r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7fb7c70f7f4e2cee27eb0e7d875931f7
98fca3817a551b1daecebae103a48e718b8b5a53
2a40f957a6b1734aa3f87cff51b673f0536732db15b09033dd604879692df349
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A40F957A6B1734AA3F87CFF51B673F0536732DB15B09033DD604879692DF349"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8448
Expires: Wed, 28 Sep 2022 09:28:15 GMT
Date: Wed, 28 Sep 2022 07:07:27 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
143.204.55.36200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 28 Sep 2022 06:15:39 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: pHTcoQCEalvEmApZCpmatOmPq0eMIWSHjGKYBILypp0yZBa6-QleXg==
Age: 3108
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8afc4649e99d0e42b9bf5b133eebed5c
e3e7e0e614af3262b74bd4b6267ef23293bdb5f0
e16e8b782b441ecb9a57c3fc3db9884b5a3034967b846cca67b2f53644fcabdf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E16E8B782B441ECB9A57C3FC3DB9884B5A3034967B846CCA67B2F53644FCABDF"
Last-Modified: Tue, 27 Sep 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12945
Expires: Wed, 28 Sep 2022 10:43:12 GMT
Date: Wed, 28 Sep 2022 07:07:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: /H5HmAs/lD2avJsSQWTzAJ5S2vWl2X/48q7MNYEgVw8S+GcZ2fmlEk+gvgIQJuzvqPTm874CHhQrf/TlVFJenQ==
x-amz-request-id: XZW0FFK2EEH35VSK
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 28 Sep 2022 06:49:54 GMT
age: 1053
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 28 Sep 2022 07:07:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.36200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.36:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 28 Sep 2022 06:29:33 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Wed, 28 Sep 2022 07:18:37 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: TwLp7DTT5enFQQ_q2lxRMrJkpqi_3WYv1_dczz0DPm0A1UaPBZWVbg==
Age: 2275
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1764
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:28 GMT
Last-Modified: Wed, 28 Sep 2022 06:38:04 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4058
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:28 GMT
Last-Modified: Wed, 28 Sep 2022 05:59:50 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 278
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
104.17.25.14200 OK 5.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css
IP 104.17.25.14:0
File type ASCII text, with very long lines (28900)
Hash 849c0219c80f61d47b93f1ded8c8b0c9
f9a9f5c33e0def15902704e6dd3ba9c05a4da27f
88df3e8ca5ff4830679e00e2817dc6a0832a4c1ba76425a7e522b147e3f675cd
GET /ajax/libs/font-awesome/4.6.3/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1.34.196.211/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 28 Sep 2022 07:07:28 GMT
content-type: text/css; charset=utf-8
content-length: 5324
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7187"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 1160391
expires: Mon, 18 Sep 2023 07:07:28 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pyw5%2FMH2%2F2nq83BIQG4KYf6Jcf48ElhhSLq2iZtSdQGIaSUfctIoqvPu4NYY8oq5icOxGRjpn73n6%2FCjo5tZbuaNTdikF9I%2BELTSH36YqfqZ7CBvyx8%2BLIISaocq646j7xGVbSDK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 751aa46e4c720b51-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.jsdelivr.net/scrollreveal.js/3.3.1/scrollreveal.min.js
151.101.85.229200 OK 3.1 kB URL HTTP/2 cdn.jsdelivr.net/scrollreveal.js/3.3.1/scrollreveal.min.js
IP 151.101.85.229:0
File type ASCII text, with very long lines (9032), with no line terminators
Hash 908dc67d5b260a1eb13d17deb0deed6f
ed7487a0786156f03cc603b94cf270bcbee51379
50509e3bdf5f42a34da4b889d8f3ca45f6add27871bf92daeff94b621cadec5b
GET /scrollreveal.js/3.3.1/scrollreveal.min.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1.34.196.211/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
etag: W/"2348-dwAEWierx2+FThrd5UW2GZqggzY"
content-encoding: gzip
accept-ranges: bytes
date: Wed, 28 Sep 2022 07:07:28 GMT
age: 3127163
x-served-by: cache-fra19160-FRA, cache-bma1669-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3098
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash cb600c4fe611e7a9f6e1df50d934375d
afac81b549aade8b7a1ba18e63432036343fdadf
4ac0f690be6e1e0c0f070e8600e05e7c235ba70b4baf3f4e5a35d207b1db168c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3913
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:28 GMT
Last-Modified: Wed, 28 Sep 2022 06:02:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 278
ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
216.58.211.10200 OK 30 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js
IP 216.58.211.10:0
File type ASCII text, with very long lines (32025)
Hash 83b3b5729cdff3976db52c51831e96b8
d23dc823e37f58e5366340be755730f3fa9a850d
675fa88b39008a09994460a93b310a7d4593735009a9b24b6f176c347ad12421
GET /ajax/libs/jquery/2.1.4/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1.34.196.211/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 29725
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 22:46:19 GMT
expires: Mon, 25 Sep 2023 22:46:19 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 202869
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
104.18.21.226200 OK 1.5 kB URL HTTP/1.1 ocsp.globalsign.com/ca/gsatlasr3dvtlsca2022q1
IP 104.18.21.226:0
Hash 70331756dce138c63e65fec0ed25f546
d1accfa07079b7e052399f8266874d50cf649910
2d0838798dfc8269de4c3aa4ee1bc0802b8cef76a3ee67e23d3f2850867ad27f
POST /ca/gsatlasr3dvtlsca2022q1 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 28 Sep 2022 07:07:28 GMT
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
Etag: "574F9EB87434EE6EF78E154E67699538ECB1ACDE"
Expires: Wed, 28 Sep 2022 18:00:00 GMT
Last-Modified: Wed, 28 Sep 2022 06:00:00 UTC
Cache-Control: s-maxage=3600, public, no-transform, must-revalidate
CF-Cache-Status: HIT
Age: 1413
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 751aa46ea9ad0b02-OSL
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 11b1f146fa6fa4a88b1efc65b548fb73
f3f12e14f8f66a2e7c43015c394af199e4a94e06
74441efb7e39672af50ce0b6190b20d20bc3ae744b415a17f8b96a0f89aa0491
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
52.41.253.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.41.253.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: eXc04tsBsO/bgvgwBcRBnA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: uhosI0UoSKuszLUSydpl+Sgmrsg=
1.34.196.211/css/sticky-footer-navbar.css
1.34.196.211200 OK 737 B URL HTTP/1.1 1.34.196.211/css/sticky-footer-navbar.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with CRLF line terminators
Hash 278f4608b9903146d91a1736343ea768
2b6507a8505ef126532dada2ff7f680909609395
7b811ed78799c2a67494702a93e5a8792fc42a76b770b1182320d35faeacc525
GET /css/sticky-footer-navbar.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 737
Content-Type: text/css
Last-Modified: Wed, 31 Aug 2016 07:02:05 GMT
Accept-Ranges: bytes
ETag: "1cf3b95553d21:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
1.34.196.211/css/ekko-lightbox.min.css
1.34.196.211200 OK 924 B URL HTTP/1.1 1.34.196.211/css/ekko-lightbox.min.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with very long lines (767)
Hash f8219a396ba357380427f6929a4ecba8
babb588b624b2c2ebbaba6925df537cf839d5cfb
c23eccf55f7d4fdffdde72bc884d6f015adfcf3022726f7da3be99358c94aed1
GET /css/ekko-lightbox.min.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 924
Content-Type: text/css
Last-Modified: Mon, 12 Oct 2015 03:16:02 GMT
Accept-Ranges: bytes
ETag: "045bd529c4d11:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
1.34.196.211/css/style2.css
1.34.196.211200 OK 398 B URL HTTP/1.1 1.34.196.211/css/style2.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with CRLF line terminators
Hash d1ed233ebcfbe1516bf4d3181173157c
5137886f0d39cf3a574043a2a3737b5112bb966b
8dc81e648fb4c772a1f8f6f762e0c413f7c10eaa5b9697594da835cf9e7bcb3a
GET /css/style2.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 398
Content-Type: text/css
Last-Modified: Tue, 27 Oct 2015 02:19:37 GMT
Accept-Ranges: bytes
ETag: "391884ed5d10d11:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
1.34.196.211/
1.34.196.211200 OK 18 kB IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash d80f8b47343906c5ec5b3736c36fe60f
d08b8484bd3b2c838b28effce8bf76b44f33588b
86541d2f6fb28abe39a80ac7511b8b688b862d007921b9ceb75a2d4856e4285b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Length: 18140
Content-Type: text/html
Content-Location: http://1.34.196.211/index.html
Last-Modified: Mon, 06 Apr 2020 02:49:13 GMT
Accept-Ranges: bytes
ETag: "18c870f4bdbd61:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
1.34.196.211/css/index.css
1.34.196.211200 OK 1.1 kB URL HTTP/1.1 1.34.196.211/css/index.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with CRLF line terminators
Hash e835a0a07e9bc6ae659684c8a949e50b
16841ee5beec8a5b5daa214a52211975afa62992
30de2a280517bfa07535ec401066c8357f574c0e3d00749d194e6d3c36b430f9
GET /css/index.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 1099
Content-Type: text/css
Last-Modified: Fri, 26 Aug 2016 09:16:15 GMT
Accept-Ranges: bytes
ETag: "1812277f7affd11:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:20 GMT
1.34.196.211/js/custom.js
1.34.196.211200 OK 2.7 kB URL HTTP/1.1 1.34.196.211/js/custom.js
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 24073d0d65868f9a82adb2f344604ed5
a4793d9304bb1a743b06a2591d37c8626706b198
a1ebe0e0d90f5d57ff0a80150a6157db2b6f483a87656ad0983de22e0862adc7
Analyzer Verdict Alert fortinet Malware
GET /js/custom.js HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 2695
Content-Type: application/x-javascript
Last-Modified: Wed, 09 Oct 2019 07:41:56 GMT
Accept-Ranges: bytes
ETag: "7310af6757ed51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:20 GMT
1.34.196.211/js/carousel-swipe.js
1.34.196.211200 OK 4.8 kB URL HTTP/1.1 1.34.196.211/js/carousel-swipe.js
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
Hash f0dea378c0e54cb2411ab85624fa86b3
586a9cde00a9d9b2f5b1a1770723f047382a8174
d10f9a9aad412b27eb9fc49372eb7a975a09742899ea729c198167d3f6162293
Analyzer Verdict Alert fortinet Malware
GET /js/carousel-swipe.js HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 4751
Content-Type: application/x-javascript
Last-Modified: Fri, 02 Sep 2016 09:15:59 GMT
Accept-Ranges: bytes
ETag: "2ac05d9efa4d21:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:20 GMT
1.34.196.211/css/bootstrap.min.css
1.34.196.211200 OK 114 kB URL HTTP/1.1 1.34.196.211/css/bootstrap.min.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with very long lines (45631), with CRLF line terminators
Size 114 kB (113625 bytes)
Hash 3313ea97f0dcfad6a51e8f8b144c74ff
e49e8dbb49f097c1a6ec80cc867fcb5e570fdefa
7665d90d36460287c7486f7532d1dd0d2504197133e382d439480b1f4f94854c
GET /css/bootstrap.min.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 113625
Content-Type: text/css
Last-Modified: Thu, 20 Jun 2019 02:34:05 GMT
Accept-Ranges: bytes
ETag: "c8cbfda01027d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
1.34.196.211/css/style.css
1.34.196.211200 OK 29 kB URL HTTP/1.1 1.34.196.211/css/style.css
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash a7f3063bfeb629c828b75509153dc9a7
3c428891a42996a3b718ab5af32a152fd67b16d1
f3aba1b7a77e611f0f7b5d79a3970351b5516cfe6e1ed61f5bfd7fef85fda7a0
GET /css/style.css HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 28772
Content-Type: text/css
Last-Modified: Wed, 12 Jun 2019 07:23:04 GMT
Accept-Ranges: bytes
ETag: "7c3ae2acef20d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:19 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6751
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:07:29 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 639785692dc29802e484e1e1d0ec86c4
cf81784351ce6302f540f491f893b44496809677
0e47d6e33fe9f6e588d308b62fa059c960a000c56651713e30baf6cd09b7de41
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E47D6E33FE9F6E588D308B62FA059C960A000C56651713E30BAF6CD09B7DE41"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6751
Expires: Wed, 28 Sep 2022 09:00:00 GMT
Date: Wed, 28 Sep 2022 07:07:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b97879edd864c4f251a6668c8201095f
28938e97773ac1a51a529e85284d228239641f01
143cd15afadce309b970b525818be68c23fcb2322a66ac915d1dc7418968b6c5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa8480871-279b-49d0-8a83-97fd2e1ef4f1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9304
x-amzn-requestid: d0045fdc-1e02-4039-9e0e-d3b8b255f205
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Y1-koF_eoAMFyHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632bde1d-1cb029d169ec2b1651b2ac78;Sampled=0
x-amzn-remapped-date: Thu, 22 Sep 2022 04:01:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 7XXVE-hcLMoCU9jUDrgReSZMkPLz_GEAKoc_gR4Ai4hoCeZXfiC3tg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 0d4ebcaa87ba94709def0eaac9371e5a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 28 Sep 2022 06:44:46 GMT
age: 1363
etag: "28938e97773ac1a51a529e85284d228239641f01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 07f06c54e3b1431203308e4134e7efcb
e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49
2814f21c6a21623c189163672867272eb24f754d3d22a8285349e5dd9f6b49f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9aa8d9d6-9650-4c92-a2db-529657be591b.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10031
x-amzn-requestid: 0ac9a228-b6ce-4695-b269-f6a5ba959576
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3e4HTsoAMF8dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c5f-1d1cacef2608d5820b2bc1b1;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:34:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: kqeQV7wIw3SgSUFs3Nd3ZOV_0b9ETAw1X1_c40UXEjLZAT-JTqIQhQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 1481cc55c02c3a782ad420b6bac2cb32.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:50:04 GMT
age: 33445
etag: "e26e7e4f7c67d680f0c2d0fa84dcb77ffbef6a49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6139c878a7d2bd32c61fc8287996eb5b
9c4692ea64832895fbd107d91f879728b6a440c7
3839df92f0a10c1433d5b576df50c9f7953912ae4f425012262f08ee8a59ce2e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8ffa6dde-b51e-43f8-bfcb-3f442d674928.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8500
x-amzn-requestid: 626c21ec-f29b-4b69-b275-c22c864c2409
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VmENnIAMFeTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c23-75eccc381fbd6e5d4ff59c06;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Eyy8qoYVCJbt6b6hTGJ-rOrYex9RuX1InyZbpHkeu9yQqPUEvowKcw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "9c4692ea64832895fbd107d91f879728b6a440c7"
content-type: image/jpeg
age: 33511
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b255b252ceed088d6f505e7e9acfcb55
a6b1c3e0d506ac1c66405e061e9910fafb176a7d
b796a98834c7ecf220d13bfba61e81a9b90d472d2aa725ff66888cbddad731e7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae0951d3-44e9-49d3-9232-f4151ef59735.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6157
x-amzn-requestid: a51846e4-4e25-455f-885b-acf2567f2e1c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZDlObH7XIAMFw6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63314f28-4e6a68a74edb1ad850e17dac;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 07:05:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 2g98EnyiFhkZTsqis2_ASfjM-YTJmcUJ-Mwcl1dWlruzrWDuojPA0w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 02d90bf99fd6253b329a53c82f19e224.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 07:16:33 GMT
age: 85856
etag: "a6b1c3e0d506ac1c66405e061e9910fafb176a7d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3c58fdf09a7d552be0c8666522a29de7
60c873f097c85376797fed366804119f7e9c445e
24569f084d3fd428526503bde8b3da64152911934cd5e0e9140c06d954e4bcd9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F838bed0c-c665-42d6-8c20-1decd709953c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9314
x-amzn-requestid: ed84d0e5-30c5-4841-ba9d-3626234b2056
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3VbFqBoAMFy-Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c22-5d0ccbc31fb085be45ef947b;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:22 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: yBDUlVwqRnXuJKsaz3vbFNhtNvihQMuk5wX5y4UmEKm1D21wSVdJHQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:48:58 GMT
etag: "60c873f097c85376797fed366804119f7e9c445e"
content-type: image/jpeg
age: 33511
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa5cad224dbddd71881bd07255beb4da
bc214d60be395d4cf753216ff8f9691c33d25e75
82935e52aa59929a448d17a5a2d58fda86bb5c25bf6628a05bd904f82517dada
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0369629e-f44d-439f-a279-b5ae6ecc0cf1.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 14464
x-amzn-requestid: 5cbbafdb-3f69-4ee2-9e46-c1ff0ed4ef14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3UPFiooAMFulA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336c1a-633a649700e040b91deadb64;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:33:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: cNryG5vkxZuFATZfcNW9Z1-0teUBWLRyWslX1onwYlDCQBUjU2xVdA==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 21:46:03 GMT
age: 33686
etag: "bc214d60be395d4cf753216ff8f9691c33d25e75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
1.34.196.211/js/bootstrap.min.js
1.34.196.211200 OK 36 kB URL HTTP/1.1 1.34.196.211/js/bootstrap.min.js
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type ASCII text, with very long lines (32087)
Hash 2616d3564578d8f845813483352802a9
5ada7c103fc1deabc925cc1fdbbb6e451c21fc70
f971b901aeb9e55b07d472afee09bd5ae05159e1119dbd16d993e473565e7fc0
Analyzer Verdict Alert fortinet Malware
GET /js/bootstrap.min.js HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 35601
Content-Type: application/x-javascript
Last-Modified: Wed, 12 Nov 2014 01:03:24 GMT
Accept-Ranges: bytes
ETag: "0566e7514fecf1:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:20 GMT
1.34.196.211/images/order_Process-04.png
1.34.196.211200 OK 4.8 kB URL HTTP/1.1 1.34.196.211/images/order_Process-04.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 601 x 374, 8-bit/color RGBA, non-interlaced\012- data
Hash 646d474536fe9ea241117ac122ac275f
c92190a3766bddafc5c959b68329808ee6d71ad6
10518f4eca53eb18bebf0a9ca294e2fe55114f972f2c598710a42bac4b0a9825
GET /images/order_Process-04.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 4830
Content-Type: image/png
Last-Modified: Fri, 31 May 2019 03:45:40 GMT
Accept-Ranges: bytes
ETag: "f212de506317d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/index-yacht04.jpg
1.34.196.211200 OK 104 kB URL HTTP/1.1 1.34.196.211/images/index-yacht04.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=287, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=408], progressive, precision 8, 408x287, components 3\012- data
Size 104 kB (104188 bytes)
Hash 697fb57b1a0b337a6fb29b5b4c827a60
b323c85aab61b257bf8fefe506edeed8d60020e0
e71ff31c4ef3341acabd5216896058004de485ab39191fabef1789d051ba4c24
GET /images/index-yacht04.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 104188
Content-Type: image/jpeg
Last-Modified: Tue, 28 May 2019 06:58:28 GMT
Accept-Ranges: bytes
ETag: "c281c12215d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/index-yacht03.jpg
1.34.196.211200 OK 91 kB URL HTTP/1.1 1.34.196.211/images/index-yacht03.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=287, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=408], progressive, precision 8, 408x287, components 3\012- data
Hash af0058fd12de693ea39a057b97dab9fb
3495e890a150c3c4fdb78bdabaca32cb86c2d4f2
0a20e72418640fde040817584908a84704448df07543df4f7369667cb9fd6507
GET /images/index-yacht03.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 90934
Content-Type: image/jpeg
Last-Modified: Tue, 28 May 2019 06:58:04 GMT
Accept-Ranges: bytes
ETag: "262369b22215d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/js/ekko-lightbox.min.js
1.34.196.211200 OK 12 kB URL HTTP/1.1 1.34.196.211/js/ekko-lightbox.min.js
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document, ASCII text, with very long lines (11507)
Hash aa6c687741d92bd311b2804969f1c05a
73e658a548ea90c21ea2394bbfb86570fa7d7567
93d4eb29fbc3d39b726afae39151c4a50365d32db149658bca0cb7db4b891d07
Analyzer Verdict Alert fortinet Malware
GET /js/ekko-lightbox.min.js HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 11668
Content-Type: application/x-javascript
Last-Modified: Mon, 12 Oct 2015 03:16:02 GMT
Accept-Ranges: bytes
ETag: "045bd529c4d11:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5e01e4cfb215a3f052b4c716bc77c1a6
6e63b3e883051319571310c44b87591f0312d83f
aebb544e0762c6c3eb289d85c20299baa3f742dc46cfa5bcc33ac6df411285ae
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.34.196.211/images/index-yacht02.jpg
1.34.196.211200 OK 121 kB URL HTTP/1.1 1.34.196.211/images/index-yacht02.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=287, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=408], progressive, precision 8, 408x287, components 3\012- data
Size 121 kB (121020 bytes)
Hash 43584cd88740723c3f379f6db758afdc
8c1ad2c770f9b2a6a5ae455051380720cd3f18ae
7f37250c65bc6e6ff0d5cf283d74af6deebdef6697e7311bae56c4ac2df5e296
GET /images/index-yacht02.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 121020
Content-Type: image/jpeg
Last-Modified: Thu, 30 Jan 2020 01:19:03 GMT
Accept-Ranges: bytes
ETag: "b3987342bd7d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/fonts/glyphicons-halflings-regular.woff
1.34.196.211404 Not Found 1.4 kB URL HTTP/1.1 1.34.196.211/fonts/glyphicons-halflings-regular.woff
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ISO-8859 text, with CRLF line terminators
Hash a3d02ffb90ab4f885ad56908e8c5dca2
851079f21644c722b932921b42c221bff9bb379b
b84d4cd7b91707a646e630ca8531ae5987a23b4821e2828fee8089d928982c8d
Analyzer Verdict Alert fortinet Malware
GET /fonts/glyphicons-halflings-regular.woff HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://1.34.196.211/css/bootstrap.min.css
HTTP/1.1 404 Not Found
Content-Length: 1379
Content-Type: text/html
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash be52dbe2d47697a7f007d69c486b77b4
fe445ea87749e97423e7865bc559ad78f672a62d
65d16df2b3095c658d2bdf39b06d57486967bba7b43c43108e5025d7af5b7ab6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.gstatic.com/mapspro/_/js/k=mapspro.gmeviewer.no.NXIP_zF5P6U.O/d=0/rs=ABjfnFX3XtOuDAr7nseb8bjuCVOgil4qgg/m=gmeviewer_base
142.250.74.163200 OK 236 kB URL HTTP/2 www.gstatic.com/mapspro/_/js/k=mapspro.gmeviewer.no.NXIP_zF5P6U.O/d=0/rs=ABjfnFX3XtOuDAr7nseb8bjuCVOgil4qgg/m=gmeviewer_base
IP 142.250.74.163:0
File type ASCII text, with very long lines (542)
Size 236 kB (236522 bytes)
Hash b386913b91cc40cf0173acaed4b0b5e9
fe1bbf8a3ebbdb27e43985004f27dd7c5a812714
921b90539e327d76899d7494fe83195ea621d4c87b089b6c43ad6268b14b5068
GET /mapspro/_/js/k=mapspro.gmeviewer.no.NXIP_zF5P6U.O/d=0/rs=ABjfnFX3XtOuDAr7nseb8bjuCVOgil4qgg/m=gmeviewer_base HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-mapspro
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="geo-mapspro"
report-to: {"group":"geo-mapspro","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-mapspro"}]}
content-length: 236522
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 26 Sep 2022 20:30:51 GMT
expires: Tue, 26 Sep 2023 20:30:51 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 21 Sep 2022 23:40:42 GMT
content-type: text/javascript; charset=UTF-8
age: 124600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/maps/d/embed?mid=1Jy7W8GO_OZlk_2LS3usiVpDyAKhsRpEz
142.250.74.164200 OK 44 kB URL HTTP/2 www.google.com/maps/d/embed?mid=1Jy7W8GO_OZlk_2LS3usiVpDyAKhsRpEz
IP 142.250.74.164:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (61624)
Hash 7f2cfa08fee93b02c929cbae654d1fd2
da16921df4ba1d6c861fd8dd4f27a2b3d04c9b05
3fa06bb2fb369bff90f6ecede98894ae11da96366d106e318e94a5e1686a83f0
GET /maps/d/embed?mid=1Jy7W8GO_OZlk_2LS3usiVpDyAKhsRpEz HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1.34.196.211/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Wed, 28 Sep 2022 07:07:31 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info.", CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-LOjCqohjbUj62og6wowkGQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
cross-origin-opener-policy: unsafe-none
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=WnD28rvcC3KRuA6XplMWqaGc_QrjuWLeJXLibYtqc9M9qil9oNGQg567QovK8S8-YZpOBGzfvid6AuorPPhlvwvmEl_RCDAM-qJaK9Kw18-5raeYazCMrB_o-GX6WMoB9EgvA1b2q62pH6ChaPpqIFXCkaa5MiD8AiCQRrByzF8; expires=Thu, 30-Mar-2023 07:07:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
NID=511=jgPQjEW29rMd_eSAWhaZC-Zo6fajpHxhbeTi9bqC56EAs8jnSII-JjLfaFfZYj9JJOvy9Hyptf-kRByvYwqaSXR1qhfVLpjOO5stwur58zoIzASCeiiYhM0QQ8xCxYYaIA842c7sKDwOO0n7uE87exoS_xXS3jvGF-4An6g5F2M; expires=Thu, 30-Mar-2023 07:07:31 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash fc82211401f793132f7d43c2fd253af5
605d8371709b5d2a41967fd390c34fa649f89ea3
b23fd36ec037710672ac1aa6fea284e3869c4bae7941d9b53c771cff8743478e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.34.196.211/fonts/glyphicons-halflings-regular.ttf
1.34.196.211200 OK 41 kB URL HTTP/1.1 1.34.196.211/fonts/glyphicons-halflings-regular.ttf
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type TrueType Font data, 17 tables, 1st "FFTM", 15 names, Macintosh, type 19 string, www.glyphicons.com\012- data
Hash e49d52e74b7689a0727def99da31f3eb
aafafdc09404c4aa4447d7e898a2183def9cc1b1
bd18efd3efd70fec8ad09611a20cdbf99440b2c1d40085c29be036f891d65358
Analyzer Verdict Alert fortinet Malware
GET /fonts/glyphicons-halflings-regular.ttf HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/css/bootstrap.min.css
HTTP/1.1 200 OK
Content-Length: 41280
Content-Type: application/octet-stream
Last-Modified: Tue, 11 Nov 2014 07:41:18 GMT
Accept-Ranges: bytes
ETag: "0e37e182fdcf1:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:23 GMT
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560003
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 21 Sep 2022 19:34:08 GMT
expires: Thu, 21 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 560003
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:300,400,500,700
142.250.74.10200 OK 31 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:300,400,500,700
IP 142.250.74.10:0
File type ASCII text, with very long lines (547)
Hash 3fcc4c10a101a7e0caabee3731a48e3a
3cc3ad76281f8bbe05ade0b219a2e3ba8e777c4e
7a04e7e963e0ecab3dc1e3bff976cd15c8cfcd7d058bb668550883f00e6c4ced
GET /css?family=Roboto:300,400,500,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 28 Sep 2022 07:07:31 GMT
date: Wed, 28 Sep 2022 07:07:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.34.196.211/images/index-server-04.jpg
1.34.196.211200 OK 350 kB URL HTTP/1.1 1.34.196.211/images/index-server-04.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 625x458, components 3\012- data
Size 350 kB (350286 bytes)
Hash c1c5e8d40098e793fe39d797c4e95e57
d81cdce3210deba66f702da4670b771aff9dc1f7
a7d80ccbf37f015c33e001d734742e1aaad7f6aadf46262b45e217ed09e419ab
GET /images/index-server-04.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 350286
Content-Type: image/jpeg
Last-Modified: Fri, 31 May 2019 03:14:13 GMT
Accept-Ranges: bytes
ETag: "c54630ec5e17d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,F57C00&scale=2.0
142.250.74.14200 OK 994 B URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,F57C00&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 2c16d7ba1da26362b887e710b9a9a729
d87a66dea88b170dfe9df88887cca5821fac1f77
34951df7836c9002c786d6c36323d91b4988602554d7a8118c82158a2b243fdc
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,F57C00&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 994
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 21:03:40 GMT
expires: Mon, 12 Jun 2023 01:54:02 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 36231
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,7CB342&scale=2.0
142.250.74.14200 OK 1.0 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,7CB342&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 5ddc20748b154c55b479d58cf7e1340a
b1dffb6fef758b008237ffce68bfb23c29681157
ab0e88dd846516eb83eb3c49b4fc4ee8c90f29633c4311838b9272f06236d5c0
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,7CB342&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1020
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 28 Sep 2022 03:08:24 GMT
expires: Mon, 12 Jun 2023 07:58:46 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 14347
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,9C27B0&scale=2.0
142.250.74.14200 OK 1.0 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,9C27B0&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash dad0aece5cf255ba3bdbe1731d8b0c4a
5e1d40f74946701f8b1ada5e8c02b796611423a3
b56637b7aab6ca2a4e607670e4fa8310df5629ddd84f362f60068bf98645d8f2
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,9C27B0&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1024
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 17:44:59 GMT
expires: Sun, 11 Jun 2023 22:35:21 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 48152
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.google.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 25 Sep 2022 18:14:12 GMT
expires: Mon, 25 Sep 2023 18:14:12 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
age: 219199
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,FF5252&scale=2.0
142.250.74.14200 OK 1.0 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,FF5252&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 348c5248fde5d10a818dc2decd691a6f
5256d7a3e07c5b1e7fc9fc09c3a4392f6d2ef38d
9ad9df8cfb5ed670857fe1eac2490a5c28d9ee0e603fb9c5744e09090b308537
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,FF5252&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1026
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 20:59:05 GMT
expires: Mon, 12 Jun 2023 01:49:27 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 36506
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,817717&scale=2.0
142.250.74.14200 OK 1.1 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,817717&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash dc5c25ed3c9026d796ed89f136f84558
253ddc6c1ce8f57d0258e3acc6fed9bc77009a95
4ad48ed3b7ed618f6d7ed441df71cff746ff8bcfdc63b8592638977d516f93cf
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,817717&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1054
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 20:02:15 GMT
expires: Mon, 12 Jun 2023 00:52:37 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 39916
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,A52714&scale=2.0
142.250.74.14200 OK 1.1 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,A52714&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 1fac64b9e460195dbb2e6c565f91fedc
d36f857e79a18ac3165a2760b6a5436e6e99271a
dba271bf51c68976d838ad7423d7b52c0851f88749a9b07654de54859342d4a6
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,A52714&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1068
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 17:01:46 GMT
expires: Sun, 11 Jun 2023 21:52:08 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 50745
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,006064&scale=2.0
142.250.74.14200 OK 1.0 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,006064&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 943395d83cbbd125d8e78207bd0a7cfa
832a204e1d2a96d0a0f4afde393c3b3ec1e9fda4
29109d4b73ab0a8af13830aa528c090f97d6535e1d1f135c44dcd1d28e67ff9c
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,006064&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBCLo7CZBg==
server: scaffolding on HTTPServer2
content-length: 1021
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 09:59:40 GMT
expires: Sun, 11 Jun 2023 14:50:02 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 76071
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0
142.250.74.14200 OK 980 B URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 1c35128c26299a39bcaae4acb9c04f0c
527082158709755f24753d2e926030d50df97a88
e2d09246c364f928ce2aed8cc7e36ba71301f8104d3f027be10b1a493b0983ef
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 980
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 17:32:36 GMT
expires: Sun, 11 Jun 2023 22:22:58 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 48895
server-timing: gfet4t7; dur=1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,673AB7&scale=2.0
142.250.74.14200 OK 1.0 kB URL HTTP/2 mt.googleapis.com/vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,673AB7&scale=2.0
IP 142.250.74.14:0
File type PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Hash 6f6774292779d0b05b9ac3733bb310cd
af7c6cc886a7111e7f0b295ffe27e5c2bd5ab364
a186e1429caa574032ae3e113bd5a24feb273066f58ab3f731fd84b309c40b2b
GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,673AB7&scale=2.0 HTTP/1.1
Host: mt.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBD1q8WZBg==
server: scaffolding on HTTPServer2
content-length: 1012
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Tue, 27 Sep 2022 15:05:32 GMT
expires: Sun, 11 Jun 2023 19:55:54 GMT
cache-control: public, max-age=22222222
content-type: image/png
age: 57719
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.34.196.211/images/slide/carousel08.jpg
1.34.196.211200 OK 351 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel08.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 1920x844, components 3\012- data
Size 351 kB (351038 bytes)
Hash c8d53e1447f2b7bbd5e08c6c125c0b20
1044ce3d6f4a9b9693f3407b6664a9e656a63698
59ff07169b6b9c7ff1cb171cfda8b4f665b5b6a508f8561deffb78cbda5dea80
GET /images/slide/carousel08.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 351038
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:13:26 GMT
Accept-Ranges: bytes
ETag: "94d2a6a5a863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/index-server-01.jpg
1.34.196.211200 OK 239 kB URL HTTP/1.1 1.34.196.211/images/index-server-01.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 625x458, components 3\012- data
Size 239 kB (239227 bytes)
Hash b9473b76f782b96c7cf9932698fe4a1f
73a477b12d74c2dfeb718341d5b527c1eb0d4ac9
80fb32e99871bb3daabcc568dc398824619adee2a8ccff2b5865693fa81e94c6
GET /images/index-server-01.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 239227
Content-Type: image/jpeg
Last-Modified: Fri, 31 May 2019 03:14:13 GMT
Accept-Ranges: bytes
ETag: "cd546ec5e17d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/index-yacht01.jpg
1.34.196.211200 OK 149 kB URL HTTP/1.1 1.34.196.211/images/index-yacht01.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=287, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=408], progressive, precision 8, 408x287, components 3\012- data
Size 149 kB (149059 bytes)
Hash 9e43b43a6c7e758d232f5147d47a3f68
56a1fbad97d7cb5f414585480cd353eb018af8d6
baa3bb1a5475fb9b5b5269c2fe0934895fccee9a78e67a46b9b58a60a5e3824b
GET /images/index-yacht01.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 149059
Content-Type: image/jpeg
Last-Modified: Thu, 27 Jun 2019 01:49:33 GMT
Accept-Ranges: bytes
ETag: "c46f43918a2cd51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:23 GMT
1.34.196.211/images/order_Process-01.png
1.34.196.211200 OK 5.0 kB URL HTTP/1.1 1.34.196.211/images/order_Process-01.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 600 x 374, 8-bit/color RGBA, non-interlaced\012- data
Hash 8dba1c0d89c757502278313c1f77cd46
211d7ff7782c78be3483fe67ec68c9619bb5bee8
afb4ebe915191984793fa34e620611ea7bf18fb649a5507186dc3f32f7009b00
GET /images/order_Process-01.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 5034
Content-Type: image/png
Last-Modified: Fri, 31 May 2019 03:45:40 GMT
Accept-Ranges: bytes
ETag: "228db5506317d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:23 GMT
ssl.gstatic.com/ui/v1/star/star4.png
142.250.74.99200 OK 294 B URL HTTP/2 ssl.gstatic.com/ui/v1/star/star4.png
IP 142.250.74.99:0
File type PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Hash c3e38fc01d8bd2d4a1150aa6b4414852
e4d1abd103711b8e2d863b75815f893f602b7561
e5b7b36c80b9444eefd181c2862412165e771328f66b0b95ee96d6c59957d13e
GET /ui/v1/star/star4.png HTTP/1.1
Host: ssl.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="gstatic-ui-assets"
report-to: {"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-length: 294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 24 Sep 2022 01:53:33 GMT
expires: Sun, 24 Sep 2023 01:53:33 GMT
cache-control: public, max-age=31536000
age: 364439
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: image/png
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
1.34.196.211/images/order_Process-02.png
1.34.196.211200 OK 4.5 kB URL HTTP/1.1 1.34.196.211/images/order_Process-02.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 601 x 374, 8-bit/color RGBA, non-interlaced\012- data
Hash be11bbbbcb09731252cd9a1082d92b64
3e5d1768a4bf1b69d4d9e3560c4f0878f0f4eae2
67fa9921b9ff2256275246af4af49c42554c71d2ef425f5001fb2e4b3b0009ac
GET /images/order_Process-02.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 4501
Content-Type: image/png
Last-Modified: Fri, 31 May 2019 03:45:40 GMT
Accept-Ranges: bytes
ETag: "7778c1506317d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/order_Process-03.png
1.34.196.211200 OK 7.6 kB URL HTTP/1.1 1.34.196.211/images/order_Process-03.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 601 x 374, 8-bit/color RGBA, non-interlaced\012- data
Hash 5a55bdcc334954a35b46f5f1b0464325
73bf71064329f2241e7a05fd43f07eeabefb1490
375d37be2b4054ef384d2ed6f0bb82fcfa1f645b5db78a14c88d839cc99d60d7
GET /images/order_Process-03.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 7635
Content-Type: image/png
Last-Modified: Fri, 31 May 2019 03:45:40 GMT
Accept-Ranges: bytes
ETag: "ec27d2506317d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/index-server-03.jpg
1.34.196.211200 OK 322 kB URL HTTP/1.1 1.34.196.211/images/index-server-03.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 150x150, segment length 16, baseline, precision 8, 625x458, components 3\012- data
Size 322 kB (322529 bytes)
Hash 2a689ea4ca74f2ca8b732b273304767f
237e8bd5462200a4aac18caf4f16c96a696012b3
769264f3831f39b0f681ef43ce6e1477d8a86c429deeb0be25c18b990c240af3
GET /images/index-server-03.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 322529
Content-Type: image/jpeg
Last-Modified: Fri, 31 May 2019 03:14:13 GMT
Accept-Ranges: bytes
ETag: "b17f21ec5e17d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:23 GMT
1.34.196.211/images/slide/carousel03.jpg
1.34.196.211200 OK 353 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel03.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], progressive, precision 8, 1920x844, components 3\012- data
Size 353 kB (352656 bytes)
Hash ef4354d1ba9f1ed6ccdd2b00b59d9370
7efec304d12f8073bb0b59b224a11aa9210afc38
dbd8066ab682c97d684033d911bef39c556e10add9a76dc0fa1c8c47cd51ee18
GET /images/slide/carousel03.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 352656
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:14:35 GMT
Accept-Ranges: bytes
ETag: "f6da3ecfa863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/line01.png
1.34.196.211200 OK 12 kB URL HTTP/1.1 1.34.196.211/images/line01.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 531 x 303, 8-bit/color RGBA, non-interlaced\012- data
Hash edc213a59d9a548d5fc12b9d5da71ccd
515e4372df4d05b25f1506272f83783169ad8959
69c1d53817767a3c92031f551ed1b9335aa463ede6c8a7381fb807069531c3d4
GET /images/line01.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 12375
Content-Type: image/png
Last-Modified: Wed, 05 Jun 2019 06:02:20 GMT
Accept-Ranges: bytes
ETag: "9a53663c641bd51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/line02.png
1.34.196.211200 OK 14 kB URL HTTP/1.1 1.34.196.211/images/line02.png
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type PNG image data, 600 x 212, 8-bit/color RGBA, non-interlaced\012- data
Hash 975515c387e5df258edc692deb708823
18e5a340e774281a855a60441889818cc21f0688
4070e20ecf2f700b6fac6f2dca1c4ddfd8c87415b2c093e7fb64572932e768a5
GET /images/line02.png HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 14304
Content-Type: image/png
Last-Modified: Wed, 05 Jun 2019 06:36:12 GMT
Accept-Ranges: bytes
ETag: "8efbe1f7681bd51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/slide/carousel06.jpg
1.34.196.211200 OK 317 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel06.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 1920x844, components 3\012- data
Size 317 kB (316774 bytes)
Hash 07037063a3fbd10717b72d4ee8c16652
51b5bf365e4aad0cbce5d600bb4922389d390953
d6aa7673c534474dae6722a588512daec9c0f14bd86eed9e4a4941b1165d6eb2
GET /images/slide/carousel06.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 316774
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:14:41 GMT
Accept-Ranges: bytes
ETag: "a03687d2a863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/slide/carousel04.jpg
1.34.196.211200 OK 364 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel04.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 1920x844, components 3\012- data
Size 364 kB (363997 bytes)
Hash 53c2351aab3f60e5e5755cebcf7c74a7
ef722e766081451821d2367e5abc5adbf362457b
75b93aa5a11e9e581f11eaca6fb0aebb69730422f425df31cbaaa3137b9182bc
GET /images/slide/carousel04.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 363997
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:14:30 GMT
Accept-Ranges: bytes
ETag: "6fb5cca863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/slide/carousel05.jpg
1.34.196.211200 OK 359 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel05.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 1920x844, components 3\012- data
Size 359 kB (359066 bytes)
Hash 1ef19be260489ee5003ee80290a1e65e
fc78bb84765f23c9a3af09e490a82428a079da42
211d353896f393387364935c3cea97ec8a47bf630dd3de548b9bb2cefc3e2ee6
GET /images/slide/carousel05.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 359066
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:14:24 GMT
Accept-Ranges: bytes
ETag: "1d88b0c8a863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
1.34.196.211/images/slide/carousel07.jpg
1.34.196.211200 OK 457 kB URL HTTP/1.1 1.34.196.211/images/slide/carousel07.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=15, height=3456, bps=194, PhotometricIntepretation=RGB, manufacturer=Canon, model=Canon EOS 550D, orientation=upper-left, width=5184], baseline, precision 8, 1920x844, components 3\012- data
Size 457 kB (456931 bytes)
Hash 876798993e998e3029e0a9ec0f52ddfd
21788433894051a9404cf1c0383fe3e08fd8d240
d1a038e834dde5579aa6a554d175d8304b1f31e2c8efd47ebf72615855f7116c
GET /images/slide/carousel07.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 456931
Content-Type: image/jpeg
Last-Modified: Thu, 05 Sep 2019 05:12:38 GMT
Accept-Ranges: bytes
ETag: "e3a25889a863d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:24 GMT
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 729 B IP 142.250.74.3:0
File type gzip compressed data, max compression\012- data
Hash 8e3d6052e31e7e68667cf4876c4007cb
74a026831fb5df2886d5fc7f73d76d7bd6bd1176
bcd0a7b0241a0c445af269220a5de8947b205e262972c9d05a7acceb58abc435
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://1.34.196.211/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Wed, 28 Sep 2022 06:41:09 GMT
expires: Wed, 28 Sep 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 1586
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 2f76d47ed4f3c90f557522303bb760bc
f34542cabea7a4517debf64c298b59fc009ea56c
5ce5c216b7cb6a4425f12453e447ad364bcc1cd7d23a9d2468a8a40adfc2cb10
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
1.34.196.211/favicon.ico
1.34.196.211200 OK 4.3 kB IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash afb4de80c30d45c9c534558a567b3fb8
b15c9a979c04d3e1824d70d7997a1638043caf18
2d1ff82bf7e82beed698d52f39e8daf64286fb0f91aca71ef95ff8dc56450090
GET /favicon.ico HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 4286
Content-Type: image/x-icon
Last-Modified: Mon, 22 Aug 2016 14:21:44 GMT
Accept-Ranges: bytes
ETag: "3679998280fcd11:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:26 GMT
1.34.196.211/footer.html
1.34.196.211200 OK 6.5 kB IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- HTML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash f2408812276a4c76d512904bf70d4d42
41c80a42f0c95a5345d99344875ca73a88f73dd3
74f1310ef298a57172bd1658a46fa5f197c5e4498106c0789c1d5eaf90c1763a
Analyzer Verdict Alert fortinet Malware
GET /footer.html HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 6536
Content-Type: text/html
Last-Modified: Mon, 08 Jun 2020 01:28:04 GMT
Accept-Ranges: bytes
ETag: "f864bce343dd61:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:26 GMT
1.34.196.211/navbar.html
1.34.196.211200 OK 9.4 kB IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
File type HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 88dcc1f66c084be85ad929af461753f9
45bbecac848d077f1f50a0d933939f8f36e6ed00
cdf71d6b8c0dceb950dd5f75c3aed9f344ec4832fcc0847eefc36c7ca98a79d9
Analyzer Verdict Alert fortinet Malware
GET /navbar.html HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 9413
Content-Type: text/html
Last-Modified: Fri, 31 Jan 2020 01:36:48 GMT
Accept-Ranges: bytes
ETag: "2bd699e7d6d7d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:26 GMT
www.boatyacht.com.tw/images/icon/boatlogo.png
103.118.26.167200 OK 5.9 kB URL HTTP/1.1 www.boatyacht.com.tw/images/icon/boatlogo.png
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type PNG image data, 106 x 106, 8-bit/color RGBA, non-interlaced\012- data
Hash 82f6ac1accc16635ee3ca6f33568d2f1
de745673f3de4df69f3403b73f1c96740cc584f7
3f25e1058936d65008e8444b615a62b741c919365b93b3d9d4920618bc0dc51e
GET /images/icon/boatlogo.png HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/png
last-modified: Thu, 18 Jun 2020 06:41:52 GMT
etag: "1723-5eeb0cb0-f2c847c841674762;;;"
accept-ranges: bytes
content-length: 5923
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
www.boatyacht.com.tw/images/websitelogo.png
103.118.26.167200 OK 6.1 kB URL HTTP/1.1 www.boatyacht.com.tw/images/websitelogo.png
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type PNG image data, 207 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash 87a0ae2a5f2557fc798ac7c3bd1bde17
d6e2d610cfdd36c3e0a6298cc4d582cb0ad2d484
23cb37bd75e67104567748ba80b00fa91fc9dfe1bd0673f6f48e0adcaaf090c1
GET /images/websitelogo.png HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/png
last-modified: Thu, 18 Jun 2020 06:41:24 GMT
etag: "17c4-5eeb0c94-ed1e7027448d29c2;;;"
accept-ranges: bytes
content-length: 6084
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
www.boatyacht.com.tw/images/icon/social-icon-facebook.png
103.118.26.167200 OK 712 B URL HTTP/1.1 www.boatyacht.com.tw/images/icon/social-icon-facebook.png
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 840734060430ad658f46cf3354ecea2f
29881609ead868f187af09eb8f52f679d82d5765
a3c1b411e58d1eaa9689037ffc2f7ead1fb0ae15fa74a869d27f24fca7e60329
GET /images/icon/social-icon-facebook.png HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/png
last-modified: Thu, 18 Jun 2020 06:41:53 GMT
etag: "2c8-5eeb0cb1-64859e430a65fdfa;;;"
accept-ranges: bytes
content-length: 712
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
www.boatyacht.com.tw/images/icon/social-icon-line.png
103.118.26.167200 OK 877 B URL HTTP/1.1 www.boatyacht.com.tw/images/icon/social-icon-line.png
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type PNG image data, 50 x 50, 8-bit colormap, non-interlaced\012- data
Hash 57c90f84ba68377c6aa0cc442526561b
4335344fb1428461ad180dbfdac7216b37e436e1
eb0e6253318ddf51599f073bd47b7d5249f7f41343d4ebf846cef8cd7c3dbdfa
GET /images/icon/social-icon-line.png HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/png
last-modified: Thu, 18 Jun 2020 06:41:53 GMT
etag: "36d-5eeb0cb1-cd6ddcd1531b3549;;;"
accept-ranges: bytes
content-length: 877
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
www.boatyacht.com.tw/images/icon/social-icon-youtube2.png
103.118.26.167200 OK 887 B URL HTTP/1.1 www.boatyacht.com.tw/images/icon/social-icon-youtube2.png
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type PNG image data, 30 x 30, 8-bit colormap, non-interlaced\012- data
Hash 1dba0756385ca7de0d815a271cef28dc
6b970a7e6d96bb4bf3a875086ea8e2779f789ed9
adfe067f4378abb636f9918255cac4dafb8df2e2486d69b5c310947be71c4189
GET /images/icon/social-icon-youtube2.png HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/png
last-modified: Thu, 18 Jun 2020 06:41:53 GMT
etag: "377-5eeb0cb1-51c3d2c322ffb807;;;"
accept-ranges: bytes
content-length: 887
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
connect.facebook.net/zh_TW/sdk.js
157.240.200.14200 OK 1.7 kB URL HTTP/1.1 connect.facebook.net/zh_TW/sdk.js
IP 157.240.200.14:0
File type ASCII text, with very long lines (1961)
Hash 98842b3d812bf98c04af556b3c6af952
aff4fe3645f2b8f46ede1142b7b703f05520233c
69c160fcd44e4a2c94ba3280b9ac9e0fb4c6d322c590ed48c197d214b5e77fe1
GET /zh_TW/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Vary: Accept-Encoding
Content-Encoding: gzip
Access-Control-Expose-Headers: X-FB-Content-MD5
x-fb-content-md5: 139288080b424cac168c645cc84d10b1
ETag: "e38785124dc0a7a0e0bae35f8a1df8ff"
Content-Type: application/x-javascript; charset=utf-8
timing-allow-origin: *
Access-Control-Allow-Origin: *
cross-origin-resource-policy: cross-origin
Expires: Wed, 28 Sep 2022 07:24:01 GMT
Cache-Control: public,max-age=1200,stale-while-revalidate=3600
document-policy: force-load-at-top
cross-origin-opener-policy: same-origin-allow-popups
X-Content-Type-Options: nosniff
x-fb-rlafr: 0
X-Frame-Options: DENY
Strict-Transport-Security: max-age=31536000; preload; includeSubDomains
Content-MD5: mIQrPYEr+YwEr1VrPGr5Ug==
X-FB-Debug: XQCMdJQXSVQY72tP/wXFtXZgOXzVfDkCmY3S3otWLxjsOVZayOJWNsZ/yfE8XwDK4lYPCgksNmJ39h/LfRtuMw==
X-FB-TRIP-ID: 1679558926
Date: Wed, 28 Sep 2022 07:07:36 GMT
Alt-Svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
Connection: keep-alive
Content-Length: 1686
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83598919-1&cid=812625559.1664348853&jid=265955120&gjid=1752693616&_gid=1285667720.1664348853&_u=IEBAAEAAAAAAAC~&z=1884483685
64.233.165.155200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83598919-1&cid=812625559.1664348853&jid=265955120&gjid=1752693616&_gid=1285667720.1664348853&_u=IEBAAEAAAAAAAC~&z=1884483685
IP 64.233.165.155:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-83598919-1&cid=812625559.1664348853&jid=265955120&gjid=1752693616&_gid=1285667720.1664348853&_u=IEBAAEAAAAAAAC~&z=1884483685 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://1.34.196.211
Connection: keep-alive
Referer: http://1.34.196.211/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://1.34.196.211
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 28 Sep 2022 07:07:36 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 6ab8b69fade235ccf1a15d2cac6dd95e
37c426c0e6940920c4478855c6bb610731edd316
025fc814f74bed6fcfc2a4c25b670c1d538d06c5ce07af13d3f9f8354ca34604
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.boatyacht.com.tw/images/BOK_LINE@.jpg
103.118.26.167200 OK 64 kB URL HTTP/1.1 www.boatyacht.com.tw/images/BOK_LINE@.jpg
IP 103.118.26.167:0
ASN #131626 NSS INTL CO., LTD.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=260, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=259], progressive, precision 8, 256x257, components 3\012- data
Hash f7bb022f7d87e066e51d958b36841824
7d50b75dab1dddae30c62c44060343ec8f4792ee
99f04368e04588deb436b49841f5b7bf80e2cc6c346492e3bb55bfcf6174af0b
GET /images/BOK_LINE@.jpg HTTP/1.1
Host: www.boatyacht.com.tw
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
content-type: image/jpeg
last-modified: Thu, 18 Jun 2020 06:41:16 GMT
etag: "f833-5eeb0c8c-e447312bde39f1d6;;;"
accept-ranges: bytes
content-length: 63539
date: Wed, 28 Sep 2022 07:07:35 GMT
server: LiteSpeed
x-powered-by: PleskLin
cache-control: max-age=691200
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
34.120.237.76200 OK 6.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c4a66beda24621e812a929933c52025d
e951f6b11e473b68d2fdd95b822cef120d37b1eb
28efb1495fdb363cea9ccc6c38f84b2731dbd44dd4dbbe42996fa6fab74e1ce6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52d10f53-5e95-4bc8-aa34-09983b7221cd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6721
x-amzn-requestid: ea4416a4-ffbe-4006-bb09-aa0a70763ab2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZI3xTGNOoAMFXeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63336cd4-6634cd372bd677227f755769;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: EbkbN72NJbDqfnJjnaUcitG0W6yk8vR__5zLvdidXuWqh7VQK2O8OA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 567b44ed19c8caed2570b7bcd8c70034.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 22:18:40 GMT
age: 31736
etag: "e951f6b11e473b68d2fdd95b822cef120d37b1eb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fd9c95c1c24789f4041887b11468ab7e
bf202eeda47e79ac15d77325a02a1206bec63dcb
86f005e634685a4eb89dd87735b4cc0d91163be2912c470a529f0eb223531dbf
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5657
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 28 Sep 2022 07:07:37 GMT
Last-Modified: Wed, 28 Sep 2022 05:33:20 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
1.34.196.211/images/index-server-02.jpg
1.34.196.211200 OK 0 B URL HTTP/1.1 1.34.196.211/images/index-server-02.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
GET /images/index-server-02.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 210619
Content-Type: image/jpeg
Last-Modified: Fri, 31 May 2019 03:14:13 GMT
Accept-Ranges: bytes
ETag: "efdf14ec5e17d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/about-bg-01-01.jpg
1.34.196.211200 OK 0 B URL HTTP/1.1 1.34.196.211/images/about-bg-01-01.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
GET /images/about-bg-01-01.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 1201832
Content-Type: image/jpeg
Last-Modified: Thu, 30 May 2019 06:07:10 GMT
Accept-Ranges: bytes
ETag: "668335ebad16d51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:21 GMT
1.34.196.211/images/slide/carousel09.jpg
1.34.196.211200 OK 0 B URL HTTP/1.1 1.34.196.211/images/slide/carousel09.jpg
IP 1.34.196.211:0
ASN #3462 Data Communication Business Group
GET /images/slide/carousel09.jpg HTTP/1.1
Host: 1.34.196.211
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://1.34.196.211/
HTTP/1.1 200 OK
Content-Length: 1408002
Content-Type: image/jpeg
Last-Modified: Mon, 03 Feb 2020 08:05:11 GMT
Accept-Ranges: bytes
ETag: "361f41a868dad51:d40"
Server: Microsoft-IIS/6.0
MicrosoftOfficeWebServer: 5.0_Pub
X-Powered-By: ASP.NET
Date: Wed, 28 Sep 2022 07:07:23 GMT