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.exploraelparc.cat/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
5.56.60.174200 OK 1.0 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (3007)
Hash 439617297d73e0adca804cd2cdaac7a1
3b00362cfd07917d2b4d6dd578c73b55ad64592e
e5a483fd787a9fc77d38e2c9242e19f86aaffd7c5e0ba7c6b54493e5ea55bbf1
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_lQaZfjVpwP_oGNqdtWCSpJT1EMqXdMiU84ekLLxQnc4.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 1046
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:06:56 GMT
ETag: "416-5b5cf9332f000"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/css/css_Wy9WoqOR-OhepuBFHnzAmHYQMqw-vQJSg2t9IUh_VhU.css
5.56.60.174200 OK 1.3 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_Wy9WoqOR-OhepuBFHnzAmHYQMqw-vQJSg2t9IUh_VhU.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (4115)
Hash 2000d6cbf4ecc17c9a2c61000c5aee95
db4084245030507cc14a29c01c93b0a10a2db717
afec7a4c6722c7f290b8485d16ac1adf87f2c8c640692bf67964d075a7529acf
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_Wy9WoqOR-OhepuBFHnzAmHYQMqw-vQJSg2t9IUh_VhU.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 1262
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:06:56 GMT
ETag: "4ee-5b5cf9332f000"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/css/css_51yno68fe8ZKUJQoWe9tV8YfoKo0IsZ7oA9Jyt7SELI.css
5.56.60.174200 OK 2.8 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_51yno68fe8ZKUJQoWe9tV8YfoKo0IsZ7oA9Jyt7SELI.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (3342)
Hash c67965553959e62a018519170abf8b97
4f5a5298cc79f075129a2e3ffbbabef6dbdb0fd9
69a284ad44f36a670b8aa8d9f19a877f0f7f38805c19390b9d24d0ca4821677e
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_51yno68fe8ZKUJQoWe9tV8YfoKo0IsZ7oA9Jyt7SELI.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 2848
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:06:56 GMT
ETag: "b20-5b5cf9332f000"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/css/css_aYsrpJszwGi5DzsjPGc9jfErez6W1nUjCD21XsBfAHg.css
5.56.60.174200 OK 2.2 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_aYsrpJszwGi5DzsjPGc9jfErez6W1nUjCD21XsBfAHg.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (3451)
Hash abff65fd03ac5db853eb17600a4ea6ca
b04b3c278b47c9d3d6bf42f8130fd2dfca700696
cd431d10431f0f358bdc3d4859a61c9352f855605a05ea982570b8bee62566fa
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_aYsrpJszwGi5DzsjPGc9jfErez6W1nUjCD21XsBfAHg.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 2159
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:12:45 GMT
ETag: "86f-5b5cfa8004140"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/css/css_2oPQyFBu4t0KOjvV4lo9rWvPrkxn2pqx1xbjJ42H19Y.css
5.56.60.174200 OK 9.1 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_2oPQyFBu4t0KOjvV4lo9rWvPrkxn2pqx1xbjJ42H19Y.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (20439)
Hash 754866ea5867973f42ccb886fc133e40
857d807109ee8679e3d1ca3cd8a6dbf53ce0d299
bad4fe644c1c77dfca7b7bebf80a292807456d9f3d65d12f20f7f5701075bdce
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_2oPQyFBu4t0KOjvV4lo9rWvPrkxn2pqx1xbjJ42H19Y.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 9055
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Mon, 07 Dec 2020 11:37:57 GMT
ETag: "235f-5b5de41ed6f40"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/js/js_ltUpEtzf-6BI0rSckrI9JzpyZC74r5egqunNEi5wiEk.js
5.56.60.174200 OK 9.1 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/js/js_ltUpEtzf-6BI0rSckrI9JzpyZC74r5egqunNEi5wiEk.js
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type Unicode text, UTF-8 text, with very long lines (21328)
Hash cc07f3b9d62a02613b5d8ea0dd0e1bb8
7f31e415b02d46f59a497c88b2d8e5809956da48
82cbd9123db88ca83d28e82cd66ed08c0d487544d2d64ccb2da170cd504c4393
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/js/js_ltUpEtzf-6BI0rSckrI9JzpyZC74r5egqunNEi5wiEk.js HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/javascript
Content-Length: 9056
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:18:19 GMT
ETag: "2360-5b5cfbbe8b0c0"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/css/css_9RgM_uEtw0ATtQC5CvC1s1ezwWYZuJ-XYgp8KwsfvrU.css
5.56.60.174200 OK 369 B URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/css/css_9RgM_uEtw0ATtQC5CvC1s1ezwWYZuJ-XYgp8KwsfvrU.css
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (755)
Hash ea8cfec9762ae9028018af2ec60369e4
396a33e25eeffb3d6b1f93b6c08e656024843225
908efa11da600be4c58dcffccccb54ca523853343a7432fc96b94028f2afba3a
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/css/css_9RgM_uEtw0ATtQC5CvC1s1ezwWYZuJ-XYgp8KwsfvrU.css HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/css
Content-Length: 369
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:06:56 GMT
ETag: "171-5b5cf9332f000"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/js/js_m4pw13vT6kexLs44G1x5weYwKtGTD-FC_CPpbLFszAs.js
5.56.60.174200 OK 10 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/js/js_m4pw13vT6kexLs44G1x5weYwKtGTD-FC_CPpbLFszAs.js
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type ASCII text, with very long lines (11607)
Hash 9600c9408c4faa1e18317354ba831807
8d15ddc295d5184e673fc95baad61911d038449e
c9eee4b2bc7e86109c6f468cf515135d11a96db47dd4d1d6637299fd8bb014c8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/js/js_m4pw13vT6kexLs44G1x5weYwKtGTD-FC_CPpbLFszAs.js HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/javascript
Content-Length: 10166
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:59:01 GMT
ETag: "27b6-5b5d04d76a740"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
upgraderservices.cf/drupal.js
51.89.70.16200 OK 1.3 kB URL HTTP/1.1 upgraderservices.cf/drupal.js
IP 51.89.70.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 2136adf33147f2e8c1f395c2e7388823
af026ee347113e163199c5ffcc845e903875151e
98c179d76c889fdb0bb90301ea586a66565594cbc8efc7ac7da5bf46a31ecd4b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /drupal.js HTTP/1.1
Host: upgraderservices.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.exploraelparc.cat/sites/default/files/js/js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js
5.56.60.174200 OK 46 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/js/js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 3034434f7d365ce6e083e1df31aab67d
afc2ec16b50035a95a186f86939b37eae9b81b3e
3421c40138fb70157072c68f464cf9f8c84861045938880e908c08c8f35a6312
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/js/js_zS-CmNFGyegtLYJmqFRpxQvvQrfPIFrOMq_3T3C8sZE.js HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/javascript
Content-Length: 46288
Connection: keep-alive
X-Content-Type-Options: nosniff
Last-Modified: Sun, 06 Dec 2020 18:06:56 GMT
ETag: "b4d0-5b5cf9332f000"
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: PleskLin
www.exploraelparc.cat/sites/default/files/mussol_i_rama_inverse_r1_c1_0.png
5.56.60.174200 OK 1.5 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/mussol_i_rama_inverse_r1_c1_0.png
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 91 x 63, 8-bit colormap, non-interlaced\012- data
Hash 27dd8b1f194d577a2e2c42341f061bf7
1c9b02970b6ee7d93842a3aa8e2d887d31d4862f
2c2f913b42f1b443339d922b60bb6061a2afe7cee1916f96af7d14a7b2884da3
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/mussol_i_rama_inverse_r1_c1_0.png HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 1502
Last-Modified: Mon, 10 Sep 2018 14:30:11 GMT
Connection: keep-alive
ETag: "5b967ff3-5de"
X-Powered-By: PleskLin
Accept-Ranges: bytes
upgraderservices.cf/drupal.js
51.89.70.16200 OK 1.3 kB URL HTTP/1.1 upgraderservices.cf/drupal.js
IP 51.89.70.16:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 2136adf33147f2e8c1f395c2e7388823
af026ee347113e163199c5ffcc845e903875151e
98c179d76c889fdb0bb90301ea586a66565594cbc8efc7ac7da5bf46a31ecd4b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /drupal.js HTTP/1.1
Host: upgraderservices.cf
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Content-Encoding: gzip
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll6_0.jpg?itok=42mcjDnH
5.56.60.174200 OK 35 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll6_0.jpg?itok=42mcjDnH
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash 630f2ee40965c34ade8f349de6980098
5f0080fedcc35723b6e19acd2df50ad0b067e856
58775f9b70b4417a70bde51f4e2d6abf2c710f602358da483c81ec1c9657d2cd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos-scroll6_0.jpg?itok=42mcjDnH HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 35110
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-8926"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos_scroll5_0.jpg?itok=Rq-KpDgl
5.56.60.174200 OK 27 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos_scroll5_0.jpg?itok=Rq-KpDgl
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash 14840ded75871355e8d8810d554e777d
299e74f7192484b9fba3e163cefbdf8925e1633a
074d2b094e8f3c3f3ba85c2f7aa5288f7c131d455d279485e220046677654ec0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos_scroll5_0.jpg?itok=Rq-KpDgl HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 26795
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-68ab"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos_scroll3_0.jpg?itok=i3uhvG5W
5.56.60.174200 OK 72 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos_scroll3_0.jpg?itok=i3uhvG5W
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash 482793006fc7bc32a56aacdf5b4933cb
79a71934291384d9b1ae78af6150e5abb217b77b
3ee825d847a3f01e9d9f5effbf745a5c11266d6eeed76d7f7741dd87ffc769fb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos_scroll3_0.jpg?itok=i3uhvG5W HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 72168
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-119e8"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/sysmap.png
5.56.60.174200 OK 53 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/sysmap.png
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 92 x 35, 8-bit/color RGBA, non-interlaced\012- data
Hash 42ca6efd26cbfad855278397b3154d34
e2b7d345bb179b075c6e8a0178f4302cb8ea075e
b29810d8bdf436e13e6cd1b4573fb1602e7a56b7b90bf111a75a51a89228bfe5
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/sysmap.png HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 52767
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-ce1f"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/passaport_0.png?itok=5cyhLAcQ
5.56.60.174200 OK 37 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/passaport_0.png?itok=5cyhLAcQ
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 300 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash d0abfde489e655c50a94aad700c5efdb
4516d0e46341750d922c3bbfd1c4da75e14de35b
055c51ef58acb98d68164b355528b4cf8e5707531a93f605d0e542e1ab8d1242
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/styles/front_page_teaser/public/passaport_0.png?itok=5cyhLAcQ HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 37099
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-90eb"
X-Powered-By: PleskLin
Accept-Ranges: bytes
exploraelparc.cat/sites/default/files/LogoDeixatGuiar.jpg
5.56.60.174200 OK 87 kB URL HTTP/1.1 exploraelparc.cat/sites/default/files/LogoDeixatGuiar.jpg
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2014:06:05 10:24:19], baseline, precision 8, 2000x1083, components 3\012- data
Hash b87c7270d3a8ad8fd685fc9412485982
5014cc5e370547bd1501a5235d923b1be14a75a9
fa09e081d1bbb586c869caabedbd693a5c55f32d78a346442c3b3d60676e1aa4
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/LogoDeixatGuiar.jpg HTTP/1.1
Host: exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 87049
Last-Modified: Mon, 10 Sep 2018 14:30:09 GMT
Connection: keep-alive
ETag: "5b967ff1-15409"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll4_0.jpg?itok=D4fMiUHe
5.56.60.174200 OK 85 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll4_0.jpg?itok=D4fMiUHe
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash 35d2dc38ac80fc3fe459fca9e1b27eda
275aeb5632a022d25974be62f8dc87c418d26a8c
e8d332d34174d8ea95e349c0756faae0df9a34ac098a779309dce32658d024f6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos-scroll4_0.jpg?itok=D4fMiUHe HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 84741
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-14b05"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/mirador_b.png?itok=CPVu38IE
5.56.60.174200 OK 25 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/mirador_b.png?itok=CPVu38IE
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 300 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 832623b04e9592eada00fab5cf75f6bc
3937142d89b5edc9be2d88f792c0f62970880fb0
74485c2977a63f2324896007261fbbabcf394f24ccf8c736be4ca5906b190054
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/front_page_teaser/public/mirador_b.png?itok=CPVu38IE HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 24998
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-61a6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/fontyourface/local_fonts/FS_Lola_Web_Regular-normal-400/fs_lola-regular-webfont.ttf
5.56.60.174200 OK 58 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/fontyourface/local_fonts/FS_Lola_Web_Regular-normal-400/fs_lola-regular-webfont.ttf
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type TrueType Font data, 19 tables, 1st "FFTM", 18 names, Microsoft, language 0x409, Copyright (c) Fontsmith Ltd, 2005. All rights reserved.FS LolaRegularFontsmithLtd: FS Lola: 2005\012- data
Hash a636ff44b5f869327f7081191ba3990b
824639fdbe86cbb2fb242a5ce4cb6d889e332728
926f263b02204d4e135595f3b797cec9e67af536bc41183adc8300871b836e28
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/fontyourface/local_fonts/FS_Lola_Web_Regular-normal-400/fs_lola-regular-webfont.ttf HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/sites/default/files/css/css_9RgM_uEtw0ATtQC5CvC1s1ezwWYZuJ-XYgp8KwsfvrU.css
Cookie: adaptive_image=1280; has_js=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: application/font-sfnt
Content-Length: 58224
Last-Modified: Mon, 10 Sep 2018 14:30:11 GMT
Connection: keep-alive
ETag: "5b967ff3-e370"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/fontyourface/local_fonts/FS_Lola_Extrabold-normal-bolder/fs_lola-extrabold-webfont.ttf
5.56.60.174200 OK 61 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/fontyourface/local_fonts/FS_Lola_Extrabold-normal-bolder/fs_lola-extrabold-webfont.ttf
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type TrueType Font data, 19 tables, 1st "FFTM", 18 names, Microsoft, language 0x409, Copyright (c) Fontsmith Ltd, 2005. All rights reserved.FS Lola ExtraBoldRegularFontsmithLtd: FS \012- data
Hash 02fdece3a0ba0fe568842a49437901fc
f89136b5a95a961d30b7b49a7c1459a29ad3c42c
a611f9faf5594afa53bcfcc8df706801d9d5f8b9d9268867b19f9204e573ad89
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/fontyourface/local_fonts/FS_Lola_Extrabold-normal-bolder/fs_lola-extrabold-webfont.ttf HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/sites/default/files/css/css_9RgM_uEtw0ATtQC5CvC1s1ezwWYZuJ-XYgp8KwsfvrU.css
Cookie: adaptive_image=1280; has_js=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: application/font-sfnt
Content-Length: 60884
Last-Modified: Mon, 10 Sep 2018 14:30:11 GMT
Connection: keep-alive
ETag: "5b967ff3-edd4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/amanita.png?itok=gA4z3Mv_
5.56.60.174200 OK 78 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/front_page_teaser/public/amanita.png?itok=gA4z3Mv_
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 300 x 220, 8-bit/color RGBA, non-interlaced\012- data
Hash 445eb676af4305a1a55b399f56e87dbc
aebbeae3ce151d22567896436c5bd77a87048918
ed30018a8d9eb8f0a41df5b100ec8be4b7350f6f3b99fc9c5c5912e69998262d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/front_page_teaser/public/amanita.png?itok=gA4z3Mv_ HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 77766
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-12fc6"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/aixorta_nou.jpg
5.56.60.174200 OK 4.9 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/aixorta_nou.jpg
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, orientation=upper-left, xresolution=74, yresolution=82, resolutionunit=2], baseline, precision 8, 87x28, components 3\012- data
Hash cffd4e3f962df217a062a0c704cfd00a
b541f0c4d7bb0470816843a068ac445f5493e60b
43ea9f349905a4b742dc262e180594a9c2885b5a3e8c3b02bcdd9ec0dc9efd19
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/aixorta_nou.jpg HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 4945
Last-Modified: Mon, 10 Sep 2018 14:30:10 GMT
Connection: keep-alive
ETag: "5b967ff2-1351"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/all/libraries/flexslider/fonts/flexslider-icon.woff
5.56.60.174200 OK 1.3 kB URL HTTP/1.1 www.exploraelparc.cat/sites/all/libraries/flexslider/fonts/flexslider-icon.woff
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type Web Open Font Format, TrueType, length 1268, version 1.0\012- data
Hash f8b92f66539473eea649c8514eb836a0
9876bce2a7b39125bd7a406c445e46e704d7b37e
333fe8266952f16c8b686f3edd78293da28e6eaef314dca86bc4eeaa23f290e8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/all/libraries/flexslider/fonts/flexslider-icon.woff HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://www.exploraelparc.cat/sites/default/files/css/css_Wy9WoqOR-OhepuBFHnzAmHYQMqw-vQJSg2t9IUh_VhU.css
Cookie: adaptive_image=1280; has_js=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: application/font-woff
Content-Length: 1268
Last-Modified: Mon, 10 Sep 2018 14:30:08 GMT
Connection: keep-alive
ETag: "5b967ff0-4f4"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll1-text.jpg?itok=kIuct_rK
5.56.60.174200 OK 50 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll1-text.jpg?itok=kIuct_rK
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash e0f49f57e3b89bf02befdb75a1fad851
de076c8620f7d3b776dc3feb7d681a39caefaf84
c560ed21a977a4ec3d2265318cec4e3f0d227ed92939afc4c87a01618bdbff95
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos-scroll1-text.jpg?itok=kIuct_rK HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 50286
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-c46e"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll7_0.jpg?itok=nCqt9k6L
5.56.60.174200 OK 93 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll7_0.jpg?itok=nCqt9k6L
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash 702c96138c737a6c02d183a710ccd481
b4e0b0b23174c2a320d82f80e07eb725656006d4
8dd77d0390b22ac2609d86e3dea4339665016077d4cf2784ab82391c1e95bc34
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos-scroll7_0.jpg?itok=nCqt9k6L HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 92865
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-16ac1"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/nequa.png
5.56.60.174200 OK 49 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/nequa.png
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 93 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 5f2d56f926dc77b57bcc1162f9143dff
581634d5e6942a096ffcb31843e1dfc5fbdf7810
0a699558bed7455b3f5998d2e0e25c0c9606115395ed5a7c1ce37ff6a9c5db82
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/nequa.png HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/png
Content-Length: 48905
Last-Modified: Mon, 10 Sep 2018 14:30:11 GMT
Connection: keep-alive
ETag: "5b967ff3-bf09"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll8_0.jpg?itok=Biqb2rA5
5.56.60.174200 OK 92 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/styles/flexslider_full/public/fotos-scroll8_0.jpg?itok=Biqb2rA5
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 75", baseline, precision 8, 932x350, components 3\012- data
Hash b481fabda7ab010866e5a4d4409dd5ec
cdc4e2043241bc736981fc70ab7fb5fa5077a95a
41021fb9a1dbc415b427b41966eb2ca12acac2c292ec3c4d52af884ed699a633
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /sites/default/files/styles/flexslider_full/public/fotos-scroll8_0.jpg?itok=Biqb2rA5 HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: image/jpeg
Content-Length: 92475
Last-Modified: Mon, 10 Sep 2018 14:30:12 GMT
Connection: keep-alive
ETag: "5b967ff4-1693b"
X-Powered-By: PleskLin
Accept-Ranges: bytes
www.exploraelparc.cat/sites/all/themes/pnapzen/images/RATLLESGRAN.png
5.56.60.174404 Not Found 330 B URL HTTP/1.1 www.exploraelparc.cat/sites/all/themes/pnapzen/images/RATLLESGRAN.png
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (330), with no line terminators
Hash d77623c4d5ac89519024f15cad71e6ac
9c018fe951e443c933f2b732ca0429b73d16f10f
445a2925661dc6642b398f8d7e603132c11838b45fb1e8f05c854e97fc2cdad7
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/all/themes/pnapzen/images/RATLLESGRAN.png HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/sites/default/files/css/css_2oPQyFBu4t0KOjvV4lo9rWvPrkxn2pqx1xbjJ42H19Y.css
Cookie: adaptive_image=1280; has_js=1
HTTP/1.1 404 Not Found
Server: nginx
Date: Sun, 06 Nov 2022 12:58:29 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.45
X-Drupal-Cache: MISS
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Cache-Control: no-cache, must-revalidate
X-Content-Type-Options: nosniff
Content-Language: ca
X-Frame-Options: SAMEORIGIN
www.exploraelparc.cat/sites/default/files/MUSSOL%20I%20RAMA-14.fw__1.png
5.56.60.174200 OK 98 kB URL HTTP/1.1 www.exploraelparc.cat/sites/default/files/MUSSOL%20I%20RAMA-14.fw__1.png
IP 5.56.60.174:0
ASN #57286 Gigas Hosting S.A.
File type PNG image data, 138 x 98, 8-bit/color RGBA, non-interlaced\012- data
Hash 295d3aa6dcc85812ba3a2d080141ceaf
0630ebc30dd73881b3dbf666249427f417d323dd
8322df3612fdaf13d35c0ef0387b5c87c00e066f385fc5273f811a1f9b36e558
Analyzer Verdict Alert quad9 Sinkholed
GET /sites/default/files/MUSSOL%20I%20RAMA-14.fw__1.png HTTP/1.1
Host: www.exploraelparc.cat
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.exploraelparc.cat/
Cookie: adaptive_image=1280; has_js=1
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 06 Nov 2022 12:58:30 GMT
Content-Type: image/png
Content-Length: 98392
Last-Modified: Mon, 10 Sep 2018 14:30:09 GMT
Connection: keep-alive
ETag: "5b967ff1-18058"
X-Powered-By: PleskLin
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d862f992e9902530594e7aca425f129b
25b414fe833d30b52928535d659a1ee281b82e3a
0c6286152fe8bb5fdf1505f2001d530a65ee53aa6d9601bbb1eecb683036071d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6335
Cache-Control: max-age=165236
Content-Type: application/ocsp-response
Date: Sun, 06 Nov 2022 12:58:30 GMT
Etag: "6367792b-1d7"
Expires: Tue, 08 Nov 2022 10:52:26 GMT
Last-Modified: Sun, 06 Nov 2022 09:06:51 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
52.89.181.160101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.89.181.160:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: hcQPpl4ngN86IJWE3XoThQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: npYplsTNI0g7XQqXSZHMkJvFjug=
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Sun, 06 Nov 2022 14:13:32 GMT
Date: Sun, 06 Nov 2022 12:58:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Sun, 06 Nov 2022 14:13:32 GMT
Date: Sun, 06 Nov 2022 12:58:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 3bf1a5e65cd048b761eac5cb0b52048a
f64cface851717dee160a5c6fad975cc34fe4cd2
8b849bbe5d73c02bd82c39e5970ef02d46bf36ccfed31b51db437d85d12c004b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B849BBE5D73C02BD82C39E5970EF02D46BF36CCFED31B51DB437D85D12C004B"
Last-Modified: Sat, 05 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4501
Expires: Sun, 06 Nov 2022 14:13:32 GMT
Date: Sun, 06 Nov 2022 12:58:31 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dcc79e66d1e21452efb26d26650f6739
1f727a7ea032082658944cf4041686446fb6b5f2
af1fe8de442a365a108d5c03f0d3ae8b0beb1abb4f267a46979f9c885ee026c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff56714e2-704b-4327-92b2-54e71d0c4d40.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8961
x-amzn-requestid: 3a50374d-d90e-452e-bb89-82ca14c94b52
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJarpGtqIAMFkPg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7e3-55c356475fb64e6625a338c7;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:44 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ry_OKFFZDdDoVya2hTxnFlDGtgoSw0JRqieDnCO4mSNFbgV-AuLE5Q==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:44:33 GMT
age: 54838
etag: "1f727a7ea032082658944cf4041686446fb6b5f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93aada35cf6b5ccf56d7c8c49e566a1e
349f301eab8e4cd3732e9b0fbd1675bbbe3e969b
2285236779612c298f54306c6237df079a3329daa415c3f3a9015bf2a75f99aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ddf9fb3-adcc-4e34-a9a7-1927e38830dc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9331
x-amzn-requestid: d67eca4f-66a8-4366-b2d8-fb424e77b438
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJb3lHQmIAMFemg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d9c9-77519cf22b23b7e00a23cacc;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:46:49 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZiP3LoPE9a2aP16DN-jBzPfGPS_uW4M_qtJ3ilw26cxK6w6mWJOxPQ==
via: 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
etag: "349f301eab8e4cd3732e9b0fbd1675bbbe3e969b"
content-type: image/jpeg
age: 53153
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e2853cc6ec6223160471401e6871f4b
f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c
bf4b9145ea043d87a30fd3aeeae21a1a0aa27004cd2467e7aa843bc894ae1f60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6fadd94-b1a4-4bdc-bcf4-b6bade4840a0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10462
x-amzn-requestid: 6dc7dc5c-88e9-4550-abf0-f16965ab7cd3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bF_38GKXoAMFwSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636579cc-28ea4125437c31cc34683fb7;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 20:45:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: cLOqm36ioY751X1yA1WcQpaXiFYuvzFn8xLQ56MyDTpvi1J4Ruvc9Q==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 06:27:59 GMT
age: 23432
etag: "f052e1f8b2bf4a8eeecfa5b82e27ada1b7719a0c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fa77f05b1af971db287607d9d9a30e0f
276f1493d6da74c8fa3ef83dee77bf48850ff4b4
005d0273b7fe7b68081d1db630df9444c4082140be87c34f3e9e5fb7db9a4160
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7220419a-cf8c-4056-a522-11012e67cf32.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14415
x-amzn-requestid: 9eadfbeb-38b2-483a-894a-375e00f646dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJabgHcMoAMFTLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d77c-104fa5e61c64aaf230ffb045;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:37:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zwi4Hg5iu5MB4zr0EFVhTRAvrnN2J1GnY31mOvlXJW0E_cgQu1gmgA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 31119c39c5a6dc62dfa1fe940afd7be2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 22:12:38 GMT
age: 53153
etag: "276f1493d6da74c8fa3ef83dee77bf48850ff4b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b370c4e3b01be9fbbc3e310e6958cd55
cc22e90a0b476215f2fd864d84c9b00dded100a6
f54d90c5854b6f140b63dad3aa92bd858b8f360b8c77d50fdf344e813e9385c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F78f88d98-b52b-4ad1-8cfc-e60fd17b46e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 0a1d9895-e2e3-4070-921a-736d8c6f254e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bJatPGwjoAMFx8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6366d7ee-101a7f3a2b834d0b411c9de0;Sampled=0
x-amzn-remapped-date: Sat, 05 Nov 2022 21:38:54 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j0I2JcPIptLTJZlwg8QG7kkTE1eCvZiBDzi6j2YYqNwvawJ6k2CqHQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Sat, 05 Nov 2022 21:48:50 GMT
age: 54581
etag: "cc22e90a0b476215f2fd864d84c9b00dded100a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b18a8c9f5539ce33476f843f5811e01d
11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b
fc20e507eedccb52078979f2132434b11b9d50d917cab512d8e0c99515b1236c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8df47f1e-c13a-452f-b0e2-28c141dbb191.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7573
x-amzn-requestid: d56e7b27-f2cb-4cd3-9f67-ba18d1bfe270
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bDkhGHmjoAMFxxQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6364813a-3a1c18b13c41f38673890b00;Sampled=0
x-amzn-remapped-date: Fri, 04 Nov 2022 03:04:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: c-u9tBFoIve3sEwtbUvIFZoPu6eudy3ZFQi8j2m9mTPNEarihTvddw==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Sun, 06 Nov 2022 05:31:43 GMT
age: 26808
etag: "11d1f2ce72d2aa6686c79f777cd0bdb4ddeb681b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2