159.203.175.68/crm/index.php
159.203.175.68200 OK 7.2 kB URL HTTP/1.1 159.203.175.68/crm/index.php
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (11994), with CRLF, LF line terminators
Hash 8c2c1d0962af0b42991636dd2699ffae
c424664dae0876f1a3612a73137b9937e4be4b27
2dff26bf6a95ce8dc0af91ab708453d36385e695df03909346f905a37a008ed0
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/index.php HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:58 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Set-Cookie: PHPSESSID=4d43330163d66a0ea4441; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7192
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8777
Expires: Sun, 29 Jan 2023 15:10:39 GMT
Date: Sun, 29 Jan 2023 12:44:22 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9383
Expires: Sun, 29 Jan 2023 15:20:46 GMT
Date: Sun, 29 Jan 2023 12:44:23 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 03092d1a1bc7ac91ee342a1a7ab2a562
52db06ce1fd2c74ddd36b6a0a7aee1b5c891600a
03b8ff2629abac9fc30ebec059c2e2018fcbc41646ad5f71c965ff630fbf1ffd
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "03B8FF2629ABAC9FC30EBEC059C2E2018FCBC41646AD5F71C965FF630FBF1FFD"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12372
Expires: Sun, 29 Jan 2023 16:10:35 GMT
Date: Sun, 29 Jan 2023 12:44:23 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 12:43:08 GMT
content-type: application/json
age: 75
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nXV00QV0Z9BJCg4rWPUE8SfnIrYWstFbo7JYq+k0Jraqf5dZ2MY6Ok395usS9ApzU2D8v7wbU7JSHshE9NDbyQ==
x-amz-request-id: M882KC94EH6F8SYY
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 12:21:23 GMT
age: 1380
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 12:44:23 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
159.203.175.68/crm/libraries/jquery/chosen/chosen.css
159.203.175.68200 OK 2.2 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/chosen/chosen.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2c1a0b58e55df35349bf0a8ecaa077e7
ad28cbc4078cd54af4cadd1374c74aea0ad206d4
293b5b225d6e2b7bb99844117062ec0cfe02d461da404720ae58f400b6154657
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/chosen/chosen.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3304-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2177
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/jquery-ui/css/custom-theme/jquery-ui-1.8.16.custom.css
159.203.175.68200 OK 8.6 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery-ui/css/custom-theme/jquery-ui-1.8.16.custom.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 72bc13bba8d967b00c3e087914d27516
bbc481ee040a2d4a217ddc113daa3e4e34956554
c70b931ad094fe258d5366cb15e248270b2e01080945d0288fccc4fb756e5ad4
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery-ui/css/custom-theme/jquery-ui-1.8.16.custom.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:58 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "d642-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8608
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/select2/select2.css
159.203.175.68200 OK 3.0 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/select2/select2.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash de6ee91142b1f101c9a7802f8a6ae74f
ecb8d81a1a7f3ee70c137d83c4fcccbf57d7b370
880c001aff1450951f5d489f123e6c67421962298609a78bebf87c89baf5c5ec
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/select2/select2.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "4512-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2957
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/resources/styles.css
159.203.175.68200 OK 27 B URL HTTP/1.1 159.203.175.68/crm/resources/styles.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash e77b258b11f7b1a6c7022b23d0236efd
77ce5422372b225df124328ad8e253dc6f24e720
8af166b0bd754fed4368979fdacdeb263475b95148f6b05bdadb15eae888e96f
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/styles.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1b-4e16625ec4e80"
Accept-Ranges: bytes
Content-Length: 27
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/bootstrap/css/jqueryBxslider.css
159.203.175.68200 OK 1.7 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/css/jqueryBxslider.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 44004c0b7b5993544fdbe53181ad7cf8
aad8f448788073df3d274cb1d37a5b57e67033c7
4be6fef14ed320c9d057ccbb406c6c646578259461c250ea7420b436e8ec2bdb
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/css/jqueryBxslider.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 04 Jul 2014 02:05:20 GMT
ETag: "182e-4fd548eb2b800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1722
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/guidersjs/guiders-1.2.6.css
159.203.175.68200 OK 3.6 kB URL HTTP/1.1 159.203.175.68/crm/libraries/guidersjs/guiders-1.2.6.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3288)
Hash b93ced867060604d8410219216bd86b5
e56136b008f42abe260f33f2a7533cce99a914ee
55607dbc2c7e5c63afd921b434022587e3bb4d1e1772e0f6988f35061191aa3e
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/guidersjs/guiders-1.2.6.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1758-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3643
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/bootstrap/css/bootstrap.css
159.203.175.68200 OK 13 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/css/bootstrap.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 30e869525766568c6decfd0a60a67f68
f7be99c3103e9706ed4806997a22b44b4eea0d01
48c489d39cbf4dbed5d728da38cb63276ef8d9369fe877775acba394124c8015
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/css/bootstrap.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 02 Oct 2013 19:36:18 GMT
ETag: "14f5f-4e7c72ee35080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12952
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/pnotify/jquery.pnotify.default.css
159.203.175.68200 OK 699 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/pnotify/jquery.pnotify.default.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash c9b4ae8ed7786ad983df74c630ee7c2a
8c4b82931d417b0479f05b7c8142c5ef488580f1
42fb518d27fff3d21a0f147aa7b99ffd243c6077d1535cfd8fca5de7376ea598
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/pnotify/jquery.pnotify.default.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "6e6-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 699
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/pnotify/use%20for%20pines%20style%20icons/jquery.pnotify.default.icons.css
159.203.175.68200 OK 295 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/pnotify/use%20for%20pines%20style%20icons/jquery.pnotify.default.icons.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash ca12643c4fac9730fc7120ebcbc49c50
6a3c844384c08949ad3c0ad73930509d9c1d1eaa
ae6b42e908ea2aea1176019730a0e3b3d09abe40068482b9345f24b977399aaa
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/pnotify/use%20for%20pines%20style%20icons/jquery.pnotify.default.icons.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1b9-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 295
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/datepicker/css/datepicker.css
159.203.175.68200 OK 802 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/datepicker/css/datepicker.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash c1a5f4603e1c9ac3f5ca7dd179a16584
2c38aa5f420c983c900a995051164b0b3604f56b
bc3f1c89e30a7dd6bffd527b662ec43fa9a4a77f7b610c301869184e5ddd7846
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/datepicker/css/datepicker.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "e78-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 802
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.css
159.203.175.68200 OK 549 B URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash ef68ff69f2157b2e429837e6d614d3c4
f3cce2f5f89a579854da06cee05a6ce97066a5ae
27f89f559738cfeedf668404b858035a3dcfd86e47bd64699c417accd50aed2a
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 27 Jun 2015 15:31:26 GMT
ETag: "599-519818cb98f80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 549
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/Dandy.js
159.203.175.68200 OK 1.7 kB URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/Dandy.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash d69fc3d3b35c6d2ccd1b0088275ba129
9472e3669b7a9a937e58253efa8c463b97af1b82
07e784eee5e6a364da2a8462b7323233f0258c28ccd270e9b28ec6242ccd97ca
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/Dandy.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 27 Jun 2015 15:31:26 GMT
ETag: "19f7-519818cb98f80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1736
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.js
159.203.175.68200 OK 648 B URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash cd7ab4d362eec95570e439e060ef6b15
2e629a32a74bca523aefc2749658bb84055193c6
c9b268fc1a24d88db6060d659500cb597814977ad14215429967555dab20f12a
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/dandy/modules/Vtiger/resources/responsive-tables/responsive-tables.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 27 Jun 2015 15:31:26 GMT
ETag: "6ce-519818cb98f80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 648
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/csrf-magic/csrf-magic.js
159.203.175.68200 OK 2.3 kB URL HTTP/1.1 159.203.175.68/crm/libraries/csrf-magic/csrf-magic.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash e8c623ef331309962c97df6d168c8bcc
cf01ba76d1b2733599172ea9e2a4f795753f6b8b
ecc84a539ffb51b8af09525461580f15e17d2fa02747f6b6bed484d861d651e8
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/csrf-magic/csrf-magic.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Mon, 15 Sep 2014 00:55:48 GMT
ETag: "1c55-5031018716d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2279
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery.min.js
159.203.175.68200 OK 33 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (32769)
Hash 929b34b42ac409139d3e3e22ebdfdba3
9876aff27cea09ca161ee4fa0d1376042637ea80
a426bfa10cc2506dc53d8634b7ffc88c060aab7f33400229f0509c1c49b250a4
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "16f44-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33274
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/css/bootstrap-responsive.min.css
159.203.175.68200 OK 3.8 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/css/bootstrap-responsive.min.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15304)
Hash b1e55e0bbab760eb402bdc5a8e8ea6d5
2c8cebe150454bb682b3d70bb722976a8acd977c
2b97bffcf8d5ab77c2557ee57daffa0d7171dad7ac6c6dcd342bcecf9fde3acb
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/css/bootstrap-responsive.min.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3cb9-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3813
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/layouts/vlayout/skins/dandy/style.css
159.203.175.68200 OK 18 kB URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/dandy/style.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (367)
Hash 87bc0194f99d6280f862cb5c6718427f
0c1cf16f6a2b36569c9803f15c778be11ca2a73d
eead99a0067200df09f46a2e788e4ac755737ced88100a170d98f53aac61e44b
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/dandy/style.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 27 Jun 2015 15:31:20 GMT
ETag: "19d66-519818c5e0200-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 18216
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/libraries/jquery/boxslider/jqueryBxslider.js
159.203.175.68200 OK 5.4 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/boxslider/jqueryBxslider.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (19019)
Hash 5e44336fbbde77d8efabc8b493aec556
001fc67043865fb145ee19d20ca53200803a178d
eb184ff7bb8b6ffc86c3c68f040f6b5c2b3ae7628df6e784b8ff69bd8818a64e
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/boxslider/jqueryBxslider.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 04 Jul 2014 02:05:20 GMT
ETag: "4b81-4fd548eb2b800-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5415
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery.blockUI.js
159.203.175.68200 OK 5.6 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.blockUI.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 (with BOM) text
Hash 887cd34dab0d263d67575372524f0b3f
548700399dd05ae9dd16f617648f271f4911d72b
abbc13f9aeaa63f79604d183d534ba4d42e44a75b33ff5f87df13164112cd3b9
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.blockUI.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3e2d-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5615
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/css/bootstrap.min.css
159.203.175.68200 OK 16 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/css/bootstrap.min.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65307)
Hash c431bf19b1672f602b44f6c010ef53ba
c3cd7b9091308af9c43e9392778689d9ac2ae723
6ebab7b3e57dbf206defd4e46486bedda406a0ff546f967983c140471cda1bb5
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1755f-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15517
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
fonts.googleapis.com/css?family=Lato:400,700
142.250.74.106200 OK 367 B URL HTTP/1.1 fonts.googleapis.com/css?family=Lato:400,700
IP 142.250.74.106:0
Hash 6b1110724f93972ca34dcb3adf89697b
84f0a4449a2eda069338e97adf985a5ff644a7f5
6da05a568aef32f297c0a5e6b7ff31e537bc5aa0f480aa51df0816eb506cd072
GET /css?family=Lato:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Sun, 29 Jan 2023 12:44:23 GMT
Date: Sun, 29 Jan 2023 12:44:23 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
159.203.175.68/crm/libraries/jquery/chosen/chosen.jquery.min.js
159.203.175.68200 OK 5.6 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/chosen/chosen.jquery.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (21133)
Hash e8b6247f414c1ce42ab508d92dec2def
6d58f072ab732e25b95aa2074b5e002957bbe918
c6b4d12e869eaca5d783b8bf41d73810755950896634a926c623c95a529f7b85
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/chosen/chosen.jquery.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "540c-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5553
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/select2/select2.min.js
159.203.175.68200 OK 10 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/select2/select2.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (764)
Hash 59a9f642943da0a8c404dabc0c98dabd
f63ea2285e3dedf88128eb2b012163f74042fef3
b78bf93ffec2c7d6bdea42d6b4c7225e7388c0fd5fccb03481e124386b978f33
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/select2/select2.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "8a7f-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10224
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery.class.min.js
159.203.175.68200 OK 1.4 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.class.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (513), with CRLF line terminators
Hash dd83b0747bb8cff01d1f2f4a23480bc6
e22f03c88b591db238023ab0f4962b7e01aee3f1
82c68da492bab473951ba94d71ef174ee5a83310f4882ac55a5564cdb656458b
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.class.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "bd8-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1416
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/defunkt-jquery-pjax/jquery.pjax.js
159.203.175.68200 OK 6.1 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/defunkt-jquery-pjax/jquery.pjax.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2e1e9eed02be6d0fd94c278317b847f9
3a1edcfe85eb9fb88a53f142f8af0d6ceedf3fff
9b054d1e17f6bf33788881b736de95b994fd66d8923827cb49ccd9eaf51454bf
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/defunkt-jquery-pjax/jquery.pjax.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "4acb-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6071
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jstorage.min.js
159.203.175.68200 OK 3.2 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jstorage.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (532)
Hash 3073dfbb531cf2620102cd18d9119239
bd73bc18ad77304ac91be03ce39ab3ede416ecb3
5db92516c7bf0f8a78bdd890d9514521fd61a0432ecbadf7752198b65220ce11
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jstorage.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "24df-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3245
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5058
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:23 GMT
Last-Modified: Sun, 29 Jan 2023 11:20:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
159.203.175.68/crm/libraries/jquery/autosize/jquery.autosize-min.js
159.203.175.68200 OK 1.0 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/autosize/jquery.autosize-min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1774), with CRLF line terminators
Hash b1eaf30ac1689327a95a1cd920048f80
9f6c3ad9f093169a894974263be57f6f012cd14c
a2a79156ee870f1ebdf46e63756d8912360986c3115bf4ad44ac60c04e508123
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/autosize/jquery.autosize-min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "780-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1014
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/rochal-jQuery-slimScroll/slimScroll.min.js
159.203.175.68200 OK 1.4 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/rochal-jQuery-slimScroll/slimScroll.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (519)
Hash 32ac7d50c4c89b671977d454a2e07a13
0926afea3cde91412c04a5b94992e82ffe442932
346fc1a3e15068ee9fff4c7065550d9f02d0b7cd5acf38a26d70dde91b50f7a9
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/rochal-jQuery-slimScroll/slimScroll.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "c85-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1431
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 86352d15c37831cf9bf1e41325029224
ac8b28bcc1e6dd026e1f62d1ef8b9f80a42eee21
154f5f5e116df41f5d3bd414c671138b2afc198071529a0f3573109277566cd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.203.175.68/crm/libraries/jquery/pnotify/jquery.pnotify.min.js
159.203.175.68200 OK 4.2 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/pnotify/jquery.pnotify.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (552)
Hash 740f8cf1a398fceac355c9cbee9b9930
c7b91fd614cf523cffc883c13c29625c4d7373e6
da9b66913ccb4b8f86c10e13e07e3baf6c0fc6cc05141e93261901311ec68c22
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/pnotify/jquery.pnotify.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3992-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4241
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery-ui/js/jquery-ui-1.8.16.custom.min.js
159.203.175.68200 OK 53 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery-ui/js/jquery-ui-1.8.16.custom.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (559)
Hash e2fd8a6501eeba4d6a74aaac31950ccf
96bdce60a91446716a881a1c6711a7cb1124d1a8
92b4b048c7258c813d675b975ce387a38ddbe6c2d172330476216f9674c2065e
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery-ui/js/jquery-ui-1.8.16.custom.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3361f-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 52981
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.google.com/jsapi
216.58.207.228301 Moved Permanently 237 B IP 216.58.207.228:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 362d5b448e14803e150656f8f2b2064f
46e929aad5f6323e61c895d51c8fa5f46171f16e
9361792c2d970710b9e66bb86b6dc9b17dab59a9294a30a5790bdb1e92b38021
GET /jsapi HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.203.175.68/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://www.gstatic.com/charts/loader.js
x-content-type-options: nosniff
server: sffe
content-length: 237
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:23:51 GMT
expires: Sun, 29 Jan 2023 12:53:51 GMT
cache-control: public, max-age=1800
content-type: text/html; charset=UTF-8
age: 1232
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Pragma, Last-Modified, ETag, Content-Length, Expires, Cache-Control, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 29 Jan 2023 11:49:04 GMT
age: 3319
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
159.203.175.68/crm/libraries/jquery/jquery.hoverIntent.minified.js
159.203.175.68200 OK 601 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.hoverIntent.minified.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1169)
Hash 8d058cdd242f88462c655df6192ec6ae
3e6f78fcec50acb10c9f2933c8c1e5fbe4c695bd
7a1a218e349fdf6dac720b285e914022f5400a23e4dc9d71c3e7756d2acda0c7
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.hoverIntent.minified.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "56e-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 601
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-alert.js
159.203.175.68200 OK 1.0 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-alert.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash b0a995cca3eae0cf1932ea785e743817
99a130030383bb3ca00cb72fc60a8c403ae20f2b
0b20c20f5f71b75538e4154316be24e15794ead8e79dd5e74c1e5266284b3fd5
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-alert.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "98c-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1045
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-tooltip.js
159.203.175.68200 OK 2.2 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-tooltip.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 6adf2deffd4bba2158ffa02ac97fedc9
bcc750d7fcaef2fcadc89ee094c00367cc046382
be7dc1ebadcc3166ee4316e9b6146b41a7716edb15f37024847b98446fde41cf
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-tooltip.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1cce-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2241
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-tab.js
159.203.175.68200 OK 1.3 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-tab.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 654fc7feb0eb2caeaeafdc092b3c63fa
cfb9b378fc316762bf9b0baa781cdc5488eab5c1
695665c8e7325de92d452e039631e923ec6b1cfee32276c6e143b104346626f2
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-tab.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "ceb-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1304
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 9cea98a843749ab6ffcc1e4d554d70ee
4d4d4c548678ce5dc407a73f393a2abf1aae4cfb
478e8249f84da1fe4fc36c7f752dde2d61de74e5271e4be36c51a8e5ad1c2730
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5058
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:23 GMT
Last-Modified: Sun, 29 Jan 2023 11:20:05 GMT
Server: ECS (ska/F70D)
X-Cache: HIT
Content-Length: 280
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-modal.js
159.203.175.68200 OK 1.8 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-modal.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash a92775a99853f6501b78e286b495455b
0cd4c659da0a6d930edb8597b1503f927d67acc3
0ef06784bfdb13fd648606461838166e5c421a6e76ffe20968d2cb26f074533f
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-modal.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "15a3-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1825
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-collapse.js
159.203.175.68200 OK 1.5 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-collapse.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash d3000626d382c162d26f81cf2588346a
04bbc4648810b1fb4485172d9d371ca2373c660b
cecb4bdc7884bb50115fdf944a338e7337fcc523bc2455b1d31317ec1e207d83
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-collapse.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "f48-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1453
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash ef589be52a3e55b643978f17949a73da
74545de6f144282252ff92c751f97cc835c80341
7bfa68c43e60a2627770163b5c1b96fbd7e4843984ad5ff6225c5490b8073b26
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-dropdown.js
159.203.175.68200 OK 1.1 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-dropdown.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 3db35693dfb9935948ac91442953fdf8
43949941e4ed475648b961ad3c1b723992ca93fe
ff7429cbb337f08fe63744d607c65e95896ce69edc40a71588042da6106d1c60
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-dropdown.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "9fe-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1056
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/bootstrap-popover.js
159.203.175.68200 OK 1.2 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootstrap-popover.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 9b741e131cb0b7ce681a2a3151f5a7c7
51420d704cb7290f00d9bd50e02893e368cdf876
f20f9b241aea1087b0a6120a323e146a1d4aaf932ed5deb724cdeab1df16c8d2
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootstrap-popover.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "b35-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1174
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.203.175.68/crm/libraries/bootstrap/js/bootbox.min.js
159.203.175.68200 OK 1.8 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/bootbox.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (526)
Hash e6805be26af5a83e72106d754d3ea272
4b10330f5f5444680d0bb81bb82bf8630d8b892d
9dabfc784dbacc056909c86ff623218ff379dfa402b94bbdcfcf9e694f3c5576
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/bootbox.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1511-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1814
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/resources/jquery.additions.js
159.203.175.68200 OK 636 B URL HTTP/1.1 159.203.175.68/crm/resources/jquery.additions.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash eef6fe1bf96fb41198691a0b6e4b6f21
13f51404627c8eb72d68d105163d81f9459c7832
6f409d8cc84aad871ec7993eb6acde9bc7c7c7654e4fe4d966a0082d28ffc8bd
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/jquery.additions.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "56d-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 636
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7139
Expires: Sun, 29 Jan 2023 14:43:22 GMT
Date: Sun, 29 Jan 2023 12:44:23 GMT
Connection: keep-alive
159.203.175.68/crm/resources/app.js
159.203.175.68200 OK 8.3 kB URL HTTP/1.1 159.203.175.68/crm/resources/app.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash c87fe5b6df30c9580f750cd36e5e3394
4e4f2797fd094d5c148c20f5c7f7844ff8e1af3f
b94e0057462c66a833cc6b8c93523d97765b6f3c0ce641e1fa7e60a2219c79a8
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/app.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Tue, 24 Nov 2015 08:34:56 GMT
ETag: "8ed4-525453766ac00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8281
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.gstatic.com/charts/loader.js
142.250.74.35200 OK 20 kB URL HTTP/2 www.gstatic.com/charts/loader.js
IP 142.250.74.35:0
File type ASCII text, with very long lines (2134)
Hash f3341efa0432876b1697ccec98c33b01
55044e79afbe25d119b7b87dc7b5d1b3ec0c607a
6672904faeb4f203e0109279aa99d88f9e8690d2d696d80309ef50a974f88c77
GET /charts/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://159.203.175.68/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
access-control-allow-credentials: true
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gviz
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gviz"
report-to: {"group":"gviz","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gviz"}]}
content-length: 19937
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 12:11:02 GMT
expires: Sun, 29 Jan 2023 13:11:02 GMT
cache-control: public, max-age=3600
last-modified: Wed, 23 Jun 2021 18:41:30 GMT
content-type: text/javascript
age: 2001
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
159.203.175.68/crm/resources/helper.js
159.203.175.68200 OK 2.6 kB URL HTTP/1.1 159.203.175.68/crm/resources/helper.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash d4dada703832f6f98816848da646ab5c
0e60e1005f3e1202ecf0ce6e8e59689b52df1d52
20086084a939e9fb98fedf87e990980a31f48158da32a959c9d0ba020f38020a
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/helper.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 12 Jun 2015 00:16:30 GMT
ETag: "1fd1-51847050c7380-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2646
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/resources/Connector.js
159.203.175.68200 OK 1.3 kB URL HTTP/1.1 159.203.175.68/crm/resources/Connector.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2ae0983c7e28b4caef5ed36b324365df
368beb20d8d51c46a6920d688b13c660991dd0af
05bd37c929a8b5be40f332d627c87fd696576fe271fdb9f0c3acfde969a9dfff
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/Connector.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "1086-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1345
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/resources/ProgressIndicator.js
159.203.175.68200 OK 1.6 kB URL HTTP/1.1 159.203.175.68/crm/resources/ProgressIndicator.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash f4318dd263cbc6092c571928679676be
5c7e9e311d3fb3b9069a903ecb6d67064bb01062
9ed9c43b330aa092dfe76f665b607ad101faa2a561d32061c2ab62ea497a19a7
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/resources/ProgressIndicator.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 25 Apr 2014 05:07:32 GMT
ETag: "1548-4f7d6f1678d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1617
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/jquery.validationEngine.js
159.203.175.68200 OK 17 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/jquery.validationEngine.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (474), with CRLF line terminators
Hash 189cee65a514c2abc06480de305ec3d6
fecbada4ba4c5ee46c3fc7783381e3d4c46b3dd7
d8a0f0856a29a1183a8640359cd5e220a876840bbd92242434df1954fb2c479b
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/jquery.validationEngine.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "118fd-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17052
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8cf65fcdafa84b63cf7005fe57927fcb
3f7d163a96e7f00eb2de9828624ec46e22b4b40a
dfcf629cc49444f646f3a014014a91e36251b4b43655ce2e2eca55263dd196e3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 12:44:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.203.175.68/crm/libraries/guidersjs/guiders-1.2.6.js
159.203.175.68200 OK 4.8 kB URL HTTP/1.1 159.203.175.68/crm/libraries/guidersjs/guiders-1.2.6.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (466)
Hash f3c0762c969fc89c56079eb3d9686ee7
740e032066fc78f7df7d39c9ffeaee21c5128578
1aa3adb7dd32693becd6f87d2f07ac87d681a790cd581ca099d2a0ad3fd3d605
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/guidersjs/guiders-1.2.6.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "4120-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4786
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/datepicker/js/datepicker.js
159.203.175.68200 OK 6.7 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/datepicker/js/datepicker.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document, ASCII text, with very long lines (424), with CRLF line terminators
Hash 63af7eedf277f234c3366ddd8abe587f
1c3d8863dd9384659490395f9d45100e902bbb7c
b7e18679f50e44f591d57118f3ef11897cac5bd53b47cb467d522eebc88b5373
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/datepicker/js/datepicker.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "82f5-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6691
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/dangrossman-bootstrap-daterangepicker/date.js
159.203.175.68200 OK 8.8 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/dangrossman-bootstrap-daterangepicker/date.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (3433)
Hash 3bc798f4a369c6fe8d210965685289fe
2c141eba2f6759893031472d64613940350d9c5e
e0c83155230bf93d3c2c797e0156c7b445137be9efa0cb814f163f1925996e08
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/dangrossman-bootstrap-daterangepicker/date.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "779d-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 8778
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery.ba-outside-events.min.js
159.203.175.68200 OK 555 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.ba-outside-events.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (695)
Hash 36aee24f9660c73b80e4983795b6b291
60ba7dc15f4fb382caa866dbbffdbd694b192edd
d861c2bd2c77f79b585ef447f50c2b9135e742e28d6ae94248b028af3bde088c
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.ba-outside-events.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "3ac-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 555
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/jquery.placeholder.js
159.203.175.68200 OK 705 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/jquery.placeholder.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
Hash 4e7287adc11d67ee394e8bb11fe7c9ff
187edf90fa423e014d238fa224b50f7e14679908
bf96a40c5a7d684d59cf8728d6119df6176774f43ef2091b83b6e89b2875878d
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/jquery.placeholder.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Fri, 25 Apr 2014 05:07:32 GMT
ETag: "67c-4f7d6f1678d00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 705
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/languages/jquery.validationEngine-en.js?v=6.2.0
159.203.175.68200 OK 2.4 kB URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/languages/jquery.validationEngine-en.js?v=6.2.0
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1219), with CRLF line terminators
Hash 877ce073a17ec2fad68b80e89acb97c3
06536cb2aa04c59dd9eed71ce5b261e7bffc0e04
b95fd9ebbea345da23f965b31df844034db3ce0cb064284152e88b690c2b8eed
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/js/languages/jquery.validationEngine-en.js?v=6.2.0 HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 02 Oct 2013 19:36:18 GMT
ETag: "29d0-4e7c72ee35080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2429
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/bootstrap/js/less.min.js
159.203.175.68200 OK 15 kB URL HTTP/1.1 159.203.175.68/crm/libraries/bootstrap/js/less.min.js
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (32626)
Hash 441085bb7bca0f43658d82cffaf9adf2
38a77583035d3f3966e358b881dffcdbfa01e971
e2560bae4ae75174427e8afce8bd5de5e48858aee4ca556e90e524570fbf0b3e
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/bootstrap/js/less.min.js HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "b7ce-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15199
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/css/validationEngine.jquery.css
159.203.175.68200 OK 773 B URL HTTP/1.1 159.203.175.68/crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/css/validationEngine.jquery.css
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with CRLF line terminators
Hash 6f3e1db0de315a128119b2be219739b9
853bd472944f3c1d555bf37fce8555c26222572b
3c862cedd63eeff6574b86b45d75b6d552e65fb308aa1d819c5d9a6922c49073
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/libraries/jquery/posabsolute-jQuery-Validation-Engine/css/validationEngine.jquery.css HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 15:19:06 GMT
ETag: "cf6-4e16625ec4e80-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 773
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/css
159.203.175.68/crm/layouts/vlayout/skins/images/logo.png
159.203.175.68200 OK 9.6 kB URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/images/logo.png
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 198 x 73, 8-bit/color RGBA, non-interlaced\012- data
Hash da31ea97e6df5c7fa5783afde2ec56a8
4d755205c9c4bbd99405c3f87ac94e75e653ff7b
4aec1fbd89279c610aefc2b3ab246d8d6346ad06a7bf62de5ce8110ea918ea95
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/images/logo.png HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:43:59 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Wed, 24 Sep 2014 09:40:02 GMT
ETag: "25b1-503cc77d1c080"
Accept-Ranges: bytes
Content-Length: 9649
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
push.services.mozilla.com/
52.10.184.136101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.184.136:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: jzKhdsaV9nTIPnfMg5SuyQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: jw8jNQbtPfpDTppM6oCW6UMXgEU=
stats.vtiger.com/stats.php?uid=&v=6.2.0&type=U
104.26.4.174301 Moved Permanently 270 B URL HTTP/1.1 stats.vtiger.com/stats.php?uid=&v=6.2.0&type=U
IP 104.26.4.174:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash c535b368731d7f798a3d9526b2fdb774
f89a60176c636855d0eb8051de95098c4718b51b
374953ad3523787d58a8152aa3dabb32a670878217389cb2e0e0af4f943411a1
GET /stats.php?uid=&v=6.2.0&type=U HTTP/1.1
Host: stats.vtiger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/
HTTP/1.1 301 Moved Permanently
Date: Sun, 29 Jan 2023 12:44:24 GMT
Content-Type: text/html; charset=iso-8859-1
Transfer-Encoding: chunked
Connection: keep-alive
Location: https://stats.vtiger.com/stats.php?uid=&v=6.2.0&type=U
Vary: Accept-Encoding
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ks1AMU6ecLnTOOyTWWKEdxFi1Cv%2FNuK430uIN5EfIRJRcnPUUP3AAHqx9GvUb3znpw7k8z8O3UsV1KzaS9alkqPczc7u8fhBGE2XjG9S7ws4c1tldj0zgjBdX2Iv8GSbiHk%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 79120f1aff9fb51e-OSL
alt-svc: h2=":443"; ma=60
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
142.250.74.163200 OK 24 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://159.203.175.68
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 27 Jan 2023 02:09:29 GMT
Expires: Sat, 27 Jan 2024 02:09:29 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
Age: 210895
fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
142.250.74.163200 OK 23 kB URL HTTP/1.1 fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Hash de69cf9e514df447d1b0bb16f49d2457
2ac78601179c3a63ba3f3f3081556b12ddcaf655
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://159.203.175.68
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 25 Jan 2023 06:41:54 GMT
Expires: Thu, 25 Jan 2024 06:41:54 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
Age: 367350
159.203.175.68/crm/index.php
159.203.175.68302 Found 84 B URL HTTP/1.1 159.203.175.68/crm/index.php
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 80684d9b7c9fb00a47f040ee4340f364
b4e2dfbec53c90401bca3e2a797ac527ccb3fcd8
e35848fb76906f35713480bc6e642ece88422d4011284ef78d5d45ad127bfbff
Analyzer Verdict Alert quad9 Sinkholed
POST /crm/index.php HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
X-Requested-With: XMLHttpRequest
Content-Length: 185
Origin: http://159.203.175.68
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 302 Found
Date: Sun, 29 Jan 2023 12:44:00 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: index.php
Content-Length: 84
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: text/json; charset=UTF-8
e1.o.lencr.org/
95.101.11.115200 OK 346 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 078c146e68b26b302702065092eac791
34c337b64fd1a3ad9d4af38d218848f3436bf9ed
2e614e3e89d72319c82bc58ded23e01c09fd876f61daaf76f1a3501e30b83f15
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 346
ETag: "2E614E3E89D72319C82BC58DED23E01C09FD876F61DAAF76F1A3501E30B83F15"
Last-Modified: Sat, 28 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19074
Expires: Sun, 29 Jan 2023 18:02:18 GMT
Date: Sun, 29 Jan 2023 12:44:24 GMT
Connection: keep-alive
159.203.175.68/crm/index.php
159.203.175.68200 OK 2.0 kB URL HTTP/1.1 159.203.175.68/crm/index.php
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (5917)
Hash 24a35a13d21268fcbabecbb039fc40e5
077112753e36b9b88cb1d34f995d2e4d5c899882
fa85439f72691b69bdd3ec8023892bbe72116f38166a539ccc4efcd95b6e1544
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/index.php HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Referer: http://159.203.175.68/crm/index.php
Connection: keep-alive
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:44:00 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.21
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1953
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: text/html
stats.vtiger.com/stats.php?uid=&v=6.2.0&type=U
104.26.4.174200 OK 631 B URL HTTP/2 stats.vtiger.com/stats.php?uid=&v=6.2.0&type=U
IP 104.26.4.174:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 324ae198355405fb18c643639922418c
49615ba3f2e5ab8da053c6ccfe1f8594dd4a87ec
722a5b16228bda7256f28a1cb7973ecbe456728f2f22c4e9ed734d1361d1959f
GET /stats.php?uid=&v=6.2.0&type=U HTTP/1.1
Host: stats.vtiger.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://159.203.175.68/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 12:44:24 GMT
content-type: image/png
content-length: 631
last-modified: Fri, 31 Dec 2010 08:48:42 GMT
expires: Mon, 30 Jan 2023 12:44:24 GMT
cache-control: public
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E20i7EUDO3AUaESpvbg%2Fzvb2LEpb7nJmeN9NY%2B2Y51CYw602Es4n6yu%2FkOWDyESeWXAvrdEu5bs72eN11LINzqg9NgAJqM6e50X5o0R199r%2BPIgTMTI%2FnnWAuEgHQR6ViIo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 79120f1ddb33b50c-OSL
X-Firefox-Spdy: h2
159.203.175.68/crm/layouts/vlayout/skins/images/favicon.ico
159.203.175.68200 OK 1.7 kB URL HTTP/1.1 159.203.175.68/crm/layouts/vlayout/skins/images/favicon.ico
IP 159.203.175.68:0
ASN #14061 DIGITALOCEAN-ASN
File type MS Windows icon resource - 1 icon, 33x26 with PNG image data, 33 x 26, 8-bit/color RGBA, non-interlaced, 32 bits/pixel\012- data
Hash 9e0c1b2136ce8fbe423f8ad1ef052665
50030ac897e1491cd10a12fd1f8b2303fbbf8927
09bfde6858878d69096bb423dc50e73ee54409ef7557f399af865962841ca73c
Analyzer Verdict Alert quad9 Sinkholed
GET /crm/layouts/vlayout/skins/images/favicon.ico HTTP/1.1
Host: 159.203.175.68
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.203.175.68/crm/index.php
Cookie: PHPSESSID=4d43330163d66a0ea4441
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 12:44:00 GMT
Server: Apache/2.4.7 (Ubuntu)
Last-Modified: Sat, 13 Jul 2013 18:49:06 GMT
ETag: "688-4e16914f10c80"
Accept-Ranges: bytes
Content-Length: 1672
Keep-Alive: timeout=5, max=89
Connection: Keep-Alive
Content-Type: image/vnd.microsoft.icon
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12478
Expires: Sun, 29 Jan 2023 16:12:23 GMT
Date: Sun, 29 Jan 2023 12:44:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12478
Expires: Sun, 29 Jan 2023 16:12:23 GMT
Date: Sun, 29 Jan 2023 12:44:25 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash dfb84426fed94988d5c90372baff059c
f1c4740830034ff8a5759d59ae3f657ea524d083
d97efec67504b084ca6ff9e2af973b45b916f90aa021603e3615806bb2737b6a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D97EFEC67504B084CA6FF9E2AF973B45B916F90AA021603E3615806BB2737B6A"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12478
Expires: Sun, 29 Jan 2023 16:12:23 GMT
Date: Sun, 29 Jan 2023 12:44:25 GMT
Connection: keep-alive
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
188.114.98.234200 OK 16 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css
IP 188.114.98.234:0
File type ASCII text, with very long lines (23577)
Hash 3f408917430b5241b74d997a88ec6015
3d4c5364b193f9e2fdf96cdd743d00df17c63340
7dbebcc3397e10e14772e957b3da1e7466627b9a067c594a86650f6d64907c0c
GET /font-awesome/4.3.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.203.175.68/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 12:44:23 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: DE
cdn-edgestorageid: 632, 617, 617
last-modified: Mon, 25 Jan 2021 22:04:54 GMT
cdn-cachedat: 2021-06-08 21:08:57
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: e6a55b08fe5091f45c9e99ce9e9f98c2
cdn-status: 200
cdn-cache: HIT
cf-cache-status: HIT
age: 20437862
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 79120f189b64b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 57ff6665d99a17d06b75c8fe64c90ab3
05648eed6830a794aa7e30ba4da526ed4c45b0ca
728b809756a0faff1a55bb03f13f33e31518f321e50dd944a0267d585c09264c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdd9499d0-2a81-41ee-b328-0d82ea64b349.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: 8117f45b-926a-4cbe-b152-dae983bc3526
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOYdlG6XIAMF_vA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf3abd-7ce531f65f66ac3a73970841;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 01:56:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9qRYwsM8g7XZPY2E-9puCMAp7VKUvdIiK8jA0wr0XSpnMScoQYCwGw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:47 GMT
age: 53858
etag: "05648eed6830a794aa7e30ba4da526ed4c45b0ca"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: e6e0789c-a4a9-4ffa-a0ae-691770d1035b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPF9YEBmIAMF0kQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf8388-01d2093432d3959903671a69;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:06:48 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: awfNeaKbFw2bjiTGwUrwUTxU-qbVS2eTjn948H8kn1hy7pi_DwLMlQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 17:35:56 GMT
age: 68909
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4205d8106659e00fff1cbe9262918b8c
ab4f6528594a1725934727dc7d834c028a79c609
31f1a28602a194bd0856495d4d81d5c72cd7ff4e5bad6bdd1a31ec3041f4a2cc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5f0097a6-af00-4a1c-8faa-f9516e27b31a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4475
x-amzn-requestid: b7b272d6-3089-4f33-89b5-5cb388640e10
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fa_e6HsaIAMF5Lg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d445f8-1789f7f4264270916da323db;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 21:45:28 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 4jPbm4WufkUKm7ljLvpHrJUFhr-JQ_nl3iYfI5S8nTqEszFdUtz9EQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 05:24:09 GMT
etag: "ab4f6528594a1725934727dc7d834c028a79c609"
content-type: image/jpeg
age: 26416
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ed721e83648418f4a5d64f9d038fd1a
7a311c79e311448941a8d624c1064b1a2d97cfbd
b961e73aaba814eec66532ceeafad5191371fc762b05338990e8cc9c8ecfcbff
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2d2bbd93-ce5c-4300-9ac3-8ccdde169701.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6875
x-amzn-requestid: 5fb13e91-8750-4dd9-90a2-f1218ea6009b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fS9t2E0AoAMF_LA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d10ff2-22e819312302377c4bf698ff;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 11:18:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: QH_-DX5fiBhfS9MVH6pJi57mqFRRPSPf0iDbp_5BHE1jUqCZvvPesQ==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 21:46:21 GMT
age: 53884
etag: "7a311c79e311448941a8d624c1064b1a2d97cfbd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4c77437e3a7361861aed8bfecbfe6bd6
fefd238c13c0fdfb7d964c90fcc8a8cbbf953034
282d15c443cb6232ae0a30046a0dc24360617355a4651cdba59b11e6f7313d8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8d4cfe7c-2bbe-4efd-b73a-59ea603c332f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5594
x-amzn-requestid: d56c9b84-dc1f-4d5c-91bf-7db55058bf67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLyeEGOloAMFpzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce3126-5013a6b971d6800c5c85a4eb;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:03:02 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D2ZAelkDgsd0wjoOSoPRwTzhozs84_aIcgwU-QmbDrTnHztVD0VL_A==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 28 Jan 2023 14:57:16 GMT
age: 78429
etag: "fefd238c13c0fdfb7d964c90fcc8a8cbbf953034"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2