r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 7e05c8461bd2dc5a149f71e2c465ea29
705983959c887e243cb55a8a1796757b579ee977
4d9ea085d5dda9dabed11af9847c2b0aa6182358673b356a4e2bd631e22a9922
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D9EA085D5DDA9DABED11AF9847C2B0AA6182358673B356A4E2BD631E22A9922"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13511
Expires: Wed, 01 Feb 2023 23:38:53 GMT
Date: Wed, 01 Feb 2023 19:53:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 62de35a6c8e4efd7633fc5236b5b086f
6a92912a86dfcd0330d040cef06bef36889c76ab
ebb8ca05df5ba73b92174105d54d192a8d9e3e10fba48bf96161b0cb759220ec
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EBB8CA05DF5BA73B92174105D54D192A8D9E3E10FBA48BF96161B0CB759220EC"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6507
Expires: Wed, 01 Feb 2023 21:42:09 GMT
Date: Wed, 01 Feb 2023 19:53:42 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a8d45deaa7ebfcd996c2055dae592ab8
55befe074589fe7b39757c145968058162a8fc6b
50d7d516f446458145a304b288a0a39d391cd37ea50dabea36ae48d291c65ba7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "50D7D516F446458145A304B288A0A39D391CD37EA50DABEA36AE48D291C65BA7"
Last-Modified: Tue, 31 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11332
Expires: Wed, 01 Feb 2023 23:02:34 GMT
Date: Wed, 01 Feb 2023 19:53:42 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Retry-After, Content-Length, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 01 Feb 2023 19:36:02 GMT
content-type: application/json
age: 1060
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 1NePtiUYd2WrPam0zMF6Ri+cA/P710zaJs/jUKU3hvzgPeE3Az2P4nL0lvcmycJ8bpxR0Lqhp+mSaDQkWooWPg==
x-amz-request-id: VM3FDSKZZ6ZB2XGZ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 01 Feb 2023 19:22:47 GMT
age: 1855
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 01 Feb 2023 19:53:42 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
146.70.79.13/
200 OK 6.4 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash a61595b32524b0be47dbfaff62f2bc71
73ed195535f99b600d0b2c4d17256a1dfc67206f
35ea617f36719e4e9b4280bb2c8759067547511e316163954dce7b819894146b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 18 Jan 2022 16:14:32 GMT
Accept-Ranges: bytes
ETag: "02497a86cd81:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 6364
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 01 Feb 2023 19:41:42 GMT
age: 721
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash de49044c9365e16fec3a6d361cb94728
2b7b69c16de6fda1ae5206f92fe781ee07bd182a
6e76887b036544a5da3918116a180876c094cc3b31676abce8d5b7b716b00c30
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:43 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4459
Expires: Wed, 01 Feb 2023 21:08:02 GMT
Date: Wed, 01 Feb 2023 19:53:43 GMT
Connection: keep-alive
146.70.79.13/assets/css/font-awesome.min.css
200 OK 31 kB URL HTTP/1.1 146.70.79.13/assets/css/font-awesome.min.css
IP
File type ASCII text, with very long lines (30837), with CRLF, CR line terminators
Hash b76922d3f637dbd254ebbd6c4a18f8ea
adb7c10c586e736b2459109136134323e508e8d2
5f7bcc340316613eda981ebe7cd528350baee73bdc9466725c8ff0082efb61c8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/font-awesome.min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 31008
146.70.79.13/assets/css/datepicker.css
200 OK 4.2 kB URL HTTP/1.1 146.70.79.13/assets/css/datepicker.css
IP
Hash ff9139c6e190b92e65e323436072d7e7
e735339e0a3e4d796236847b99bf231d2f044a54
ce8cc39312d9e215d0c4a10523c0d3564c0d45dd09d8a5b42f1acdfbfd912554
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/datepicker.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 4195
146.70.79.13/assets/css/animate.css
200 OK 57 kB URL HTTP/1.1 146.70.79.13/assets/css/animate.css
IP
File type ASCII text, with very long lines (460), with CRLF, CR line terminators
Hash c9a1b79e7ea5d4d29288604ae64947f3
e24b2e7216a3d0b50430614a7b82fa79b4e5bf54
95889ea323d8b21c255edcbf6e14f2908c0c8ccf69b495fb2f12c396c37c5466
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/animate.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 56746
146.70.79.13/assets/css/owl.carousel.min.css
200 OK 2.9 kB URL HTTP/1.1 146.70.79.13/assets/css/owl.carousel.min.css
IP
File type ASCII text, with very long lines (2730)
Hash 6f3cf5a3e409af331ef26634a9ba9b8a
817566eaa6f8b1e7f8257391a5362d95d7bdc415
3741379ae53831f94f29beee17e28b45db5e92584bdafe9486dcc5382beae39e
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/owl.carousel.min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 2887
146.70.79.13/assets/css/owl.theme.default.min.css
200 OK 936 B URL HTTP/1.1 146.70.79.13/assets/css/owl.theme.default.min.css
IP
File type ASCII text, with very long lines (846)
Hash 275048a23c69c24c6bd3316d9a45882e
31f27f631d97f8564386f05fa2859683349d5fbc
296b3d8e9fa36733999a69d6e630bc6361ea23dada8c98a0e48d34ba7f7d0ed2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/owl.theme.default.min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 936
146.70.79.13/assets/css/jquery-ui.min.css
200 OK 17 kB URL HTTP/1.1 146.70.79.13/assets/css/jquery-ui.min.css
IP
File type ASCII text, with very long lines (15249)
Hash 16965755b3fcb17a5ceedfff05a1bb66
5d31a7dd8e6136b8bd16eb6d2c5134b897f154c0
a298ac2fe9de22b2fb734901d85a533cfe582449047f37bbe414b7d05515b38c
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/jquery-ui.min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 16793
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: lVSg4MpC7wL4N/FTmLzaiQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TalBuT2BBDcagruB4gNyh7G0MUM=
146.70.79.13/assets/css/responsive.css
200 OK 4.5 kB URL HTTP/1.1 146.70.79.13/assets/css/responsive.css
IP
File type ASCII text, with CR line terminators
Hash e0329b2615850760145832c6a9248fb7
3ba4004e8bfb0793750282f3bb99a8b00fb56078
7bcbe68abf982be9630703f26752276a7763cbff1a0254f543e7e9fbbe3d2b5d
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/responsive.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 4474
146.70.79.13/assets/css/bootsnav.css
200 OK 38 kB URL HTTP/1.1 146.70.79.13/assets/css/bootsnav.css
IP
File type ASCII text, with CRLF, CR line terminators
Hash 56f1f74ecf2e33add337473152c5dfb1
a40997fb508449a5abe29ecdc2a6958008336f70
f0800f2b92ff4e70c4a6c500c1737f8d2cfd3b45c352ffcf84de646a721853e7
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/bootsnav.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 38139
146.70.79.13/assets/css/style.css
200 OK 33 kB URL HTTP/1.1 146.70.79.13/assets/css/style.css
IP
File type ASCII text, with CR line terminators
Hash d3d284e09e2c91c8b436530cad3d6067
6a5a65c9c2493d757c93d36f6ba992e9185d34a3
af9d8ce601a873020935ee0d62215e9850cc6c5e4a21db60cbabfcf8fb0329d8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/style.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 32653
146.70.79.13/assets/js/modernizr.min.js
200 OK 11 kB URL HTTP/1.1 146.70.79.13/assets/js/modernizr.min.js
IP
File type HTML document, ASCII text, with very long lines (11084), with no line terminators
Hash 65f1d21d5fcc9d21da758adababd0c3c
e0661d07d64c00008bc9d013d16eec0a0f156dc7
d2b82e612d2a812e8be2a57300dab8923c4f2edbe7a799e7da70791b595646fe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/modernizr.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 10 Apr 2018 22:01:26 GMT
Accept-Ranges: bytes
ETag: "03f807817d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 11084
146.70.79.13/assets/css/hover-min.css
200 OK 98 kB URL HTTP/1.1 146.70.79.13/assets/css/hover-min.css
IP
File type ASCII text, with very long lines (65281), with CRLF, CR line terminators
Hash 62ba53668eafbd0c1e3761e3350adac7
7a86acfdd531d39af79c759fe0bdd0900f9b8704
22bcb43547c1e224a2b3ab7dd52fd24d99d5fbc13401aa7a0e90929b903a5db9
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/hover-min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 98050
146.70.79.13/assets/js/jquery.js
200 OK 86 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery.js
IP
File type ASCII text, with very long lines (32065), with CRLF, CR line terminators
Hash 23e3cabe92a0b7a7da0fa4039f60eab5
8194aae332d2b71216b1463019f59fc7539f417c
1589dbdda63de47a1610c1500296b600197aa825119cedc8f6010773f8621b0c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 85583
146.70.79.13/assets/js/bootstrap.min.js
200 OK 37 kB URL HTTP/1.1 146.70.79.13/assets/js/bootstrap.min.js
IP
File type ASCII text, with very long lines (32033), with CRLF, CR line terminators
Hash d107df92d891a3070806974ff567f3ba
fa25a26b1d0ef7561687766b46a2b71ac14517ad
023bacf8b17654a3e90471fe99252aff32060560241c86608ed797d8528b2648
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/bootstrap.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 37057
146.70.79.13/assets/js/bootsnav.js
200 OK 29 kB URL HTTP/1.1 146.70.79.13/assets/js/bootsnav.js
IP
File type ASCII text, with CRLF, CR line terminators
Hash 676894bf86873093d12ffe233da11eb2
03ee418aa36422caa36a459aab179900a6207096
96abae6ee23cbd7b4e246a6fb1890ee13dd34e160a3c2549149ecabfdc781d57
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/bootsnav.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 29039
146.70.79.13/assets/js/jquery.filterizr.min.js
200 OK 12 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery.filterizr.min.js
IP
File type ASCII text, with very long lines (12034), with no line terminators
Hash 5eb0077b399d38f31eef66c00d150980
014c05a2ca80b0066631dc8e48267ddb4bbfc057
03c9a5d09cf0714352a12a9233626ec69367822b520550955bd7bab074f11a09
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery.filterizr.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 12034
146.70.79.13/assets/js/jquery.easing.min.js
200 OK 2.5 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery.easing.min.js
IP
File type ASCII text, with very long lines (2532), with no line terminators
Hash e2d41e5c8fed838d9014fea53d45ce75
bde98133f735398b27339c423a817e755329f7d1
1f7723b6b9bfced0deba108df48e3287888dd986f1ff2d5133bacc9807ac0349
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery.easing.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 10 Apr 2018 22:01:10 GMT
Accept-Ranges: bytes
ETag: "0d7f66e17d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 2532
146.70.79.13/assets/js/jquery-ui.min.js
200 OK 24 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery-ui.min.js
IP
File type ASCII text, with very long lines (23835)
Hash cf566c9e3a44f6c615303b3b0835877e
cee2852a91ca4036f379b534c842bc03f1ec4e06
6824fe362a40de9b7869f487373d61955bf50586201c39267ca6c67d3e30330c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery-ui.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 24017
146.70.79.13/assets/css/bootstrap.min.css
200 OK 119 kB URL HTTP/1.1 146.70.79.13/assets/css/bootstrap.min.css
IP
File type ASCII text, with very long lines (65363), with CRLF, CR line terminators
Size 119 kB (118743 bytes)
Hash a4d58590ac38a83f34cbba80fc00c860
bd13995d1612ab4a55e45e51df8a988af5415725
decdf030aa255f58a7af9d42d31ead53730b77ff223ebfbc8c23af4e64c3d0c3
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/bootstrap.min.css HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:42 GMT
Content-Length: 118743
146.70.79.13/assets/js/jquery.counterup.min.js
200 OK 1.1 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery.counterup.min.js
IP
File type ASCII text, with very long lines (824), with CRLF line terminators
Hash 8a29b363c53c2426caf0f9512c96897d
31ff08ceebcda0f3d72348032e5079baf007b760
3853490ce5027643a9393dd34c4b5600852e1482d4b34bf5cd6e47a66fac4307
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery.counterup.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 1076
146.70.79.13/assets/js/waypoints.min.js
200 OK 8.1 kB URL HTTP/1.1 146.70.79.13/assets/js/waypoints.min.js
IP
File type ASCII text, with very long lines (7808), with CRLF line terminators
Hash 4fe14337a62d710389f42e8a5d1043f7
5f3e0f34b6d7460c5f160db4fe568cde29f3ffa5
069b3ff0c0e6c33e08368f94906ae49ec76ab1ed570819c768148ced15b138bf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/waypoints.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 8051
146.70.79.13/assets/js/owl.carousel.min.js
200 OK 43 kB URL HTTP/1.1 146.70.79.13/assets/js/owl.carousel.min.js
IP
File type ASCII text, with very long lines (32012)
Hash 6473747d818f47587036ccde48050d82
75560ff8e721a6344a927f369debcf80004c9d24
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/owl.carousel.min.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 42854
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7884, version 1.0\012- data
Hash 9212f6f9860f9fc6c69b02fedf6db8c3
ac6d71b4d5fdd2b3dabc9a06ff6c001e4251da0b
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
GET /s/poppins/v20/pxiEyp8kv8JHgFVrJJfecg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://146.70.79.13
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 30 Jan 2023 04:05:29 GMT
expires: Tue, 30 Jan 2024 04:05:29 GMT
cache-control: public, max-age=31536000
age: 229695
last-modified: Wed, 27 Apr 2022 17:03:52 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://146.70.79.13
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 09:41:14 GMT
expires: Wed, 31 Jan 2024 09:41:14 GMT
cache-control: public, max-age=31536000
age: 123150
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://146.70.79.13
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 14:34:21 GMT
expires: Fri, 26 Jan 2024 14:34:21 GMT
cache-control: public, max-age=31536000
age: 537563
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://146.70.79.13
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 06:42:15 GMT
expires: Wed, 31 Jan 2024 06:42:15 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
age: 133889
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 7816, version 1.0\012- data
Hash 25b0e113ca7cce3770d542736db26368
cb726212d5d525021752a1d8470a0fb593e0c49e
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
GET /s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://146.70.79.13
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7816
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 31 Jan 2023 02:42:35 GMT
expires: Wed, 31 Jan 2024 02:42:35 GMT
cache-control: public, max-age=31536000
age: 148269
last-modified: Wed, 27 Apr 2022 16:11:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 42d54c8c12a2f90c448a11bf42800e86
bb66d35435411c825bfcd0a091f33b7d1708191e
3b67d91fbb38e5c47b6ebff53da366b87af3a308e5c588775ac66a808761dbb1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 01 Feb 2023 19:53:44 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
146.70.79.13/assets/js/jquery.sticky.js
200 OK 10 kB URL HTTP/1.1 146.70.79.13/assets/js/jquery.sticky.js
IP
Hash 24823208c60bfc2a92deaa50cbdc6c29
f2a855219e71fc4224376732b7c64e34670d855d
bcf6b9b28cec8958f9d3f3ee39070e85ffd46d670f1f0baa7cd21aa24c188a00
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/jquery.sticky.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 10085
146.70.79.13/assets/js/datepicker.js
200 OK 40 kB URL HTTP/1.1 146.70.79.13/assets/js/datepicker.js
IP
File type ASCII text, with very long lines (844)
Hash 78b41094de93fc4ca0b93769fda27805
c1a8a704bd70925f08a77e65ec7628b22c47aefe
93dc6dd0afa8170b08894d5d54a523e3bd23f061fb29e25827977e6fd0258f72
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/datepicker.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 39720
146.70.79.13/assets/images/service/s1.png
200 OK 1.4 kB URL HTTP/1.1 146.70.79.13/assets/images/service/s1.png
IP
File type PNG image data, 66 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash a62e8d4c819a5d43f5ea2d8b3106ce30
ba3c184a14d9d7c28bac3fd93d23cd52cd677244
4bfef6c82b95d66045ad26e60bc9ae81769b3b5e7c89c06bfb1605fb754df341
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/service/s1.png HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 10 Apr 2018 21:55:54 GMT
Accept-Ranges: bytes
ETag: "0119db216d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 1383
146.70.79.13/assets/js/custom.js
200 OK 5.4 kB URL HTTP/1.1 146.70.79.13/assets/js/custom.js
IP
File type ASCII text, with CRLF line terminators
Hash 28083e66b0d2a98828edabcf512a676e
9d5e0e0035f1675b2af96f8b375993099fa6faca
f06e62c7ae9d90c553bda6df39822920dcf25dcecec49b8ae8532db9220dd340
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/custom.js HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 5431
146.70.79.13/assets/images/service/s2.png
200 OK 1.8 kB URL HTTP/1.1 146.70.79.13/assets/images/service/s2.png
IP
File type PNG image data, 83 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash f4519bdc4a50b9d667b338b96f5c6ad6
18d3a4c81d2ec808371848f4b843b0f43822346b
c0e98bc8ac8d7d775a24c284450715f1c75a1170937dc13cd82c26d4172d7608
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/service/s2.png HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 10 Apr 2018 21:55:54 GMT
Accept-Ranges: bytes
ETag: "0119db216d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 1808
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 01 Feb 2023 21:54:52 GMT
Date: Wed, 01 Feb 2023 19:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 01 Feb 2023 21:54:52 GMT
Date: Wed, 01 Feb 2023 19:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 01 Feb 2023 21:54:52 GMT
Date: Wed, 01 Feb 2023 19:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 01 Feb 2023 21:54:52 GMT
Date: Wed, 01 Feb 2023 19:53:45 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7267
Expires: Wed, 01 Feb 2023 21:54:52 GMT
Date: Wed, 01 Feb 2023 19:53:45 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 27e95b7912edc909d6b031e36fe83534
eb27fae0bb17dbe0929a620002195233ef50c1d0
b32e7e1a2eee367c5bf9e99bcb38f4c74c4e9e7bdfe7fb0f8f2a657060c0624c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F82a4ade3-0c43-4f21-9738-0bc1dbb9a6a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8597
x-amzn-requestid: e7bf4ac9-d86d-4ee9-9e10-8a42e5dfe2c6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fcRaNEW4IAMFatA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d4c90d-7731312f630b00ba028836ca;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 07:04:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z3ZJ7bq6LuJd-9I9D22VIs0avctNGVDKnYmt-fxevCheQibivmUomQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:53:10 GMT
age: 43235
etag: "eb27fae0bb17dbe0929a620002195233ef50c1d0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ec7e808a5e82552c46c3417a5b32b836
f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd
f16d982224dfeb0753eaf9d4eb87d80fd1111f682fd8fa36f3177aad5bf926a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F30335cb7-009a-42f5-8186-d0c302adc827.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6819
x-amzn-requestid: a0368695-4182-40bd-9a28-c50ae783a7a5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRHGnoAMF0Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-624285eb16110b8c2360dec5;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 4MpUHqMYJoNA7QuRuQwbJIodNkhizq6EL5SPbIoSKFQjtoAKQgLuEg==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:25 GMT
age: 79340
etag: "f0a273292b47d7e2e33c9d77fd95abdcc9e31ddd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
200 OK 9.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3366ef4f8733cb9c89a5c88f63a0a441
7da46843b6d885f38a4759a08e6c899906ab7b97
7114397ee5c251cc5cb46f3433c2cc17ff68a08e0872e227671198e9b61eba0a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F46e30ba8-4b02-4bad-8cbf-1a128aa4376f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9600
x-amzn-requestid: 48094e1a-d550-4a91-b87c-4a08505f7cce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsWcFN7IAMF2pg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d2275c-5ced593a7e2126c9494563df;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:10:20 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: aZOeDFqBJQoGwLpIs-GpPvY0FKGCAOXY6MgzG32qzX-kVzUCKKv-kw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 22:03:43 GMT
age: 78602
etag: "7da46843b6d885f38a4759a08e6c899906ab7b97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2998f7f50ac0eec931c348e8a0fb0c60
f5e411cda74cb7fb4a662f4787e9543b9749c8b5
0c81413a819e379212bf757b1c9469415aec2ac8fdf47f94ff23c420a1da20e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb28b8703-d49a-4e2e-80e7-cf4d081d6dba.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5736
x-amzn-requestid: 895ee89b-8d2e-42f9-a392-466557f8a0d3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ffEtEGk_oAMFYPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d5e7ed-026a1b0d79dc7eb572317bd2;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 03:28:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 64EbarGrn6AIpXOE8TIfiBeGFQinx-P9lUIvmiQ1ivZgFrxl7_W4EQ==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:57:42 GMT
age: 78963
etag: "f5e411cda74cb7fb4a662f4787e9543b9749c8b5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 23db22ce2120fbb0ae6109e1a046062d
2068c8d9a5bc30a17be658e198e26c64a80703cf
f307ba6c4929d9f0c9354334b7baea878da379138489d9689bb777c4da308dab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffc960001-158a-4a74-b6ce-f28cd110ca9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8735
x-amzn-requestid: f466c962-7b12-4923-a4be-7ff9fce372a0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaWFP_IAMF9wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-7a8c027d58f5b9132bb68a33;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hjIm9dNf6UE9rpIlKWeLwWuF7Pm6yJeAZgbwchvJcuDy-zkXEr502w==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
age: 79347
etag: "2068c8d9a5bc30a17be658e198e26c64a80703cf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: pU_436f27nMZKPxZZWqZekERHFTvcG5NT5p_CYEXHRPtIWjDtSA-uA==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 fda3b2797d2719576f6b916583a28e52.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 07:15:18 GMT
age: 45507
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
146.70.79.13/assets/images/service/s3.png
200 OK 2.9 kB URL HTTP/1.1 146.70.79.13/assets/images/service/s3.png
IP
File type PNG image data, 81 x 80, 8-bit colormap, non-interlaced\012- data
Hash aacaa19ab9cb0ddf41adeb2a477ea804
b48a18d52e1ce87eae900f07689f9379c6493e5b
c7dc9eb1bd2032f2569b74f8b23e73a58e7c92c3bbc848b5a8c37b36ad919b13
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/service/s3.png HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 10 Apr 2018 21:55:56 GMT
Accept-Ranges: bytes
ETag: "03eceb316d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 2901
146.70.79.13/assets/images/packages/p1.jpg
200 OK 28 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash f3db2f13b02deeb495d4d6942e98f970
1c20fb0f08ddb5ec545187bec9ecaae2fd6c3dbe
a84723b5e20a79b687e290c845a2023b3bddc2c59eea712ef8e7eb7d32f2d9fc
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p1.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:00 GMT
Accept-Ranges: bytes
ETag: "09830b616d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 28208
146.70.79.13/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
200 OK 77 kB URL HTTP/1.1 146.70.79.13/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://146.70.79.13/assets/css/font-awesome.min.css
HTTP/1.1 200 OK
Content-Type: application/font-woff2
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 77160
146.70.79.13/assets/images/packages/p2.jpg
200 OK 15 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash 8880d073c38a9214212963945aee7243
93082bb0a9659840e5d3623a319293e0f64c3f3e
fd28fea80d02c742a6837f655d0cc6ee05e102cf0fd90d71d93b7aca9e80cc28
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p2.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:00 GMT
Accept-Ranges: bytes
ETag: "09830b616d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 14822
146.70.79.13/assets/images/packages/p3.jpg
200 OK 12 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash 193bc1bc46b008a5e777f1b9e375d93a
b53b07bab40aac8ac47191de673ebfd853c2fa03
a6033d8019c77e830677a63402bb2f19ebb15edcd33e1c454e55c3e229c20fda
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p3.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:00 GMT
Accept-Ranges: bytes
ETag: "09830b616d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 12477
146.70.79.13/assets/images/home/offer-timer.jpg
200 OK 96 kB URL HTTP/1.1 146.70.79.13/assets/images/home/offer-timer.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x551, components 3\012- data
Hash cba1943635c1f4a6ef7d1c9064b4c435
acc37ba5eca868695accd5edfe6aafd53e5fce75
1f1971e8d0faf3f6c6e2053e3d6677c0d17cdaf5c7552e70064a36b83d981247
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/home/offer-timer.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:24 GMT
Accept-Ranges: bytes
ETag: "0b47ec416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 96312
146.70.79.13/assets/images/offer/offer-banner.jpg
200 OK 89 kB URL HTTP/1.1 146.70.79.13/assets/images/offer/offer-banner.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1919x800, components 3\012- data
Hash f556e492f119cff4a5e8450f5de77ca0
69299284ae6da879161a31673d35cf76b7d9f452
a0c734ed3b6eeba6891d3e0ac9709318b241408feca35accacfe11a32dd6bd1d
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/offer/offer-banner.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:24 GMT
Accept-Ranges: bytes
ETag: "0b47ec416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 88742
146.70.79.13/assets/images/packages/p4.jpg
200 OK 18 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash 0a171341789e622c45d1f66b839390e5
92d2dd2f1bbd77e85554b9675444666bb46a554e
769d63d269f6dacd3ae015b159dc1419d9f78a833d917c9b39b2c56301f7f8f6
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p4.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:02 GMT
Accept-Ranges: bytes
ETag: "0c561b716d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 17593
146.70.79.13/assets/images/packages/p5.jpg
200 OK 35 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash 3aec61806f7c48c1257e7225fc1bcf76
d8fd93ba4cbd7934f20dbde6a4854504f0d642e7
b57d3c78cf28dfc75bb6bfe27bfdf72bb3fcee92ba201ebdb1b174d0ff0d90bc
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p5.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:02 GMT
Accept-Ranges: bytes
ETag: "0c561b716d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 34778
146.70.79.13/assets/images/packages/p6.jpg
200 OK 15 kB URL HTTP/1.1 146.70.79.13/assets/images/packages/p6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x300, components 3\012- data
Hash 5ef54489a17ce3814cbbbfc45c7a78b2
93f9e335ba523f4543192d93eceb0219d1c62539
272743569bf890351df12e8ca5fa654134d49cb179a79e2cee2a5cf8ddb8aeb2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/packages/p6.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:02 GMT
Accept-Ranges: bytes
ETag: "0c561b716d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 14631
146.70.79.13/assets/images/home/banner.jpg
200 OK 175 kB URL HTTP/1.1 146.70.79.13/assets/images/home/banner.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x1000, components 3\012- data
Size 175 kB (174744 bytes)
Hash eb0d85859354efa4e874f5932a6886a6
794620a0fe1ef6f02c882dedba0de2e47d067c0b
dcda6002a03b837f70946a05d12fd39d223a94645a144f5bec03754b6950625f
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/home/banner.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:22 GMT
Accept-Ranges: bytes
ETag: "0874dc316d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:44 GMT
Content-Length: 174744
146.70.79.13/assets/images/client/testimonial1.jpg
200 OK 1.9 kB URL HTTP/1.1 146.70.79.13/assets/images/client/testimonial1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Hash 501935817171a498d1cfdd464753b0ec
9666a789257df252f7975f8d828f737e3760b5a7
8e0a5f9f9b20c54b02e44102a52b0353595b8ea5d3b9199d4ce227300bb47d79
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/client/testimonial1.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:02 GMT
Accept-Ranges: bytes
ETag: "0c561b716d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 1874
146.70.79.13/assets/images/client/testimonial2.jpg
200 OK 1.7 kB URL HTTP/1.1 146.70.79.13/assets/images/client/testimonial2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 85x85, components 3\012- data
Hash 553dfd2f7493284cd6f135318acee9d5
7597ada9cf6098adfade0a7a446bca849068fdc4
ea6e5951a1a07ae4ea3ddaf4eb22523113f62b536e497c9a09554e724ef8309e
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/client/testimonial2.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:04 GMT
Accept-Ranges: bytes
ETag: "0f292b816d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 1735
146.70.79.13/assets/images/offer/offer-shape.png
200 OK 31 kB URL HTTP/1.1 146.70.79.13/assets/images/offer/offer-shape.png
IP
File type PNG image data, 292 x 759, 8-bit colormap, non-interlaced\012- data
Hash 442b5e58f0716a9ed0b9a4732b80ce37
d5c89ee7f41ec191dbd66fd27e4d99d3f39d6b0d
ebaaa2c26fe2805ebbcca4aa9f56d5af721ba217774e994e51c69ff6d2e011ad
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/offer/offer-shape.png HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Tue, 10 Apr 2018 21:56:04 GMT
Accept-Ranges: bytes
ETag: "0f292b816d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 30766
146.70.79.13/assets/images/blog/b1.jpg
200 OK 11 kB URL HTTP/1.1 146.70.79.13/assets/images/blog/b1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x220, components 3\012- data
Hash a5f10aa1ba72ccd3e9a320b21f11242a
0491e8d558b9bd8f1b5c474e3c5e1370b747639a
c094d6de05ceb1646f75e10ee564fb4287c05ba2c139131153149caf4fb08c93
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/blog/b1.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:04 GMT
Accept-Ranges: bytes
ETag: "0f292b816d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 11200
146.70.79.13/assets/images/blog/b2.jpg
200 OK 16 kB URL HTTP/1.1 146.70.79.13/assets/images/blog/b2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x220, components 3\012- data
Hash 560b3627f7992102301a1d669c655f55
d47b09cefd5ec499b77d0d1b5f67a0e209424efc
e18f79351964b7b8ccd2b1968b03d0d2b8d3143f76d0a079a0f63daeaa79ec38
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/blog/b2.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:04 GMT
Accept-Ranges: bytes
ETag: "0f292b816d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 15565
146.70.79.13/assets/images/blog/b3.jpg
200 OK 22 kB URL HTTP/1.1 146.70.79.13/assets/images/blog/b3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x220, components 3\012- data
Hash a45c2d36c9f8ed96cc120270d1e1b06f
3934b6ebde7aafec3a8f820380282cb11b4007c5
5c94c977dce76f0dabb205ef44f84ee02e263acfb54b53fa292a7d88c04d0845
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/blog/b3.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:04 GMT
Accept-Ranges: bytes
ETag: "0f292b816d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 22381
146.70.79.13/assets/images/gallary/g1.jpg
200 OK 20 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g1.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x320, components 3\012- data
Hash cad9e0a9eedcd0aac899ff8affaf60a3
581d6101663336283f7684d4ebc2eedbe0160b89
cd3bb7517441b13a7626f8714d4e831ebdcaf1d2a1212c24ee722f21a7f31b06
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g1.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:55:58 GMT
Accept-Ranges: bytes
ETag: "06bffb416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 19650
146.70.79.13/assets/images/gallary/g2.jpg
200 OK 27 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g2.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 570x320, components 3\012- data
Hash f0031822228c4bab624f03cbd9fc271c
26867b39e043d08771c60eb86c4003e8ed2ec999
d66969769be7922320cc04e8fb511c6a8c7d2ed80a1b8b42cd3105c270496e02
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g2.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:55:58 GMT
Accept-Ranges: bytes
ETag: "06bffb416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 27195
146.70.79.13/assets/images/gallary/g3.jpg
200 OK 49 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g3.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x670, components 3\012- data
Hash 785b8afce8bddbff84a9f49eb473acb0
8211fe25b76727227eb2df7d43f84c366f881426
10cc65620de1fe4d297a1d3a94ffb8c3490e162937c70d29988be1f6b0fb250f
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g3.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:55:58 GMT
Accept-Ranges: bytes
ETag: "06bffb416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:45 GMT
Content-Length: 49326
146.70.79.13/assets/images/gallary/g4.jpg
200 OK 22 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g4.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x320, components 3\012- data
Hash 546ddcd52b919b9b6c463ac914c637b7
81e324ae2145ef4188211465cca96e235a1ab68b
97580eec2b705ab36c0940329945fbb018c91d17ecf91e742c3794553d7cc7f4
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g4.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:55:58 GMT
Accept-Ranges: bytes
ETag: "06bffb416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:46 GMT
Content-Length: 22539
146.70.79.13/assets/images/gallary/g5.jpg
200 OK 34 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g5.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 370x320, components 3\012- data
Hash 7e88ab2d4efabcc321f40bc7ceba3282
c8f43d8517c98a4efef625c98813ccbca976ca42
942cfd4cc42d055f652601d43848b20b6769c1415f7eb683f1a97bdd0752ff85
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g5.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:55:58 GMT
Accept-Ranges: bytes
ETag: "06bffb416d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:46 GMT
Content-Length: 33884
146.70.79.13/assets/images/gallary/g6.jpg
200 OK 60 kB URL HTTP/1.1 146.70.79.13/assets/images/gallary/g6.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 770x320, components 3\012- data
Hash ee18f71beaafc33215cf58dfce61489d
047ff1766c93c85cedba0e8a6c39096d3af6df7f
c8caf13dc5c4d285296a926502bd0c4a5b4336390881d52aa08d8e818f448ec4
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/gallary/g6.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:00 GMT
Accept-Ranges: bytes
ETag: "09830b616d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:46 GMT
Content-Length: 59632
146.70.79.13/assets/images/home/subscribe-banner.jpg
200 OK 104 kB URL HTTP/1.1 146.70.79.13/assets/images/home/subscribe-banner.jpg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1920x433, components 3\012- data
Size 104 kB (104175 bytes)
Hash bdc070811902cc5f001e022a08597112
dee1a7a77b8e6bdbbeb1e0a5772fc0d1b23fb13f
8c7d33a71f6602336c443b976b60ac9de5295722297ca3a7eebab60bb3b79f21
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/home/subscribe-banner.jpg HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/assets/css/style.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Tue, 10 Apr 2018 21:56:26 GMT
Accept-Ranges: bytes
ETag: "0e1afc516d1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:46 GMT
Content-Length: 104175
146.70.79.13/assets/logo/favicon.png
200 OK 1.5 kB URL HTTP/1.1 146.70.79.13/assets/logo/favicon.png
IP
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash bcff139d9b0380e5df5ba54904b9fa98
fa4349b515a14921ad573f0c2b5795c850433ce3
1f5c424c37c306905c63b219f4d3159a4ccd0f67ece47f420d1fe59085351bb0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/logo/favicon.png HTTP/1.1
Host: 146.70.79.13
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://146.70.79.13/
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Thu, 01 Mar 2018 14:26:18 GMT
Accept-Ranges: bytes
ETag: "021244369b1d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 01 Feb 2023 19:53:46 GMT
Content-Length: 1534
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 78fe9a77211d6f9a462f625af0c6f9bc
ac0b58423d7578e7a1b60a62220c0a57924dda82
e047466c3ae0a55509f4ace49d0476f94271b5a25e71caa3b06ec468a238b652
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb36bfce9-5d67-458e-846d-ca30f9242449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 14041
x-amzn-requestid: 2be6655d-3b0e-4e65-b44b-11682610b640
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: foJaRGFpIAMFbMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9890e-5554d18d5db235913afa77a2;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 21:33:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: MeSOuCSjsjhK6FOS67rw6oF4rS08twjOACGbXJrNPH6vwZb8lZh9lw==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 4f3feb5c4393987d42d1971d404d7cea.cloudfront.net (CloudFront), 1.1 google
date: Tue, 31 Jan 2023 21:51:18 GMT
etag: "ac0b58423d7578e7a1b60a62220c0a57924dda82"
content-type: image/jpeg
age: 79353
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Poppins:100,200,300,400,500,600,700,800,900
IP
GET /css?family=Poppins:100,200,300,400,500,600,700,800,900 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://146.70.79.13/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 19:53:43 GMT
date: Wed, 01 Feb 2023 19:53:43 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Rufina:400,700
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Rufina:400,700
IP
GET /css?family=Rufina:400,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://146.70.79.13/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 01 Feb 2023 19:53:43 GMT
date: Wed, 01 Feb 2023 19:53:43 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
146.70.79.13
34.160.144.191
23.36.76.226