clt1600345.benchurl.com/
52.35.250.25 118 B IP 52.35.250.25:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash bad2e8579dcdb79399aac2064216a37d
7771e4d9c60e02ce2246b5d71bb23f92b9fb8a90
58bf2215b395dcac74c009aa98701854e43cbe54a1cd3a95fee6a647ca9910d4
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET / HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Server: awselb/2.0
Date: Wed, 06 Dec 2023 16:04:14 GMT
Content-Type: text/html
Content-Length: 118
Connection: keep-alive
clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
52.10.95.150200 OK 1.4 kB URL User Request GET HTTP/2 clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
IP 52.10.95.150:443
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 1199e47090cd4000b4bb12dace330ad8
55bf68d678560722a581ded8391dc8e118606dc7
7723c2f495d31457e7df21d0d52387610ed719f0d36d3e6edb43c5d1cfc4f2d0
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: awselb/2.0
date: Wed, 06 Dec 2023 16:04:14 GMT
content-type: text/html
content-length: 1449
X-Firefox-Spdy: h2
use.typekit.com/oai6wkl.js
23.36.76.186200 OK 6.7 kB URL GET HTTP/2 use.typekit.com/oai6wkl.js
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (2258)
Hash 341d5f7ee42ae3d9b3d54b68d5318ff6
509fc3b4f8469ce3ea90ca74ff407386bb47b8c5
ae8c31c790d8028094778b6eb6e77c780eb51d6c79030ebf816b06c90b104695
GET /oai6wkl.js HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: text/javascript;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: public, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 6734
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
clt1600345.benchurl.com/script/jquery-1.7.1.min.js
52.10.95.150200 OK 49 kB URL GET HTTP/2 clt1600345.benchurl.com/script/jquery-1.7.1.min.js
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (33076), with CRLF line terminators
Hash 42cf237d7b8d41da174502d8f4ddfcd2
92fdfa9e11d8ab103bb22047ebab12333631bcd8
7f4f6940064931390ca6686d8a593a3038e1a6f33bb4dc9d3ae612d9b2d799c3
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /script/jquery-1.7.1.min.js HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: application/javascript
content-length: 48981
content-encoding: gzip
last-modified: Fri, 28 Sep 2012 12:59:01 GMT
accept-ranges: bytes
etag: "8058bc7799dcd1:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
clt1600345.benchurl.com/css/header.css
52.10.95.150200 OK 13 kB URL GET HTTP/2 clt1600345.benchurl.com/css/header.css
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type Unicode text, UTF-8 text, with very long lines (419), with CRLF line terminators
Hash 96ff5db6547f62ab1273cba92d9c9eed
eb7442bb2f5f83966156bd288ea4953c4a7d5a4c
e2c4aab64c2c89ea7280cf53346f8fc9e051de8f8acf01e0d75d57217169db11
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/header.css HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: text/css
content-length: 13271
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 18:41:16 GMT
accept-ranges: bytes
etag: "06e3947261cd71:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
23.36.76.186200 OK 19 kB URL GET HTTP/2 use.typekit.com/af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 19056, version 1.0\012- data
Hash dddf341025f47901da49cc060730048c
83dc9cee8403778310f2fb5bd0e675192ddddf21
3b361d49881277ab3b92b0d7edc9f781f8f8ccb6738487b927140fee462aec1d
GET /af/8c5f68/00000000000000003b9ad1b1/27/l?subset_id=2&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19056
etag: "518c5f781d51642b3cf2290d365b9b8257de6e1f"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
23.36.76.186200 OK 19 kB URL GET HTTP/2 use.typekit.com/af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 18692, version 1.0\012- data
Hash 39f53d4a2d3741ca8ae973750256c214
cc904f0c5a3e1a9530798207091ea974155b4c1c
f1c1ae1a41ae40e40b10aa9c031ae6850548fe43a736725051753aa6c411668d
GET /af/b4e997/00000000000000003b9ad1bb/27/l?subset_id=2&fvd=n6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18692
etag: "80987524f2c82c2a36d727971941de8401d3f316"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
23.36.76.186200 OK 20 kB URL GET HTTP/2 use.typekit.com/af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 19524, version 1.0\012- data
Hash fcb5c1dd5b07e3786979f619d8af41eb
8142eae602abd9abb15f886673773480082cb2ed
12f57218818734d0c49ab72316a2b415d984f309d217c8d79bed4ed0a0eca1af
GET /af/dcab3a/00000000000000003b9ad1b2/27/l?subset_id=2&fvd=i7&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19524
etag: "c85de2b0c8d27e8ecb10964d9c709a0e5397550c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
23.36.76.186200 OK 18 kB URL GET HTTP/2 use.typekit.com/af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 18504, version 1.0\012- data
Hash 5cf4886debc81650fb7f6d93f03a503f
06e254aa32bcf2b5aa8bf1cea25568da56cf0495
e0ed483bba0a14e9fe3b33939500515282721fedb70a8ebad014233c02df57c2
GET /af/aa8afb/00000000000000003b9ad1b9/27/l?subset_id=2&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 18504
etag: "f9e85be3f0c8dcdcbd6f0a8471a46280ab7bf664"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
23.36.76.186200 OK 19 kB URL GET HTTP/2 use.typekit.com/af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 19048, version 1.0\012- data
Hash c58007eb95f4647b0fec64ff9429d800
252e0416e4b297e09b4d9244efa79cd9a3c72d43
1d4797f8814994226060d66485b71446067211dbdf5d1799c437c3ee63258d21
GET /af/3b47e3/00000000000000003b9ad1bc/27/l?subset_id=2&fvd=i6&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19048
etag: "131c73b236b0a451c55436b26d3b7857d5a10680"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
23.36.76.186200 OK 19 kB URL GET HTTP/2 use.typekit.com/af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3
IP 23.36.76.186:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), CFF, length 19188, version 1.0\012- data
Hash 2052aabaa0038dd2e272016311a0e54b
fddfd48f49a13dee5e2f311d412ce837fdbe6faa
6d52e211ba98d5b5348088d0a9a42b3bc015f6f4ab8bee236f702cd09ba72b9d
GET /af/9cba47/00000000000000003b9ad1ba/27/l?subset_id=2&fvd=i4&v=3 HTTP/1.1
Host: use.typekit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://clt1600345.benchurl.com
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 19188
etag: "8887aa07a5e31ddeba60d1317cef52532c1e4862"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
clt1600345.benchurl.com/images/apple-icon-touch.png
52.10.95.150200 OK 4.0 kB URL GET HTTP/2 clt1600345.benchurl.com/images/apple-icon-touch.png
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type PNG image data, 120 x 120, 8-bit colormap, non-interlaced\012- data
Hash 8af45137d382b5063c8768af7526cf62
7cbff95a75254816d988a6867eb18b3af8b3f7f5
e51cd97d39afb1437022f77609690597d7c593c8e90517a296f85f6055b44e2d
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/apple-icon-touch.png HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: image/png
content-length: 3973
last-modified: Fri, 24 Mar 2017 22:54:46 GMT
accept-ranges: bytes
etag: "497472a2f1a4d21:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
clt1600345.benchurl.com/images/favicon.png
52.10.95.150200 OK 1.1 kB URL GET HTTP/2 clt1600345.benchurl.com/images/favicon.png
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type PNG image data, 32 x 32, 8-bit colormap, non-interlaced\012- data
Hash 98afef26b0752d4e1c796cd7e224d300
26e39cc4862b2955012e3912d1749392969f80e0
56339793ef6148fdf17378abccd5ac5b1714e3eb639a272919e3c34272d5da41
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /images/favicon.png HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: image/png
content-length: 1077
last-modified: Mon, 04 Feb 2019 16:12:19 GMT
accept-ranges: bytes
etag: "57dda267a4bcd41:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2
52.10.95.150200 OK 26 kB URL GET HTTP/2 clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 26116, version 7.0\012- data
Hash a3f4bf30367a861f8a16f8c3a9029720
fc2b32c0f6c90e3119dd5e68dd86b062dcbc142a
6953e91532c8a4027421f3ec28b38ff4a2d03a7ab9f60a0a686a0eecbc0cf3e9
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/fonts/MessinaSans/MessinaSansWeb-Regular.woff2 HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/css/header.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: application/font-woff2
content-length: 26116
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=clt1600345.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701878661871
23.36.76.184200 OK 35 B URL GET HTTP/2 p.typekit.net/p.gif?s=1&k=oai6wkl&ht=tk&h=clt1600345.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701878661871
IP 23.36.76.184:443
ASN #20940 Akamai International B.V.
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerDigiCert Inc
Subjectuse.typekit.net
Fingerprint42:82:CA:A5:EA:30:8F:60:60:37:2D:24:17:3D:52:62:54:D7:03:5B
ValidityThu, 21 Sep 2023 00:00:00 GMT - Mon, 21 Oct 2024 23:59:59 GMT
File type GIF image data, version 89a, 1 x 1\012- data
Hash 81144d75b3e69e9aa2fa3e9d83a64d03
f0fbc60b50edf5b2a0b76e0aa0537b76bf346ffc
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
GET /p.gif?s=1&k=oai6wkl&ht=tk&h=clt1600345.benchurl.com&f=139.140.173.174.175.176&a=536444&js=1.21.0&app=typekit&e=js&_=1701878661871 HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 35
last-modified: Sun, 15 Oct 2023 12:43:11 GMT
etag: "652bde5f-23"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Wed, 06 Dec 2023 16:04:15 GMT
X-Firefox-Spdy: h2
clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2
52.10.95.150200 OK 26 kB URL GET HTTP/2 clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 26268, version 7.0\012- data
Hash 19ebcf5625bb72dc4ab22f9190b17a5a
c7fd59a75bafab683587ecd2829662a137e88d93
da4b872cba131f9b516b0f3512a1799358568c7961df90d134ffe6aa10c4b5d2
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/fonts/MessinaSans/MessinaSansWeb-Bold.woff2 HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/css/header.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: application/font-woff2
content-length: 26268
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2
clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2
52.10.95.150200 OK 26 kB URL GET HTTP/2 clt1600345.benchurl.com/css/fonts/MessinaSans/MessinaSansWeb-Light.woff2
IP 52.10.95.150:443
Requested by https://clt1600345.benchurl.com/c/opt?e=174D6F7&c=186B59&l=D5128B33&email=KzD2Xi0s6ANYUyHOXT4pdpnNPv4YQPNifMGPOVnZMlE=&relid=AFA137D/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en/c/confirmed?t=&language=en
Certificate IssuerAmazon
Subject*.benchurl.com
Fingerprint7C:D9:3C:7C:A4:2C:9F:A1:B2:F1:6A:53:C3:CD:E6:A8:C1:F0:09:78
ValiditySat, 16 Sep 2023 00:00:00 GMT - Sun, 13 Oct 2024 23:59:59 GMT
File type Web Open Font Format (Version 2), TrueType, length 26048, version 7.0\012- data
Hash cf5f99a932802c3db892dc004bb7e48a
00801d6a023a2cb6bf03dfe0513d8b6721efb682
5b70004d9d7b33848a564f72ba6e3caf9d409594e59e79426733e2d6167c48ac
Analyzer Verdict Alert Quad9 DNS malicious Sinkholed
GET /css/fonts/MessinaSans/MessinaSansWeb-Light.woff2 HTTP/1.1
Host: clt1600345.benchurl.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
DNT: 1
Connection: keep-alive
Referer: https://clt1600345.benchurl.com/css/header.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 06 Dec 2023 16:04:15 GMT
content-type: application/font-woff2
content-length: 26048
last-modified: Wed, 21 Mar 2018 23:21:12 GMT
accept-ranges: bytes
etag: "0e4ea4c6bc1d31:0"
server: Microsoft-IIS/10.0
x-xss-protection: 0
X-Firefox-Spdy: h2