r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17552
Expires: Mon, 09 Jan 2023 08:39:45 GMT
Date: Mon, 09 Jan 2023 03:47:13 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14608
Expires: Mon, 09 Jan 2023 07:50:41 GMT
Date: Mon, 09 Jan 2023 03:47:13 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 03:41:36 GMT
content-type: application/json
age: 337
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20607
Expires: Mon, 09 Jan 2023 09:30:40 GMT
Date: Mon, 09 Jan 2023 03:47:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: mf0e+j2PfH9WhckmClVXmrXhvpPZKYeW1Fire8awmSonve23esCabV1/Mtv0cGaAZN3DTpq5evxtK7DU6RVlfQ==
x-amz-request-id: C1F5VSB88GB2QRZK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 03:16:02 GMT
age: 1871
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
df1bto5vlbdx3ai.xyz/
216.18.208.202200 OK 168 B IP 216.18.208.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:13 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 03:47:13 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
df1bto5vlbdx3ai.xyz/favicon.ico
216.18.208.202200 OK 168 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/favicon.ico
IP 216.18.208.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:13 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 09 Jan 2023 03:17:21 GMT
age: 1792
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1985
Cache-Control: max-age=107562
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:47:13 GMT
Etag: "63ba87aa-1d7"
Expires: Tue, 10 Jan 2023 09:39:55 GMT
Last-Modified: Sun, 08 Jan 2023 09:06:50 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
df1bto5vlbdx3ai.xyz/?type=really
216.18.208.202200 OK 17 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/?type=really
IP 216.18.208.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (390)
Hash 9ca4651f038fb84693e350ac734e8a29
e0622adc3a493185ef5f9cdac75266a93cb4baba
6aa976e91ad5c941a59d23a9688c09cdba7427938e30a7482f47f2e188a856c8
Analyzer Verdict Alert quad9 Sinkholed
GET /?type=really HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:13 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 17387
Content-Type: text/html; charset=utf-8
push.services.mozilla.com/
52.43.58.150101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.58.150:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 1efsxguc/k/QeDVtaYnx2Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: yQ27oNGMAssxASm/yWId6I4Djss=
df1bto5vlbdx3ai.xyz/index_files/js
216.18.208.202200 OK 168 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/js
IP 216.18.208.202:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash b7949a2c2cec5d0fc76270710f132d4e
a51a1a70d14193182bc1cca339efbf805da63a34
0de73e0545467494dda68a11a3203376a2653991d9b4ec3d0376175f23802a21
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/js HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 168
Content-Type: text/html; charset=UTF-8
df1bto5vlbdx3ai.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BC%89
216.18.208.202200 OK 557 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/prognroll.js.%E4%B8%8B%E8%BC%89
IP 216.18.208.202:0
File type ASCII text, with very long lines (417)
Hash 4862866b401f9794fd0cbdb53a94260b
d86c74fbced410a8e4ffeb85930b4ea03db79ee1
1527a1f1af051bd5dd8f052d582072fd611bfe1bc79310f0aa6aad30050d15ee
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/prognroll.js.%E4%B8%8B%E8%BC%89 HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:48:00 GMT
ETag: "5e6-5ed829aab4400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 557
Content-Type: application/javascript
df1bto5vlbdx3ai.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BC%89
216.18.208.202200 OK 4.4 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/dr-dtime.min.js.%E4%B8%8B%E8%BC%89
IP 216.18.208.202:0
File type Unicode text, UTF-8 text, with very long lines (9616), with CRLF line terminators
Hash 3441a02aafe56d944a09fcbfaf6c9ce2
b54d2cba99626938227bc3cb7fb436ceda75875a
f6a3d7d660a7e24b3790503ec49d95aca17eeaaa29b81fed7ee5782a4b55145d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/dr-dtime.min.js.%E4%B8%8B%E8%BC%89 HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:31 GMT
ETag: "2b76-5ed8298f0c2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4376
Content-Type: application/javascript
df1bto5vlbdx3ai.xyz/index_files/css2
216.18.208.202200 OK 615 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/css2
IP 216.18.208.202:0
Hash 59558a6c9f4a960ae266991a42fd8e65
851c4418443f62bba0ac66422c7f241e85c99adf
9e01a752e68c29866c179331921b4947203dd52672e01a314d51895f1a0f39b9
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/css2 HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:31 GMT
ETag: "118e-5ed8298f0c2c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 615
df1bto5vlbdx3ai.xyz/index_files/index_files_index.css
216.18.208.202200 OK 4.5 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_index.css
IP 216.18.208.202:0
File type ASCII text, with very long lines (1029), with CRLF line terminators
Hash 72661697f04f259b0a8e212c4f22446c
0f49d8c928e7659e79393e0d7885e2d01d6d6cc7
3174c41fa23ab1cffe3a1d5e54f126f6bb6b930406bf0abdf64a206a74d8dbc1
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_index.css HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:53 GMT
ETag: "6971-5ed829a407440-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4476
Content-Type: text/css
df1bto5vlbdx3ai.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BC%89
216.18.208.202200 OK 31 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/jquery.min.js.%E4%B8%8B%E8%BC%89
IP 216.18.208.202:0
File type ASCII text, with very long lines (65451)
Hash c65598a79e692c79f732ea0b099f9da7
5459de784144478c4a5088437bf5da4690dbae5f
653cc57da3a15e7ba824119d448c287f3c1a9a0afb400970ed3658d48765984a
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/jquery.min.js.%E4%B8%8B%E8%BC%89 HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:56 GMT
ETag: "15851-5ed829a6e3b00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30677
Content-Type: application/javascript
df1bto5vlbdx3ai.xyz/index_files/index_files_template.css
216.18.208.202200 OK 13 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_template.css
IP 216.18.208.202:0
File type Unicode text, UTF-8 text, with very long lines (9743), with CRLF line terminators
Hash bf2e840774d604a3b9556df1bccd1829
defa354cfc8108da19577ddcccd1d07f6934fd1a
5ec1f1d6153cadd1bfb495c48fe5c556ef28f759a10c27425a19daf99640e6e8
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_template.css HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:55 GMT
ETag: "6d81-5ed829a5ef8c0-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 12780
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:47:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:47:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
142.250.74.35200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 23948, version 1.0\012- data
Hash aeb92e524ca62170347fa63974605767
1e10bfbd720481e42035a5469d7ce8fc51d34aab
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
GET /s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://df1bto5vlbdx3ai.xyz
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23948
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 21:35:39 GMT
expires: Tue, 02 Jan 2024 21:35:39 GMT
cache-control: public, max-age=31536000
age: 540695
last-modified: Mon, 09 May 2022 19:47:44 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
142.250.74.35200 OK 28 kB URL HTTP/2 fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 27456, version 1.0\012- data
Hash 80becb8b7638756b35eebf31518f8904
ba154f44545a98796887a9b5cfd84d765d3d0c05
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
GET /s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://df1bto5vlbdx3ai.xyz
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 02 Jan 2023 21:36:25 GMT
expires: Tue, 02 Jan 2024 21:36:25 GMT
cache-control: public, max-age=31536000
age: 540649
last-modified: Mon, 09 May 2022 20:10:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 03:47:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
readed-staistiny.com/d/.js?oref=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F&ourl=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F%3Ftype%3Dreally&opt=Scientific%20Institute%20of%20Dietetics&t=1673236021939
18.193.146.82400 Bad Request 152 B URL HTTP/2 readed-staistiny.com/d/.js?oref=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F&ourl=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F%3Ftype%3Dreally&opt=Scientific%20Institute%20of%20Dietetics&t=1673236021939
IP 18.193.146.82:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash d9bacc468aa23334526933389545e120
e26288b4bada404ce340ca72989f9f1193dc649c
0605685efb44dd3decd77517436c575731b61f807247587de67080c579ffa2d4
GET /d/.js?oref=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F&ourl=http%3A%2F%2Fdf1bto5vlbdx3ai.xyz%2F%3Ftype%3Dreally&opt=Scientific%20Institute%20of%20Dietetics&t=1673236021939 HTTP/1.1
Host: readed-staistiny.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 400 Bad Request
server: nginx
date: Mon, 09 Jan 2023 03:47:14 GMT
content-type: text/html
content-length: 152
cache-control: no-store, no-cache, pre-check=0, post-check=0
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
X-Firefox-Spdy: h2
df1bto5vlbdx3ai.xyz/index_files/index_files_231dlaxtgy.jpg
216.18.208.202200 OK 3.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_231dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 92x92, components 3\012- data
Hash 734bf4295477afcbb0982fef1e90afdd
f83dff59190b8ec26470d4b27813d2e38778e74f
157edd4fa7f3a885ebe03f7910b3fc2f986b40d84ebd06b88630d302e69171ee
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_231dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:37 GMT
ETag: "c6a-5ed82994c5040"
Accept-Ranges: bytes
Content-Length: 3178
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_27dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_27dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 1f2d11ee3f9f8147c2cf67432bf7a9eb
32bb52e088899b6132a6e9be922b2600a2103e66
681c6ff2b6eb2eca0c65be642f57780724c9432126f7f5a817191ac72c52a3e7
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_27dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:38 GMT
ETag: "4e4-5ed82995b9280"
Accept-Ranges: bytes
Content-Length: 1252
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_24dlaxtgy.jpg
216.18.208.202200 OK 1.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_24dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 0e3c8ba05e970e05d03004f746f46c76
217a534c7915e05d64aa1453bc2e393bde9c4dba
48a404220987be6ca1d0c27f2515ef7744aed424bc18e61fb2fa3b21a537f637
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_24dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:37 GMT
ETag: "4a6-5ed82994c5040"
Accept-Ranges: bytes
Content-Length: 1190
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_komment7dlaxtgy.jpg
216.18.208.202200 OK 929 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_komment7dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 4357bdae640f3aba33bb1ef2fd007e7f
50f7869b68cd28d1b53b272d9207a49c1217ef7b
f7a70ee80dcca7200a5856c185a3f995911683824f1680ccee7710b4f287ac42
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_komment7dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:53 GMT
ETag: "3a1-5ed829a407440"
Accept-Ranges: bytes
Content-Length: 929
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/burger.png
216.18.208.202200 OK 150 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/burger.png
IP 216.18.208.202:0
File type PNG image data, 24 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 6b4839cb1a76172902eaac1cd8be30b2
e7777371d5289e70d746366f2eda4775e4487386
ab2072ca38e46cfdb5304ed7a2f5add4f22fe31ad16b427cf35dd77b718fff3c
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/burger.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:30 GMT
ETag: "96-5ed8298e18080"
Accept-Ranges: bytes
Content-Length: 150
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/sec.png
216.18.208.202200 OK 1.4 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/sec.png
IP 216.18.208.202:0
File type PNG image data, 165 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash b1817ec508b3c6a5cdfbf77563e904b5
e75956eb7d92730f4865320ab7219ff092f1358b
4a7f8ad01ca5771ddc9c3ee9c9ae3a156c0c1f9d57a558a05927879286907243
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/sec.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:48:00 GMT
ETag: "586-5ed829aab4400"
Accept-Ranges: bytes
Content-Length: 1414
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/index_files_ob35dlaxtgy.jpg
216.18.208.202200 OK 70 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_ob35dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x389, components 3\012- data
Hash 655cd367a14b363a19ab960cc099bb39
c9cdce68815c123a4455662ccd2aaa2d3206530a
93c11e98334c6832fff1eba77d56997e63a0c356632321ddf6834a6bc61d86b7
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_ob35dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:54 GMT
ETag: "11199-5ed829a4fb680"
Accept-Ranges: bytes
Content-Length: 70041
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_25dlaxtgy.jpg
216.18.208.202200 OK 50 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_25dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 605x401, components 3\012- data
Hash 8dc9a948571589fbf93aa1b3608647ae
bed9661afceea64f189ca647179771595c419a2d
16c2428b0ec5512de4eb9585dea91e9f76431c81de1e55e28845c904d18fe690
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_25dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:14 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:38 GMT
ETag: "c279-5ed82995b9280"
Accept-Ranges: bytes
Content-Length: 49785
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/mic1.jpg
216.18.208.202200 OK 67 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/mic1.jpg
IP 216.18.208.202:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x700, components 3\012- data
Hash ec40385053210ad3b736da7873b50ac9
3e0bee3a50fe2188c7c9296557c2296d498a8c79
0cba46590ff65d959d1d5312e138ffa409d3e08f1452888f1b17978c084fbdd3
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/mic1.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:57 GMT
ETag: "1045b-5ed829a7d7d40"
Accept-Ranges: bytes
Content-Length: 66651
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_top1dlaxtgy.jpg
216.18.208.202200 OK 66 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_top1dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1180x680, components 3\012- data
Hash da9411a7daf9c540ad38fc1c23f1e837
a5ad9496ef3ed20b229106bbb653b0120aa2d58d
8ae6e3c4b72b5f285487f538aceaa7d0a89ab3173e05699cfcd26ffd36ebb050
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_top1dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:56 GMT
ETag: "1021f-5ed829a6e3b00"
Accept-Ranges: bytes
Content-Length: 66079
Content-Type: image/jpeg
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:47:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:47:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:47:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:47:15 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 11aea3c23fce2f77cadf7a551f4e8b17
4963aafedcf3fc5f28f1b4a6b0212abfd5526702
d2ada7d592878b58921cd0568efa62abefd7423d40bec16133886e2c67a791b3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D2ADA7D592878B58921CD0568EFA62ABEFD7423D40BEC16133886E2C67A791B3"
Last-Modified: Fri, 06 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12962
Expires: Mon, 09 Jan 2023 07:23:17 GMT
Date: Mon, 09 Jan 2023 03:47:15 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda43bc0d-0825-4748-8f7d-b54ad2bca423.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda43bc0d-0825-4748-8f7d-b54ad2bca423.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3984d65cb560a59f1de5cf9262a72e6
13b0d566380fcd714eb763b8ab1684ccfde427ad
196e4971eb72d9927bc079c21096753ed389b1b3716fb928f6d05edbaea567ba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fda43bc0d-0825-4748-8f7d-b54ad2bca423.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9717
x-amzn-requestid: 7b3644e9-418f-47be-bb44-0b5ac8bbf05a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd9MG5zoAMFS2A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676ba-79ea0f641de7664042c65402;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:30 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xN4vn0Mx5Z1Gzrr0OCbZ3nSL0LZ_U2LMBMEPMKA3UEJrRxzFtBcx3g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 07:18:13 GMT
age: 73742
etag: "13b0d566380fcd714eb763b8ab1684ccfde427ad"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ee0100ded5c40b35292c57e0cde4d423
eafacf389372d4cc059d0fb7fb3e1fccf506d69b
7a2dab5cd0a5a6e96f22771ac84b86df910036186ddb7521dcc41dc82125b272
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7aedb000-bce4-4515-80dc-28bbfbf2801b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4842
x-amzn-requestid: ff29171f-d040-479e-a4c7-d19b8bee76fd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8EexoAMFdHw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-04e89f5b50e2dfba7c13b3b6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VrcHN8FYhIPxGifDE34G4Q2kj6dx5dZBap4lkVHDcogkKVF85bsv3Q==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:41:18 GMT
age: 357
etag: "eafacf389372d4cc059d0fb7fb3e1fccf506d69b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
34.120.237.76200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa9ed964b2f5f08ec571b525992f1566
9de0dfe9d1018726f1504b26964629f419700a49
d75747ac8726cbbe7583c48c2522cecc0c3ed6a0fa3694513c694876847b5944
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca7956cf-b613-4307-88cb-8cc1a3fda11c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9594
x-amzn-requestid: 7844d69e-b683-47ed-8ad8-a26f67916de1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eJ4BbFjnIAMFhSA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b3d3a2-6da6fede0b33969b774aab38;Sampled=0
x-amzn-remapped-date: Tue, 03 Jan 2023 07:05:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1h_UiB89mG6qQdHyosgLG4MYT3KBOyDxLsBCuKuK7smmTWAiEsncxw==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 08:43:20 GMT
age: 68635
etag: "9de0dfe9d1018726f1504b26964629f419700a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a23d61d610c7b55d943fcb2636a01b65
82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065
28bf3039cc8c1213e64893c71bc150eda573223feb2cc15ad0814a44960d434a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F33bbc100-e509-4a4f-8b98-1d44a52a7a3c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9539
x-amzn-requestid: 9f388939-cfb7-432e-a921-e9188736bb45
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTw5QGZ6oAMFxQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c83b-4f9d5bfc30e5ee126333d54e;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:05:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wAgalvw3qNlWJt6Lw_jVbpTzh9OSvLB9u58IGEBT_unCOwWAXHvx7g==
via: 1.1 1f6e68152880a39d72e6bf2996cd6a60.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 23:14:00 GMT
age: 16395
etag: "82c4c5170c7b586c2a7a1f2d2d5c9ff0219af065"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a287e312b7ea41cf63badb369b85158b
65763688f4b00b498d0e70151a09d4ebb14e2b33
a9dc69148414c0794cfb5b576b5cf74221c465e8dccbe9da71b40521e8cff129
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fba1a2529-b52c-4956-93ad-e18515541dfa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7226
x-amzn-requestid: 5b7b8eb4-7a80-4a00-b693-d624ed174108
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eZ0WsHvZIAMF34Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ba342a-19e87b9b175b436e72df3fd9;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 03:10:34 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: SN-7M5K3nkGxyLSGXyHkbvhxDhSvzcir6hL46Tvi__SWLgOyWflwcg==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:34:32 GMT
age: 763
etag: "65763688f4b00b498d0e70151a09d4ebb14e2b33"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23b87f42d40f3cc7bc9f46964e83d787
400474fb7b7d241935f5a5745281e6d95902581c
5a2818d70f4304bb2ed26ad0fe1658bc130aff43e11c60e0abac8be6e51836c7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f2b50a0-7eb4-4513-84d9-bef528bd99f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8284
x-amzn-requestid: 63848f4b-7540-4a5f-bfe4-f4d7d19f6450
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecZPxFWUoAMF3hw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb3bfe-11b47e784b3d329e4d698137;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:56:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: ruMyNWcLKGt-fDCBxTx5ofenbzXNBv48Y0U1GPwhDWDrwm-njm1lGA==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:36:09 GMT
age: 666
etag: "400474fb7b7d241935f5a5745281e6d95902581c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
df1bto5vlbdx3ai.xyz/index_files/pri4.jpeg
216.18.208.202200 OK 91 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/pri4.jpeg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 730x548, components 3\012- data
Hash 0e1aec37857c58dfd5b2116046c05d9d
d730362fece9d511126a712e7631aa9ddc2b521c
84417a4ca8438f602f8df03799d3c526aa84230a862f891f2e4107ac135e6285
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/pri4.jpeg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:59 GMT
ETag: "164bf-5ed829a9c01c0"
Accept-Ranges: bytes
Content-Length: 91327
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_img1dlaxtgy.jpg
216.18.208.202200 OK 54 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_img1dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x363, components 3\012- data
Hash 04fb0128d94ee7ec73356d6d5fe81db5
1b8e0ebf5d3ade5d683635e4f7ec7b4c09f9970c
b39ba7f7113856ddc5792bedb6aec00fa5d8da843a667f8028c2836b02662783
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_img1dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:50 GMT
ETag: "d4e5-5ed829a12ad80"
Accept-Ranges: bytes
Content-Length: 54501
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/pri3.jpeg
216.18.208.202200 OK 76 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/pri3.jpeg
IP 216.18.208.202:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 679x487, components 3\012- data
Hash fe61f839012d79e536bd0284d6114140
a364f61b3a36901b78985555b5d0c8133d2cd850
ffb37f12b1a172b681f5a0054d35f08c682ef91e86ca3242d981210e319888d1
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/pri3.jpeg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:58 GMT
ETag: "12905-5ed829a8cbf80"
Accept-Ranges: bytes
Content-Length: 76037
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/loss34.jpeg
216.18.208.202200 OK 49 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/loss34.jpeg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 730x548, components 3\012- data
Hash c2af2b89060b25e9b45ebe360540f27b
68f67ac14b017928f71ab120311e7242e5b6b2cb
aaff85f2a6faa2defa0c065467bdb417b177a2296a9b999dd57d3845f1a3507d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /index_files/loss34.jpeg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:57 GMT
ETag: "bf44-5ed829a7d7d40"
Accept-Ranges: bytes
Content-Length: 48964
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_img2dlaxtgy.jpg
216.18.208.202200 OK 26 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_img2dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 604x292, components 3\012- data
Hash 2a92eb2fb651d2ecc2036cc6cb5f54d6
152bfae160f58f5646b8e6ebfca69c611ee04852
40f3b3dff8933315cb0119ab982934ac64f57d159677cf999ab6eeb8ed526e24
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_img2dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:50 GMT
ETag: "6708-5ed829a12ad80"
Accept-Ranges: bytes
Content-Length: 26376
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/checkmark-green-sm.png
216.18.208.202200 OK 800 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/checkmark-green-sm.png
IP 216.18.208.202:0
File type PNG image data, 18 x 20, 8-bit colormap, non-interlaced\012- data
Hash c5b46ecb67a9fce24781bd440ef0d49d
396dc2ab6927d56b4da1a96eaa200f7903ecf47c
bb87f9a8baf68a3ca10734f83ae49269140adce6f405ac9c3391b58950557a1f
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/checkmark-green-sm.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:30 GMT
ETag: "320-5ed8298e18080"
Accept-Ranges: bytes
Content-Length: 800
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/index_files_img3dlaxtgy.jpg
216.18.208.202200 OK 55 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_img3dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x513, components 3\012- data
Hash f50509afafbce629664bb8f8f0c7e8fd
adc09e246a76b8c5ea4b4570d2785965455c0ad6
d7907c6010df19a0876c743a8167426ddcfb1f5089b88dda16189a898aa438b7
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_img3dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:51 GMT
ETag: "d6f3-5ed829a21efc0"
Accept-Ranges: bytes
Content-Length: 55027
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/100-guarantee-seal-1_2.png
216.18.208.202200 OK 8.4 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/100-guarantee-seal-1_2.png
IP 216.18.208.202:0
File type PNG image data, 150 x 132, 8-bit colormap, non-interlaced\012- data
Hash 65a9fb2ab38e8b753b02e080ad9cf604
5c0c099220723b5ddb8c2e025bc1f7c655d17996
c933753f362af10c379a78ded6587bf009cff81745f17b5497d9655b55d75d3c
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/100-guarantee-seal-1_2.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:29 GMT
ETag: "20fd-5ed8298d23e40"
Accept-Ranges: bytes
Content-Length: 8445
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/index_files_doc-kz2-1dlaxtgy.jpg
216.18.208.202200 OK 26 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_doc-kz2-1dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 559x440, components 3\012- data
Hash 78003ab2c0fbe2cf5394f941e2957447
01e16cecc9fd76d646fec172b23f46c506939805
a0a367bd3975d3f2b3d35175b0d58468c2657a13f6ff7dfadf58831b127d3cf9
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_doc-kz2-1dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:49 GMT
ETag: "64d7-5ed829a036b40"
Accept-Ranges: bytes
Content-Length: 25815
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_ob372dlaxtgy.jpg
216.18.208.202200 OK 35 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_ob372dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 550x384, components 3\012- data
Hash 999bcead0b31a054ec84d75543a326f5
1ef6772dd45a4df20606dc4d1bdf80a117fc55ad
67e1602b3f9e30b97ba37fbcc459e48e830b742f3cc257004d74e897ee417495
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_ob372dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:54 GMT
ETag: "899b-5ed829a4fb680"
Accept-Ranges: bytes
Content-Length: 35227
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/product.png
216.18.208.202200 OK 50 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/product.png
IP 216.18.208.202:0
File type PNG image data, 787 x 550, 8-bit colormap, non-interlaced\012- data
Hash 0393a6114375b017f38f4010c5a39cbc
195c6918d40c7be9fc474d5b32950b01c46e574e
e485dbc76805326fcda5bf2aeef202400fb8be98101389b8c865d3d3e0735028
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/product.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:15 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:59 GMT
ETag: "c44b-5ed829a9c01c0"
Accept-Ranges: bytes
Content-Length: 50251
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/index_files_img8dlaxtgy.jpg
216.18.208.202200 OK 21 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_img8dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 504x244, components 3\012- data
Hash 2dfc44344b619478aed5136afee552fe
a9e0252dee8066de39bc6092b5276d0eb7e20d6d
fc927ec6d6628c7cc75438adbe90cf4b669b590123d1d428d93a3e7a21acee80
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_img8dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:52 GMT
ETag: "5366-5ed829a313200"
Accept-Ranges: bytes
Content-Length: 21350
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_21dlaxtgy.jpg
216.18.208.202200 OK 38 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_21dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 487x454, components 3\012- data
Hash 496d7bff15f800cd27d114619bd2a100
23011c142a6666efbde9df984f402f72acd28475
bf10accdb2860db2af7566fe58cb21ccb5e14b13b43b52260dd615ddbbddda8c
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_21dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:35 GMT
ETag: "954f-5ed82992dcbc0"
Accept-Ranges: bytes
Content-Length: 38223
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_107dlaxtgy.jpg
216.18.208.202200 OK 28 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_107dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x500, components 3\012- data
Hash a452700876136a29e21bd4e153e3f3b7
ef770c7a8454d9eb0192ccf330f374b02adc2bc9
af29fd1747f817f6550a28055116ec49155139fa0c269cae7c17524df75d4778
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_107dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:32 GMT
ETag: "6c56-5ed8299000500"
Accept-Ranges: bytes
Content-Length: 27734
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_img9dlaxtgy.jpg
216.18.208.202200 OK 67 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_img9dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 606x673, components 3\012- data
Hash 5e0c27c9b8231cbd28d6a29217337c3c
84bee19d7da24a07247368810c12e6d36eb45122
777ba79b52a6fd33317aa50d2e4f054cea7127796615f185ca66cca1f2d26ba5
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_img9dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:52 GMT
ETag: "10558-5ed829a313200"
Accept-Ranges: bytes
Content-Length: 66904
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_1072dlaxtgy.jpg
216.18.208.202200 OK 36 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_1072dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 528x337, components 3\012- data
Hash fffcfb1ba48578444481c34f55f49da5
31f6c2aeaaba583e9c076e0a981fa3185cb832fa
d1cdd707e15f054c02502223424730cc4d3a73cfab4b2eea8f70265e0adce73c
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_1072dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:32 GMT
ETag: "8c93-5ed8299000500"
Accept-Ranges: bytes
Content-Length: 35987
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_300dlaxtgy.jpg
216.18.208.202200 OK 1.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_300dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 993a53c5522df94ca87f5459bc93f37b
1106e2521d57af71eda730fe23a0c368dbbaf404
c26c960f28cfcc4480a6884b466335d5df0b68b7f0c3724fb285afbcfc62af7d
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_300dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:39 GMT
ETag: "488-5ed82996ad4c0"
Accept-Ranges: bytes
Content-Length: 1160
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_223dlaxtgy.jpg
216.18.208.202200 OK 1.0 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_223dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 41ab757312409ed79800e4a4b1d3b86d
3dae9ba467e00ab42679102120dd5f550148f67b
a2d8c235d7416a4fb4954ea828d76bc82d43ad66b4c1873d750bf98358f2d33a
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_223dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:36 GMT
ETag: "3fd-5ed82993d0e00"
Accept-Ranges: bytes
Content-Length: 1021
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_201dlaxtgy.jpg
216.18.208.202200 OK 98 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_201dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 800x800, components 3\012- data
Hash b9c6cff31dd36947d4b2e2bb0cc891d2
0c2325c4cef2032f3bbc6baeff553c0a768262d6
e2405681c9735063dbbb0d5ac1cbcde020160a40d7fdc471cfe7f837d95c6acd
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_201dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:34 GMT
ETag: "17efb-5ed82991e8980"
Accept-Ranges: bytes
Content-Length: 98043
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_30dlaxtgy.jpg
216.18.208.202200 OK 1.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_30dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Hash f2656f14024917849002d82302f384a0
bb84e5188964eebe4f0ed4c2eae42834aedc5636
79dd3680f58b7abbe3ca83b284d6955599c0044d42d99b6a41ccbee28b64db4e
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_30dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:44 GMT
ETag: "4c3-5ed8299b72000"
Accept-Ranges: bytes
Content-Length: 1219
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_28dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_28dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 4c3bb1b178159e6113ad2406347eaacf
aadc4e6344809d01ec24a0c89d3acff900f0c862
6ab46939948c947f99c4faf1a522f6ada8cd9f4548fe8df0e28bb6289eb1d033
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_28dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:39 GMT
ETag: "4e2-5ed82996ad4c0"
Accept-Ranges: bytes
Content-Length: 1250
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_12_00100dlaxtgy.jpg
216.18.208.202200 OK 817 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_12_00100dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 38a856a56a2909344b7f332a0a76a80a
e5e2a41232cfb7a4fe0eda07f317157551217313
edcbfa18fbafbe05a70f3dc9ec833ec8620fa722f37fac059829185edf1ff0d9
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_12_00100dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:34 GMT
ETag: "331-5ed82991e8980"
Accept-Ranges: bytes
Content-Length: 817
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_2233dlaxtgy.png
216.18.208.202200 OK 93 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_2233dlaxtgy.png
IP 216.18.208.202:0
File type PNG image data, 500 x 500, 8-bit colormap, non-interlaced\012- data
Hash 763d6fd92a577770e39708277da4bc6f
594eefab04f907927a38cd32184a7b25b76f5609
dc4df3e1cb96584229853e4a4977284199fa597f639ed1e33aa7281cf6977ecc
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_2233dlaxtgy.png HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:16 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:35 GMT
ETag: "16a57-5ed82992dcbc0"
Accept-Ranges: bytes
Content-Length: 92759
Content-Type: image/png
df1bto5vlbdx3ai.xyz/index_files/index_files_302dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_302dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 50x50, components 3\012- data
Hash 27c58a39a8d592d49f784d2cd8f2b8a9
2a9f381ed537d67662015b94f2be938a9d59d2e0
90071a64e5f5548ac868405216c9441810fcdf06c6d7979666b58704659154d0
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_302dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:40 GMT
ETag: "50c-5ed82997a1700"
Accept-Ranges: bytes
Content-Length: 1292
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_303dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_303dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 1d05ca2520c5bfd913f5f87ebf23f29e
fcd7624df8e5a4239b610359bc20f67acb5e4d58
6e80c0b1f6a49a98f82a76ec88508a7dc3e6f5a68a88852429b9f87bbf5e7db5
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_303dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:41 GMT
ETag: "534-5ed8299895940"
Accept-Ranges: bytes
Content-Length: 1332
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_304dlaxtgy.jpg
216.18.208.202200 OK 3.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_304dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 90x90, components 3\012- data
Hash dc357479dc60777ba77b7335ee5f5bb9
8aa1aa255bcfa9a9ace9220097fca892194b575a
f5d28dff1f9fe4dad5b4c29afbc55405eb1689130e479514c07526ba8191cae1
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_304dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:41 GMT
ETag: "c61-5ed8299895940"
Accept-Ranges: bytes
Content-Length: 3169
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_305dlaxtgy.jpg
216.18.208.202200 OK 1.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_305dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash c7bd1f13272000da45cf0b4a8f150956
bc5090427926ecfdbbb44e80e097ea1b5cdc7ae5
54bb639a13da8afebe5b08816860eb2ac057b9d46aab5eaf4a1557df2be1a467
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_305dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:42 GMT
ETag: "4a6-5ed8299989b80"
Accept-Ranges: bytes
Content-Length: 1190
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_307dlaxtgy.jpg
216.18.208.202200 OK 1.2 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_307dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash e031944a17a7f14d1d8cc63af5863342
98f51a4d0bbc1c97b2ddef90de12e8ea318611f1
c457ad47707b79d056c5c0cd6f7472bc9675250e9af66287cd0dfd687b07ab9b
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_307dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:43 GMT
ETag: "4ca-5ed8299a7ddc0"
Accept-Ranges: bytes
Content-Length: 1226
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_308dlaxtgy.jpg
216.18.208.202200 OK 1.8 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_308dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x74, components 3\012- data
Hash bae8e0014ada324e1c5f69a914193c1f
0cba70d1b9e4978a3ba4f6236b8d94d4159f5df6
556862126866d05b1563737aff79054162b08074b5fb5540ac8efcc0fb758097
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_308dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:43 GMT
ETag: "6f9-5ed8299a7ddc0"
Accept-Ranges: bytes
Content-Length: 1785
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_314dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_314dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash e191757f84ec66956c91bab70431ab22
727563b18e5365d0a845ebfd6a88b4b5d8aeb611
8d668c6f5f477b6f4a6165b5ae30e1bff8483de45ddc90986d74d44843e7f460
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_314dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:46 GMT
ETag: "511-5ed8299d5a480"
Accept-Ranges: bytes
Content-Length: 1297
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_312dlaxtgy.jpg
216.18.208.202200 OK 801 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_312dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 40x40, components 3\012- data
Hash 6dd79075db09075c3ab6a53ccaef6024
d841b9e41a0eea59112aa63c4272215a595b8015
503a56457247aa221f5a15fc7e344f146ee0aa79fb9110f9b69617896fd50ae9
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_312dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:45 GMT
ETag: "321-5ed8299c66240"
Accept-Ranges: bytes
Content-Length: 801
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_310dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_310dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash ba3a4fb10b5a1b41b147c8dbaf04e200
29e28c199919e5fa8972a7002c75e1143f69fc88
1e1e44262dfd4f85a0de8395905fde8fc2d5bb968da6673503b2547f2d57a2d2
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_310dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:45 GMT
ETag: "50e-5ed8299c66240"
Accept-Ranges: bytes
Content-Length: 1294
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_315dlaxtgy.jpg
216.18.208.202200 OK 965 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_315dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash b7ddf78074c19a092eeefbb541020ce4
6c3330523652e54fb1d07bd98e78fba14429e097
fbb50aa76fad05ef789019de576cf4db385a55857f1ad6611f9e21cd6fdf2bbc
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_315dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:46 GMT
ETag: "3c5-5ed8299d5a480"
Accept-Ranges: bytes
Content-Length: 965
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_av6dlaxtgy.jpg
216.18.208.202200 OK 758 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_av6dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 36eb50f3ce1e3245f28dfcb10df80394
867c952a8ffa81d5e2bb656ecfa2594cfaf65953
154368d5ffbdba901829d363ed1dd6e03d89c2926d928ced61e3079bcb7537a6
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_av6dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:47 GMT
ETag: "2f6-5ed8299e4e6c0"
Accept-Ranges: bytes
Content-Length: 758
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_av50dlaxtgy.jpg
216.18.208.202200 OK 799 B URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_av50dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash a187cf633638ffe4e683bf1cf0077a1d
1b3be8f6cf52ed0a9449904227ccf9e87a3fa049
1d7369b5fb036d4ce81c28391d3cdb170845de994ba47872c724cb57f6ad314f
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_av50dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:47 GMT
ETag: "31f-5ed8299e4e6c0"
Accept-Ranges: bytes
Content-Length: 799
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_av8dlaxtgy.jpg
216.18.208.202200 OK 2.0 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_av8dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Hash fcf43b35d0018afa6a84539c98ff3c59
a79991996617c8bb86782b0c8e4563c2f6de139d
b7afda787d7c02b2bae3156cae43f2ecc3a8e4ba87b5616d6d61d035c577d1d8
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_av8dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:49 GMT
ETag: "7bf-5ed829a036b40"
Accept-Ranges: bytes
Content-Length: 1983
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_av7dlaxtgy.jpg
216.18.208.202200 OK 1.1 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_av7dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 39f65ad4915beb0bbdf5b8197a98a18a
1e36b8660cdc0b782f37625ca44ebdadb8da483e
d1326e5c5f0f30d143ff92794daca1da266037455074f5db154ff004ce9034f2
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_av7dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:48 GMT
ETag: "469-5ed8299f42900"
Accept-Ranges: bytes
Content-Length: 1129
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_1111dlaxtgy.jpg
216.18.208.202200 OK 1.3 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_1111dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 48x48, components 3\012- data
Hash 67bd7dafca9b46edb679a5580f143e5c
6d1dc86349177e30c3187494832a604d6c7c7383
111ec758e0888747bd3298121d4f318027a8543de036a9aed760e421884052b9
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_1111dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:33 GMT
ETag: "525-5ed82990f4740"
Accept-Ranges: bytes
Content-Length: 1317
Content-Type: image/jpeg
df1bto5vlbdx3ai.xyz/index_files/index_files_306dlaxtgy.jpg
216.18.208.202200 OK 1.4 kB URL HTTP/1.1 df1bto5vlbdx3ai.xyz/index_files/index_files_306dlaxtgy.jpg
IP 216.18.208.202:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 64x64, components 3\012- data
Hash b621cd83856ccb86aa65d0ee87ebe430
427ce753469629a8b7df9eb5140c6bc400c9351e
05b2330d80ddb0ce7e545d4a476827e6f50332e4956bf2558074cf8d44aaf283
Analyzer Verdict Alert quad9 Sinkholed
GET /index_files/index_files_306dlaxtgy.jpg HTTP/1.1
Host: df1bto5vlbdx3ai.xyz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://df1bto5vlbdx3ai.xyz/?type=really
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 03:47:17 GMT
Server: Apache
Upgrade: h2
Connection: Upgrade, close
Last-Modified: Tue, 15 Nov 2022 13:47:42 GMT
ETag: "54b-5ed8299989b80"
Accept-Ranges: bytes
Content-Length: 1355
Content-Type: image/jpeg