r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d27590a1d3cbe1e9632b8ae92aaae3f4
202b34e8a0c3b88c8826fd56c6227b34f2cd6f46
6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10848
Expires: Fri, 18 Nov 2022 03:54:44 GMT
Date: Fri, 18 Nov 2022 00:53:56 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4e84f361a3c81abc5d665a5f441452a8
7aa4b9cb0a7ba1daa514dbb48fe8e74fdf09b60d
04d64920cc8e6b096841938b0c1140889f5d7a04eabd440934a31f1c7ab90352
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "04D64920CC8E6B096841938B0C1140889F5D7A04EABD440934A31F1C7AB90352"
Last-Modified: Wed, 16 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17127
Expires: Fri, 18 Nov 2022 05:39:23 GMT
Date: Fri, 18 Nov 2022 00:53:56 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash be1be806b5dca7facbb45a6c3db44652
7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4
1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2804
Cache-Control: max-age=123851
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:56 GMT
Etag: "63760d7b-1d7"
Expires: Sat, 19 Nov 2022 11:18:07 GMT
Last-Modified: Thu, 17 Nov 2022 10:31:23 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Uck2IgayoAW/6uAZZjbpDGln9sxQLxE7rTelBzZRKBSVlL1tcD9KBTM7T+czLBhP4n26M0RkIxA=
x-amz-request-id: P7PGDY37V4Q0K6MC
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 18 Nov 2022 00:52:41 GMT
age: 75
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 567df7db606cf5d0871aa5bc9311b6da
4263faac7cbab2fcaf6661911dcad5091c06be17
e9650e1fdc46fc8678708ddcc37ab369c7a6d50489a004be896f20c7a3a644b0
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 18 Nov 2022 00:44:46 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 551
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 18 Nov 2022 00:53:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 18 Nov 2022 00:44:49 GMT
cache-control: public,max-age=3600
age: 548
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
mail.parrotbay.net/
104.206.225.200200 OK 23 kB IP 104.206.225.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3915)
Hash 4ed688b50a27ee9ea3e4cbaf04b444c8
dbcf5772b8dbcb07d2897c4d2b8006019d8b9125
5a6a837fbc0cdb093b86865cc3f38043a617f0411bb3bd466da000a7cf7f9bc3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sun, 23 Feb 2020 00:43:10 GMT
Accept-Ranges: bytes
Content-Length: 22711
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 05bf67082a248863ee104c4f16e7ae7a
51bc71674f0e51788118bd4826dec7896d6bd03e
3664a7f4bc06fcb7bab2f6b270e74570536d947f8d3fa2fe586dd0de713844e8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.parrotbay.net/assets/web/assets/mobirise-icons/mobirise-icons.css
104.206.225.200200 OK 7.6 kB URL HTTP/1.1 mail.parrotbay.net/assets/web/assets/mobirise-icons/mobirise-icons.css
IP 104.206.225.200:0
Hash b7f22b4c8cdf26f6c3528095d3917eed
b41b69a4033612ff3f58956e54d15e4d776f654d
b0cf918213747e59ed554a87d5e821487bc728f2cbb3460d4a2f08735391c44d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/web/assets/mobirise-icons/mobirise-icons.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 7613
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c10055ce87434f700ff8b20e3be1f919
477b3c9f1da0c464282bb54572737e76b6e346da
4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2984
Cache-Control: max-age=118962
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 09:56:39 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
www.google.com/maps/embed/v1/place?key=AIzaSyCy9r70T3NYf3PhvVflTo0_zdif2_IoIYs&q=place_id:ChIJL08lGr4puYkR-q2TO1L3P0c
142.250.74.164200 OK 904 B URL HTTP/2 www.google.com/maps/embed/v1/place?key=AIzaSyCy9r70T3NYf3PhvVflTo0_zdif2_IoIYs&q=place_id:ChIJL08lGr4puYkR-q2TO1L3P0c
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1471)
Hash 0423f2b9b22cc2bcc92120ae0def4cec
eb7c46d15de76228768ed0d957a9fa7e9d3f661a
6cb38709001898dc266d0ac9f1b82aab55d8bf630d9be970a14cd52d8bb04a55
GET /maps/embed/v1/place?key=AIzaSyCy9r70T3NYf3PhvVflTo0_zdif2_IoIYs&q=place_id:ChIJL08lGr4puYkR-q2TO1L3P0c HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-security-policy: object-src 'none';base-uri 'self';script-src 'nonce-FTRBW-tYHHKrbmTpjo8y7A' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/geo-maps-api/1
pragma: no-cache
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
vary: Accept-Language, Origin, X-Origin, Referer
content-type: text/html; charset=UTF-8
content-encoding: gzip
date: Fri, 18 Nov 2022 00:53:57 GMT
server: scaffolding on HTTPServer2
content-length: 904
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 471 B IP 142.250.74.35:0
Hash 69ccbf11ee5c6a7b28507cc67ef93309
2eecd5559e500faeaa06ab84741f589d8fdc5151
de373d77e5c003eabbdd7742a5f7b73976219b2048b01a41ae8faabae527a416
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4bf9d7f716bc1adeca873e97debe0555
3b3fed135b3a3c3d485e6ec86a12c0de80822430
c0b75f37ec5d15fd96047d4f0b5dbafb6636b4f8adfa39dd5b84465925d83dce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Last-Modified: Fri, 18 Nov 2022 00:15:00 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
mail.parrotbay.net/assets/facebook-plugin/style.css
104.206.225.200200 OK 1.5 kB URL HTTP/1.1 mail.parrotbay.net/assets/facebook-plugin/style.css
IP 104.206.225.200:0
Hash 9d8871ccd1c8f48a111909c73dd36211
ba2f02370a303ee71147e715efc556b9fa261615
87ab7a47fcc72eb05aa4e29e2d000b41e48be2d8627c795ab1cbb0f14b29d4d6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/facebook-plugin/style.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 1459
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/bootstrap/css/bootstrap-reboot.min.css
104.206.225.200200 OK 3.8 kB URL HTTP/1.1 mail.parrotbay.net/assets/bootstrap/css/bootstrap-reboot.min.css
IP 104.206.225.200:0
File type ASCII text, with very long lines (3455)
Hash fff5a1c5610b4e8909de23f2200d936b
eb722bcb0f5d507acb789c44c5ab058e26de7e2c
e9493663951399b6e85a64aae34b39277c0d0ede93cc852fb1ee540179160a32
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/bootstrap/css/bootstrap-reboot.min.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 3836
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
connect.facebook.net/en_US/sdk.js
31.13.72.12200 OK 4.9 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (14814)
Hash 01941634aa7de7181c625116f7a5c319
55afe040f684bd2543604674ed8b2e2733a28306
57b6b5830d74e7c704ba8a5dfe404edb2f1e3fe76f464adf6fff270279e6db2d
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: e913d64139675910f371fa4af76e8a00
etag: "2eca5996ab3ca2b49dbbda26324f20e4"
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 18 Nov 2022 01:11:28 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: AZQWNKp95xgcYlEW96XDGQ==
x-fb-debug: p+E9G1CEQpASJBmiEh9JoDUYPCYqqWEpfORMbP/BBTa1yYklVv9Sxl/Zwbb84ES84Mpas0+IXRGVVSDTejJOVQ==
priority: u=3,i
content-length: 4883
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 00:53:57 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
apis.google.com/js/plusone.js
142.250.74.174200 OK 21 kB URL HTTP/2 apis.google.com/js/plusone.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1279)
Hash 12491934f2dd288be49c622a42e0645c
1a6a7d25d5e7ea7abb4954b808abdd9bc05d180e
0ff6744c54b8d17b84a766e3d0cc2a9cae0307a9d9e15491f16892ee6e4b55a0
GET /js/plusone.js HTTP/1.1
Host: apis.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/javascript
access-control-allow-origin: *
content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="gapi-team"
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
timing-allow-origin: *
content-length: 20992
date: Fri, 18 Nov 2022 00:53:57 GMT
expires: Fri, 18 Nov 2022 00:53:57 GMT
cache-control: private, max-age=1800, stale-while-revalidate=1800
etag: "c1b020d722de3a38"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/mobirise/css/mbr-additional.css
104.206.225.200200 OK 24 kB URL HTTP/1.1 mail.parrotbay.net/assets/mobirise/css/mbr-additional.css
IP 104.206.225.200:0
File type ASCII text, with very long lines (522)
Hash 6f4866f4e0d0d20befa048576919b9f9
52bcac8c3cd020ea8d3e53b39ff4aca1cccaad30
3d45b5534ce3086cf2b0d00a993252720b69a229ba67d1b8277e2dcef129372b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/mobirise/css/mbr-additional.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sun, 23 Feb 2020 01:42:02 GMT
Accept-Ranges: bytes
Content-Length: 24137
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/tether/tether.min.css
104.206.225.200200 OK 237 B URL HTTP/1.1 mail.parrotbay.net/assets/tether/tether.min.css
IP 104.206.225.200:0
File type ASCII text, with no line terminators
Hash 62155a3948cbf17b1bf4b407c90ab84f
4c02e993cdc345d428bfe41afa8a5676e7c717b8
cb84c37000f8fe3e68e24799be081febdf02afd39cec967e80631ac76dea9950
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/tether/tether.min.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 237
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4867bbb88730b6b7c4ce63d01131b13d
13205cb9c213ebb2915cedc56c64c65dccd3b8c4
f6df6058ca9dd6ce5e9034a5996d6e22ddbc9e5be85a245c55efb2bfbccbf99a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4bf9d7f716bc1adeca873e97debe0555
3b3fed135b3a3c3d485e6ec86a12c0de80822430
c0b75f37ec5d15fd96047d4f0b5dbafb6636b4f8adfa39dd5b84465925d83dce
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2337
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Last-Modified: Fri, 18 Nov 2022 00:15:00 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4867bbb88730b6b7c4ce63d01131b13d
13205cb9c213ebb2915cedc56c64c65dccd3b8c4
f6df6058ca9dd6ce5e9034a5996d6e22ddbc9e5be85a245c55efb2bfbccbf99a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9e20a99f56d244cd43bd10781eb8e1d8
000f6ecfc6a9412d2e062028ee553801f573fd92
17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.parrotbay.net/assets/socicon/css/styles.css
104.206.225.200200 OK 9.2 kB URL HTTP/1.1 mail.parrotbay.net/assets/socicon/css/styles.css
IP 104.206.225.200:0
Hash 0fd525c8c8fe3b5b0ddb59d586d33cd0
22538bfc05e2c464fe204f3339fbd958daa7356c
14c15d9db799cc1294cfeb2943c507351eaecfb7c23dbf745f4c9a0938efd228
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/socicon/css/styles.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 9164
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/gallery/style.css
104.206.225.200200 OK 9.7 kB URL HTTP/1.1 mail.parrotbay.net/assets/gallery/style.css
IP 104.206.225.200:0
Hash 6d501d63ce539295a9e7e24efdc20ce2
4ed6a74a520ebd2bb82c1aebb158cb56114c5552
2b006c175b9267e9409f6454af7e23a7cd1916626db1d6bdbf3aa54750a1bef3
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/gallery/style.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 9721
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
push.services.mozilla.com/
34.214.236.46101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.236.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: pF/vdZjZvle6iZR+p1Jj6A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: HI/v9QOmeEN3RVG3LoxRdsbePEg=
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 9e20a99f56d244cd43bd10781eb8e1d8
000f6ecfc6a9412d2e062028ee553801f573fd92
17cae43cd454fc69beff944925994d2810f859261cd40bfa58d573163a40b23c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:57 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.parrotbay.net/assets/bootstrap/css/bootstrap-grid.min.css
104.206.225.200200 OK 48 kB URL HTTP/1.1 mail.parrotbay.net/assets/bootstrap/css/bootstrap-grid.min.css
IP 104.206.225.200:0
File type ASCII text, with very long lines (48220)
Hash 91b629ae41ccbef306fd92762ec80759
d47d179730b15f6cfe6992f5baac524899b73865
e6d573b7daafdee530dc4204ffb40f9bd192b3f65ed11a0bf02b18b909bca8a8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/bootstrap/css/bootstrap-grid.min.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 48488
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/theme/css/style.css
104.206.225.200200 OK 23 kB URL HTTP/1.1 mail.parrotbay.net/assets/theme/css/style.css
IP 104.206.225.200:0
Hash dbdff145829067f16146292003247f4c
e46327f631c7887ee71054ec10d1aba6f5cadf33
c85ed882b96aeda4e35852af334388ac4845daf0c0f5fd9142b0fe564ff37c76
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/theme/css/style.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 23353
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/facebook-plugin/facebook-script.js
104.206.225.200200 OK 830 B URL HTTP/1.1 mail.parrotbay.net/assets/facebook-plugin/facebook-script.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (521)
Hash 224bcd20277bb6a512a1fdd727adebed
c3a84a0ab55e45571ab89d48d7c649960d09b319
bff994fc4c1445f5edb2e77e3be4feca1894beda51a0967d5a852e421a96f70c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/facebook-plugin/facebook-script.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 830
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/popper/popper.min.js
104.206.225.200200 OK 19 kB URL HTTP/1.1 mail.parrotbay.net/assets/popper/popper.min.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (18860)
Hash 3621381129597bf34d48a9e2623e05c9
edb00146d1636c247c7afaa61f11aad0c0fc5120
3675f226f985b64eea6ae8544d5496a32d19993aae1ac4a3fa101263ef3206f7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/popper/popper.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 18994
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/playervimeo/vimeo_player.js
104.206.225.200200 OK 16 kB URL HTTP/1.1 mail.parrotbay.net/assets/playervimeo/vimeo_player.js
IP 104.206.225.200:0
File type Unicode text, UTF-8 text, with very long lines (15540)
Hash 88a481ab1e6cb0a070b9b146b3c89504
7e9b1b330d55a81218f1309caebe74b4fa645d3b
2740994c25ac0c3f875b801c002d9c9dd9b9f27e15180e03c3ce739a43feb05a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/playervimeo/vimeo_player.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 15658
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/tether/tether.min.js
104.206.225.200200 OK 23 kB URL HTTP/1.1 mail.parrotbay.net/assets/tether/tether.min.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (23217), with no line terminators
Hash 3e50b6f75ff4128f2478b1d44f80fdfb
345421c0dfc6ca09aea15cec021617d701e4827f
0a0416e386e436583f5f49242104677e6b16b1aa693d86f32d76845e26081f96
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/tether/tether.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 23217
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/smoothscroll/smooth-scroll.js
104.206.225.200200 OK 26 kB URL HTTP/1.1 mail.parrotbay.net/assets/smoothscroll/smooth-scroll.js
IP 104.206.225.200:0
Hash fe29604742445d8c3099def402762a66
62624b445315e5cac20ef0fb77a32047ecc38e88
c91f338f6adfb67bcf0ef83e714b8ab54799f47111d589e380590d063b8bf273
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/smoothscroll/smooth-scroll.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 25569
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/web/assets/jquery/jquery.min.js
104.206.225.200200 OK 96 kB URL HTTP/1.1 mail.parrotbay.net/assets/web/assets/jquery/jquery.min.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (32047)
Hash 5790ead7ad3ba27397aedfa3d263b867
8130544c215fe5d1ec081d83461bf4a711e74882
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/web/assets/jquery/jquery.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 95931
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/bootstrap/css/bootstrap.min.css
104.206.225.200200 OK 153 kB URL HTTP/1.1 mail.parrotbay.net/assets/bootstrap/css/bootstrap.min.css
IP 104.206.225.200:0
File type ASCII text, with very long lines (65324)
Size 153 kB (153182 bytes)
Hash f411c136e2bb302ada2120b3eb1d5bc3
3ae9bb0e7929489abd23736ae892939c8fe98645
6b3bef53dc4a96ec07149d02a60b5fd026332bbce0b4ece79f3c55e3ddb85f5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/bootstrap/css/bootstrap.min.css HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:57 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 153182
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
mail.parrotbay.net/assets/bootstrapcarouselswipe/bootstrap-carousel-swipe.js
104.206.225.200200 OK 6.7 kB URL HTTP/1.1 mail.parrotbay.net/assets/bootstrapcarouselswipe/bootstrap-carousel-swipe.js
IP 104.206.225.200:0
Hash d806b7d2bc4cdfdf3e30b4080c1c3ebb
cf0f9488c6d566e8c7cd3a06fdb03ed7b35e9722
a8ae84d76e6daf3ff4763eec662c60768fb117c395fad0c51fc5b0953ab9d902
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/bootstrapcarouselswipe/bootstrap-carousel-swipe.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 6727
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/sociallikes/social-likes.js
104.206.225.200200 OK 23 kB URL HTTP/1.1 mail.parrotbay.net/assets/sociallikes/social-likes.js
IP 104.206.225.200:0
Hash 35f75715549465a9b72208a1d18fc581
94caeebc7366549162cacf22213d6b1f145ff030
b9049a7c32f217f75c5b42d241840b4e6da5843f03d2cf0df9a8dbb679c2360f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/sociallikes/social-likes.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 23026
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/imagesloaded/imagesloaded.pkgd.min.js
104.206.225.200200 OK 6.9 kB URL HTTP/1.1 mail.parrotbay.net/assets/imagesloaded/imagesloaded.pkgd.min.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (6832)
Hash 511ef2f6ee750edc32bb5c8d5d324e7e
4bccbca87d32236ed7a6f37129cc1accf20d2a8f
37dbf4b6012d4e23cbc1cba50baa3572c93a5c371b9873fb5440cb84dfbf9902
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/imagesloaded/imagesloaded.pkgd.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 6949
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 71821131fa0825a241bb6f95ad63a26a
4c676dbf861c2fca225bd1b9620237246ddfc724
f2dbe2a5c73657c35a660931a44cda1c1641c5b277ceea3d8fd7b4bfcacaf5ce
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 33580, version 1.0\012- data
Hash 848cd2ecd011428969dc6b90431bc482
6b1a7b562a56bd54510e0f6f95e26babca331a1b
981307dcbbd348f6fb4e3eab184077392f9ee15097ea868f630debefad9044e9
GET /s/rubik/v21/iJWKBXyIfDnIV7nBrXw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.parrotbay.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 33580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Nov 2022 21:38:57 GMT
expires: Fri, 17 Nov 2023 21:38:57 GMT
cache-control: public, max-age=31536000
age: 11701
last-modified: Mon, 18 Jul 2022 19:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
216.58.207.195200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 34500, version 1.0\012- data
Hash faff0ee016116a366390902ac4445672
f0392ff9fc0b9fd3169662810504bb0108857e4a
7537368c23adecd664ec589e81d5279bbc5ff02c09d52247daf460e2046c4cdc
GET /s/rubik/v21/iJWEBXyIfDnIV7nEnX661A.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://mail.parrotbay.net
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 34500
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 15 Nov 2022 03:40:01 GMT
expires: Wed, 15 Nov 2023 03:40:01 GMT
cache-control: public, max-age=31536000
age: 249237
last-modified: Mon, 18 Jul 2022 19:24:57 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/theme/js/script.js
104.206.225.200200 OK 49 kB URL HTTP/1.1 mail.parrotbay.net/assets/theme/js/script.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (378)
Hash 322b975597ea33fb2bf8d98ddae34b9d
45c0433e15efc6e59f7db813c6c4874dbc50dafe
fcce483a5a5a1f47d3ac9293a9ce468414fb8bb1223761b9823eb06e3fc04444
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/theme/js/script.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sun, 23 Feb 2020 01:42:02 GMT
Accept-Ranges: bytes
Content-Length: 49445
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/slidervideo/script.js
104.206.225.200200 OK 8.0 kB URL HTTP/1.1 mail.parrotbay.net/assets/slidervideo/script.js
IP 104.206.225.200:0
Hash e337670dc339ab2169eafb542bd78a88
ff16900c0b8e6990a3893d398485a8926cf888e0
56154f900d204c3f2b86560aeba30c21345fda3b9fed50854055e37d0f2ee010
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/slidervideo/script.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 7953
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/gallery/player.min.js
104.206.225.200200 OK 16 kB URL HTTP/1.1 mail.parrotbay.net/assets/gallery/player.min.js
IP 104.206.225.200:0
File type Unicode text, UTF-8 text, with very long lines (15578)
Hash 2c3f297a3f676ea26fd42e5d72543e4d
0e3325d3bc7d186330464e9ef0999310e9435f78
31db829c03393e780cc384fc5cc953f7b6c5cd90d34edb9ccc1f148c7a8c791e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/gallery/player.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 15696
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 759d55a9f00851e8653847413a8a3db5
2424e3d7aae0972c57bee3a60a50b3b8a82bba23
5d07bc72f8be0bc42f91b8cb202f4cdc83fb4e5f5f360998066dad08a7fef6ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
mail.parrotbay.net/assets/vimeoplayer/jquery.mb.vimeo_player.js
104.206.225.200200 OK 48 kB URL HTTP/1.1 mail.parrotbay.net/assets/vimeoplayer/jquery.mb.vimeo_player.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (3951)
Hash 1a67d0863c6b49d381a5c0f11d29b18d
f07bf9d10393e0244b800fdd6ecfa168f75727ca
e98231e4a9ec5c1bb27c723692aef24b48ead06cd8da541cf95eed9ee1c8b4e9
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/vimeoplayer/jquery.mb.vimeo_player.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 48484
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/masonry/masonry.pkgd.min.js
104.206.225.200200 OK 29 kB URL HTTP/1.1 mail.parrotbay.net/assets/masonry/masonry.pkgd.min.js
IP 104.206.225.200:0
File type ASCII text, with very long lines (28817)
Hash c54e75edf5cbaf412bc16ba4145f6032
67638430c92c23cedb89db038627876d361135c0
733d7c26a5fb7240e83e8af2c822218b321b5143e28c2dd65ab2492297ac6bd7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/masonry/masonry.pkgd.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 28953
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/gallery/script.js
104.206.225.200200 OK 12 kB URL HTTP/1.1 mail.parrotbay.net/assets/gallery/script.js
IP 104.206.225.200:0
Hash 3c99e9ec6d7648123a3b757ada168b54
6b702c903cb450aac885f56b0d83e9d64aa3418e
50bc4592916053dff0104b80f8f27171e9bb6b028606e623490fe4ca35fc4e8b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/gallery/script.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 12235
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
mail.parrotbay.net/assets/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
104.206.225.200200 OK 52 kB URL HTTP/1.1 mail.parrotbay.net/assets/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u
IP 104.206.225.200:0
File type TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Hash efe575ff53d0d0e86d5f5fc36f574e2b
e99a895527a8c3ef92bd251e357de11b554fd17b
4b09eb555b72f74acd30018f8aaa4ef19787301819801dff7f6bcde9d3754cd7
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/web/assets/mobirise-icons/mobirise-icons.ttf?spat4u HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/assets/web/assets/mobirise-icons/mobirise-icons.css
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 51464
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: font/ttf
maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
142.250.74.163200 OK 69 kB URL HTTP/2 maps.gstatic.com/maps-api-v3/embed/js/51/1/init_embed.js
IP 142.250.74.163:0
File type ASCII text, with very long lines (2669)
Hash c088038bb01fdc7f15f21e2216b6b8b4
fa724c5616022f6825ac476354c492b0bf544d21
b0ecfa74efada796d206177e1bc78c7ac75250608051c6576335c6231fc2de78
GET /maps-api-v3/embed/js/51/1/init_embed.js HTTP/1.1
Host: maps.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-length: 68704
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 18:43:02 GMT
expires: Thu, 16 Nov 2023 18:43:02 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 14 Nov 2022 21:36:22 GMT
content-type: text/javascript
age: 108656
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/images/bhma6-400x300-400x300.jpg
104.206.225.200200 OK 29 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma6-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash b2b092c4c221f9603518b6b728c35bbe
df58daf16415108007e4db8f36617ad9a294a24e
888ba38ec196265df4f8eb3c0d5eb362fa11348c4dc165120a4df72682d89a40
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma6-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 29416
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4867bbb88730b6b7c4ce63d01131b13d
13205cb9c213ebb2915cedc56c64c65dccd3b8c4
f6df6058ca9dd6ce5e9034a5996d6e22ddbc9e5be85a245c55efb2bfbccbf99a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:53:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
youtube.com/embed/INPTCki6NXY?rel=0&enablejsapi=1
142.250.74.78301 Moved Permanently 0 B URL HTTP/2 youtube.com/embed/INPTCki6NXY?rel=0&enablejsapi=1
IP 142.250.74.78:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /embed/INPTCki6NXY?rel=0&enablejsapi=1 HTTP/1.1
Host: youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: application/binary
x-content-type-options: nosniff
expires: Fri, 18 Nov 2022 00:53:58 GMT
date: Fri, 18 Nov 2022 00:53:58 GMT
cache-control: private, max-age=31536000
location: https://www.youtube.com/embed/INPTCki6NXY?rel=0&enablejsapi=1
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
server: ESF
content-length: 0
x-xss-protection: 0
set-cookie: CONSENT=PENDING+303; expires=Sun, 17-Nov-2024 00:53:58 GMT; path=/; domain=.youtube.com; Secure
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/images/bhma11-400x300-400x300.jpg
104.206.225.200200 OK 23 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma11-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 3a3331ddbd094e89fab54a849ceef734
69e95121a81f6ea8c6fc8c4d7fc5116af1b2bf74
ccfd815ba3fbf3bbe5dd7c14680360b27fdc22761e1db69488aa0bb0b50d7c51
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma11-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 22624
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/socicon/fonts/socicon.woff
104.206.225.200200 OK 39 kB URL HTTP/1.1 mail.parrotbay.net/assets/socicon/fonts/socicon.woff
IP 104.206.225.200:0
File type Web Open Font Format, CFF, length 38700, version 1.0\012- data
Hash 944f06f5f65ef84a3a36e6c1c2d4b7ad
28a5937ba6c82ce39b1d581f42a23ce8eec6cc6c
165def3c7a5c82e6cd701ad9039f39b537e6e2e748948a4c54d70ed47d0d27f3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/socicon/fonts/socicon.woff HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://mail.parrotbay.net/assets/socicon/css/styles.css
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:36 GMT
Accept-Ranges: bytes
Content-Length: 38700
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: font/woff
mail.parrotbay.net/assets/images/bhma1-400x300-400x300.jpg
104.206.225.200200 OK 38 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma1-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 22239878788343136c3af59902888e9c
ec4d15f05ed42ef840cd1f6621380c2d4c742ff0
2f82350f4693c053513a1f10d6d5e9a70ff801547c7244e9f237bd3f425b1acb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma1-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 37748
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma3-400x300-400x300.jpg
104.206.225.200200 OK 25 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma3-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash f7b44795208dec9081c7e3746f85750d
9415ed9c3a8aa4d24172100fd69aca7a5940fe13
aba9f85f019b526fbae968738f7694a636c46f7a67c518dbe4821ad9314901e9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma3-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 25237
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma7-400x300-400x300.jpg
104.206.225.200200 OK 35 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma7-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash c4d11d20f0da4e77b3dea0960ffa2005
9ff46fe1643ca1ed10924cff654e635e49686528
3ae61b050e48382804dd57da6cce788739a4ab55bfe64aab04bf58f69d8172ae
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma7-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 34985
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma9-400x300-400x300.jpg
104.206.225.200200 OK 21 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma9-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 8049a4ccc4652b8c2b3380527df12b75
52023eee8398b8c74b6197cb4868209087a8194a
5ac419aeb11c22d53bea81eee9aa9cf3e4e35d2c8ce19b450d8db05a810b483d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma9-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 21278
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/cav29-400x300.jpg
104.206.225.200200 OK 38 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/cav29-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 9383176a7165949606b5f58ba532df69
8b2131b665020b03606ea797c4f71dd59fa87f18
03035634ecacd9d8c58b7d0c5a972aee56c53402041c3ab60b8e706a22dbc433
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/cav29-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 38431
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma5-400x300-400x300.jpg
104.206.225.200200 OK 34 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma5-400x300-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 242673697fc136227d435b6a7fb92742
4c054cf305886443f9258b3d8716176a971385c9
b8f129bda711dbe4da19a0a70fba5afcfe4c99898ba0a53802af76237539bd83
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma5-400x300-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 34204
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/rbd1-400x300.jpg
104.206.225.200200 OK 44 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/rbd1-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash d752168f7b95334d47e7c13a515b3fc2
3385b4fdefa5a5dbd0551d2063344ccd5be98e51
69632729d3f72f5ad332e7f5872059c3a946a50d4f56642837af021c850f7217
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/rbd1-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 43505
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/img-37-300x300.png
104.206.225.200200 OK 50 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/img-37-300x300.png
IP 104.206.225.200:0
File type PNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data
Hash 8207412ea4eab7ae56ba0c37b23fd4f0
7c1324536f690f4bef3de5868f7408523570bf08
28378af56e0d745cb991ea8e995fdc5829c73132ff6bb29d67ad07d888e73767
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/img-37-300x300.png HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 49657
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
mail.parrotbay.net/assets/images/nw1-400x300.jpg
104.206.225.200200 OK 26 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/nw1-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash b6a674fd563ce20ea37495125c48df9c
bd2749028e59c71ad04a18d17c72c00f615f4d84
5f22c35616d340f8db77d30f1b5e8d7e70fc0540a9669540e1a47e62e667ca4b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/nw1-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 25619
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/cb1-400x300.jpg
104.206.225.200200 OK 29 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/cb1-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 9f65b15cbc36ff1c5b71a17adac73ddb
9030f1a2ea4ce9e655533bed025efed1188b799c
a6d6bdc576aec3f6c4cd9bc474bb608506105aa1fa74fff23ba12a742ce1206d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/cb1-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 29195
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/img-9075-128x128.png
104.206.225.200200 OK 11 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/img-9075-128x128.png
IP 104.206.225.200:0
File type PNG image data, 128 x 128, 8-bit colormap, non-interlaced\012- data
Hash abdb67bb679b3855476cd10a8b72c5d4
bf49b37abc4b44f7a348bce0e8298e88dfef91be
67946cb69c5b48cbf66c282f90964362da252d0e39c564986c87fbf87546ca9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/img-9075-128x128.png HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 10847
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/png
mail.parrotbay.net/assets/images/sea2-400x300.jpg
104.206.225.200200 OK 47 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/sea2-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 2d3e227e91f5fc001d99b0a9a6980094
5b7e695b2aa0c5d8de887281511f1995462a259b
bac3a6a4e2ea1e44f0b802f420c0f1929f5d418fa5da2f71051fc3177d6bfe6e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/sea2-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 47283
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/ast21-400x300.jpg
104.206.225.200200 OK 35 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/ast21-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash f5482c4a67584341db662bd70c2d4235
8e8fd7449f98d5d9d9a17b8bab925e268b09e58e
4fbd9efcde6b00ffca696d55a74b55f3872502367d9ba46f8a0a248ea58641dc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/ast21-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 34633
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bc1-400x300.jpg
104.206.225.200200 OK 26 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bc1-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 22011acae90bee672d28e15cb03b44a5
89bee54c19609b9125f43dd68b4e87298b238217
710dac8c15322acf5e7e33e3402bfb2d67942a356590fa1c8c8e3389c1c3ef10
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bc1-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 26405
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/lc11-300x300.jpg
104.206.225.200200 OK 21 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/lc11-300x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x300, components 3\012- data
Hash 89257c8084729dcb7797c6a6e874e526
93dab51a7fe694f6e4acdf331adf2e95743a77ec
daf2923ddb031564bb3f4d1daa16ac744cc73694ffe984f4368c8fd65573735a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/lc11-300x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 20815
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Fri, 18 Nov 2022 03:43:02 GMT
Date: Fri, 18 Nov 2022 00:53:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 032386e5c9dffff1ba1ee5e8a322d438
dd4fd6c803a9b333bace9a541c6bd183d0c56bb9
0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 79463
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
34.120.237.76200 OK 8.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14649d486602810c1b218b96b27b2cc4
96c6cbfe31e7247c64dfa8c3759967627f8c6286
80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 10686
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4998f097d23ee5f19cae27d5b938e5fc
4369c8ebe61b9944e639bb2731feb51c5a758fe7
5691c66766c9578e9c4aa71240608653821162c668abc63ee40e553ede2450e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38915691-004a-4ae6-a5c6-fd071040ffba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6339
x-amzn-requestid: 0be5dee5-272d-4577-ba55-5cdb7935ea60
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MCExBoAMFz6Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa4c-15fd613336aa6fcb165d0b26;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: NYs-Nf0PzWqhXP5nkvanTjhJ6vfwRIU--YD06RFIGPEuwDCu6fvEPg==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 10879
etag: "4369c8ebe61b9944e639bb2731feb51c5a758fe7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Fri, 18 Nov 2022 03:43:02 GMT
Date: Fri, 18 Nov 2022 00:53:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 93b326374b3808d0af42e295643cdc14
dd691328acf190c745465208f18a41a75878df18
224ac3995e2e78ee5fcc6c5c3d5fb1f4b0ceca1c42b7a1a493c756aa199bf75f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffad6fa40-abda-4ea3-b899-aef6906a01e1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5198
x-amzn-requestid: ba4e00c8-a996-41f3-b15a-1e304907ca2a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9UpH1ioAMF6ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ea-2f9f794c4de03f8b212e072f;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPflGHjoeNg1X5EszKAaziaZsKFf5hT6LeNPpZQriZ5H1z7Zhh86Ow==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:57 GMT
age: 10682
etag: "dd691328acf190c745465208f18a41a75878df18"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Fri, 18 Nov 2022 03:43:02 GMT
Date: Fri, 18 Nov 2022 00:53:59 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9426341bb128c1b6ba16e64df78152b4
08859a30ed6dee233cde4d77f2a04f058991502b
209a0520d5fb1eeb6dfa7d2f4c334a7109cc885cf4be8605bfe5a8f52232306d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "209A0520D5FB1EEB6DFA7D2F4C334A7109CC885CF4BE8605BFE5A8F52232306D"
Last-Modified: Tue, 15 Nov 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10143
Expires: Fri, 18 Nov 2022 03:43:02 GMT
Date: Fri, 18 Nov 2022 00:53:59 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6672a5b26995975d4c7a589daf121490
b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24
8d23d01e100d958dc1ae0f8f3cd39c2bc40c19c75a560c4df5ba9ce1de247615
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08ef698a-56d7-4f19-be41-17c1eca0ce7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8644
x-amzn-requestid: 989e9461-ddcc-4a41-8d88-d86dfa891899
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw9UqERtoAMFUow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376a8ea-40b5695c1a052c3a0bd03458;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:34:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: j-FsOPbQyKGUzW06HOBWpRb-VIB6dSNf2Dja2ZwtbQaOFs6aJ7MXqw==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
age: 10696
etag: "b48bffb7c716db7c05dc2e74ffbc49f89e7f4c24"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d16e5ff718353c095d266b080fe547f
fa7c5c9a1d16355859196271f3d13f3850931888
9a94d8eb20cc56d0898b1e2b80c0006ebbef75c15ad94e907050c5be4e19a960
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F20ddb38f-d459-45e6-9351-068a5306b3a1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10349
x-amzn-requestid: fc85e078-a81a-4fed-899e-15249961f59c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7tHGLIAMF00Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7d-4224d193517794684fcdc0ad;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UK-XD_8EcfPwfLb-QVwfLr8aG-sqVBoUJcbPb5hKAlQS68eOxdgM5g==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:03:27 GMT
age: 10232
etag: "fa7c5c9a1d16355859196271f3d13f3850931888"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/images/bhma11-400x300.jpg
104.206.225.200200 OK 23 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma11-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 090dab5680b1f9af605a699a2703a7fa
5056bc94fc059be451ba79bd6bba5846841c30ab
4d709ee1159fa1f59d8fca74ba275c856c1e808884f5c539a12836ed0797bd1f
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma11-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 22588
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma5-400x300.jpg
104.206.225.200200 OK 34 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma5-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash ff89f9636f0f557362370e1e2c98bae7
84f73718e3900b36f0f6512564b3fe8047f444e8
3e458b1f6ae115e0b474c28374c28c7946121dc244c9856358bea5cd2555fcfb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma5-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 34239
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma2-400x300.jpg
104.206.225.200200 OK 22 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma2-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 4f9d796824f9ad2a4c46e31852dec61e
854a27ec154b963d38c7dabfe1bc539ea461b0bc
8a0060fb048f8454d1200f3805db0cb26a3288c77c1b20c461767c62759fe1bd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma2-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 21507
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma6-400x300.jpg
104.206.225.200200 OK 26 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma6-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 9afb8465e610e87ffa62afd290e5c0d1
c5e570e0cddca4d9e163c7c3e7edf96a600452de
cec987e4104fd75474cd76e13a5cbbeaccb7e7b1f530090917ca24b66b81398d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma6-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 25511
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma9-400x300.jpg
104.206.225.200200 OK 21 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma9-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash ee50950cdc75b859b5fcc25b876258c5
ce693cfb7754c090dd1b3d2c542e546aa1085e1e
af3bafa99262d663941fb9b02c1e7025d70c3bf60917ac38be9964b3352ff22d
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma9-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 21298
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma3-400x300.jpg
104.206.225.200200 OK 22 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma3-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 877f3c22f8b34e1ea42f3306101fba93
3a922c7542672dd64d5a0dd1bb8e778cd27a7d8a
a3f3fb08488fe5d343fe76f5d0ef9d782bad6e3eb6b6cc0acce106b1a7851585
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma3-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 21988
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
mail.parrotbay.net/assets/images/bhma7-400x300.jpg
104.206.225.200200 OK 35 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/bhma7-400x300.jpg
IP 104.206.225.200:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 400x300, components 3\012- data
Hash 25ef4e0ff7fba1ae8dea6f0880962a5d
9b46b560671961ba6f1252d3ec801c04ab140e5f
077e82f8d1484561bfb891aa216e99d62a03a69c386f9d57b3b1a0f2bcba297a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/bhma7-400x300.jpg HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 35022
Keep-Alive: timeout=5, max=90
Connection: Keep-Alive
Content-Type: image/jpeg
connect.facebook.net/en_US/bundle/sdk.js/
31.13.72.12200 OK 87 kB URL HTTP/2 connect.facebook.net/en_US/bundle/sdk.js/
IP 31.13.72.12:0
File type ASCII text, with very long lines (11292)
Hash 491d34a0aaef1e14f8f75f140f1301a0
977a34f6ad2dcd91e2c823a375ef0248a16dcbde
deeecdd3be491afa351ed89eec2749797960574577bceab7b8ae52be21c0c601
GET /en_US/bundle/sdk.js/ HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://mail.parrotbay.net
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 23627dd555d4d4a0b98e7ed9a58d0824
etag: "fcc7d38c11ff68e7fd6fefd806aa9923"
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
expires: Fri, 18 Nov 2022 01:05:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
x-fb-rlafr: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: SR00oKrvHhT4918UDxMBoA==
x-fb-debug: cXeSBu1PuQQy5ecUexjTXGbH+9Xw9c9E2hCx9qT/NqZgRtgRSuAx/h+gXZK7LP9NV6Hfpovcl/nzqoX6nCQE0Q==
content-length: 86877
x-fb-trip-id: 1904183273
date: Fri, 18 Nov 2022 00:53:59 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/images/logo4.png
104.206.225.200200 OK 7.0 kB URL HTTP/1.1 mail.parrotbay.net/assets/images/logo4.png
IP 104.206.225.200:0
File type PNG image data, 128 x 128, 8-bit/color RGBA, non-interlaced\012- data
Hash 58c9e4e45653bde53a04a5f7217ff007
8d1d0e8e754b08f097200eb797c4fe4ab8baa5ab
8647d0b5c44950d93c33200e983cb8e1a40450d81f02d6738da46e47ddc6fa5b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/images/logo4.png HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:59 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 6991
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 19:34:08 GMT
expires: Thu, 16 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 105592
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 16 Nov 2022 14:07:32 GMT
expires: Thu, 16 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 125188
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f8e60a799876f30da96e12beb8ff5c03
5d86f33db1ec9ae549ba1caf96a790559cfa8205
96e48bb49aef4771e738a0f24b5d7390a351e5c8b61774f4a63527f961fcdfea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash eaa6a3200eda9bf5788df6d9eb04d84c
12efbb66692df6d76c1103b152808d751c0e49f1
6d815027ae40ea2603c0ed5adac0821cd5526f11c2eeb0ada5294b6f2ec3492d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.166200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.166:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 18 Nov 2022 00:44:05 GMT
expires: Fri, 18 Nov 2022 00:59:05 GMT
cache-control: public, max-age=900
age: 595
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.162302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Fri, 18 Nov 2022 00:54:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 95d38fabca722a84f17dd933a225c9eb
57162b6ce750cb4d572671e857704bddddb7db7b
a9df628bebc2ede321f9140681d93792903dafa2f9d9f5d19b05e5baf47a14fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f8e60a799876f30da96e12beb8ff5c03
5d86f33db1ec9ae549ba1caf96a790559cfa8205
96e48bb49aef4771e738a0f24b5d7390a351e5c8b61774f4a63527f961fcdfea
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 18 Nov 2022 00:54:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 18 Nov 2022 00:54:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 930f74691e16f3ed87d4a0c31254d5e4
eb1d7b2a591d84cf8c8953251fd27ec3daab32fe
7d24c8d3c0cad7a4fde0b6bcba5c11b6501fca1a0080a99625ded94767abf49f
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 18 Nov 2022 00:54:00 GMT
server: ESF
cache-control: private
content-length: 30938
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Fri, 18 Nov 2022 00:54:00 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
142.250.74.138200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b7d9f7a15594a75e10942ce86bcd1c0c
13dfad63f3b7781e0945e28b59a484aa272ff9d7
66cfd6dc6b1a7873b99b8362db1223673f803eff40e6c3a350a4ae26602a7853
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 952
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Fri, 18 Nov 2022 00:54:00 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mail.parrotbay.net/assets/bootstrap/js/bootstrap.min.js
104.206.225.200200 OK 0 B URL HTTP/1.1 mail.parrotbay.net/assets/bootstrap/js/bootstrap.min.js
IP 104.206.225.200:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /assets/bootstrap/js/bootstrap.min.js HTTP/1.1
Host: mail.parrotbay.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://mail.parrotbay.net/
HTTP/1.1 200 OK
Date: Fri, 18 Nov 2022 00:53:58 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:26:34 GMT
Accept-Ranges: bytes
Content-Length: 55775
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap
IP 142.250.74.10:0
GET /css?family=Rubik:300,300i,400,400i,500,500i,700,700i,900,900i&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://mail.parrotbay.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 18 Nov 2022 00:53:57 GMT
date: Fri, 18 Nov 2022 00:53:57 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2