r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16464
Expires: Thu, 27 Oct 2022 00:00:11 GMT
Date: Wed, 26 Oct 2022 19:25:47 GMT
Connection: keep-alive
forclassified.com/ms/unepquarucestttiicundo
173.82.105.11302 Found 239 B URL HTTP/1.1 forclassified.com/ms/unepquarucestttiicundo
IP 173.82.105.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 20edc18ec33fe65849fa944de677fef5
4abe8aa9ef83a8d0140820b47d09b29795f155d0
000287c6babfcd904d76426d1e243436ee0710dc9b255520710a8b45dd9ff570
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /ms/unepquarucestttiicundo HTTP/1.1
Host: forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Date: Wed, 26 Oct 2022 19:25:47 GMT
Server: Apache
Location: https://www.forclassified.com/ms/unepquarucestttiicundo
Content-Length: 239
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5598
Cache-Control: max-age=142713
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:47 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:04:20 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2653
Expires: Wed, 26 Oct 2022 20:10:00 GMT
Date: Wed, 26 Oct 2022 19:25:47 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: In8mXEcrCn2VDvJMwhEzBo6vDGXikA1OWelrNPAHrk5oJ70tnS3KXT+i9Tmw2ezAUuHaEHL2EFI=
x-amz-request-id: 22FT7TTYEPP15NNN
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 26 Oct 2022 18:39:18 GMT
age: 2789
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 26 Oct 2022 19:25:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3254
Cache-Control: max-age=135313
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:48 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:01:01 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
35.164.56.167101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.164.56.167:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XyKPL1CqPzS20SOC5SXdGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: PM5QYNFlPlTqADxdEy378tnzH6A=
www.forclassified.com/ms/unepquarucestttiicundo
173.82.105.11404 Not Found 31 kB URL HTTP/1.1 www.forclassified.com/ms/unepquarucestttiicundo
IP 173.82.105.11:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (11279), with CRLF, LF line terminators
Hash 6f593a023b6275b71cda6f8aacf6fb51
f78f00b42ecb370aea68e3ba16371dc79d03fb6d
a15c907fb41cfca8a4b697ba9d200f7abebb051ad02eb41ae55ff466db98129e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /ms/unepquarucestttiicundo HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 404 Not Found
Date: Wed, 26 Oct 2022 19:25:48 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3; path=/; secure; HttpOnly
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
ocsp.digicert.com/
93.184.220.29200 OK 278 B IP 93.184.220.29:0
Hash 91b74d6ae217958f13ebc358f22f561d
3f77d30d7eaf3c53fc45594dbf932353b06c2873
9ec534d559ceb1575554743f2bc9ade643e5d5e5a7e32355699eee8cb67460d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4348
Cache-Control: max-age=128880
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:49 GMT
Etag: "6358cd31-116"
Expires: Fri, 28 Oct 2022 07:13:49 GMT
Last-Modified: Wed, 26 Oct 2022 06:01:21 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278
www.forclassified.com/oc-content/themes/boxer/css/bootstrap.min.css
173.82.105.11200 OK 100 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/bootstrap.min.css
IP 173.82.105.11:0
File type ASCII text, with very long lines (65366)
Hash 8a7442ca6bedd62cec4881040b9a9e83
e2d2b846e9ea72a1985458a3748aab4e01a8fb3a
e9503448692b738dd260fbd7f7cabf2e11f09b600fa97e6eb3a56eba5b1a7e9b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/bootstrap.min.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:48 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:06 GMT
Accept-Ranges: bytes
Content-Length: 99961
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
104.18.11.207200 OK 7.3 kB URL HTTP/2 maxcdn.bootstrapcdn.com/font-awesome/4.7.0/css/font-awesome.min.css
IP 104.18.11.207:0
File type ASCII text, with very long lines (30837)
Hash 13aa9418d70dca257779cf8d00c01cea
3f463c700750acc9f61d3706d0b4caff45b6fe5e
c10593efc324c4f7ff0874563e1d78e6db20cc1bff321533ab2c1cc4cdc8b03c
GET /font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1
Host: maxcdn.bootstrapcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 19:25:49 GMT
content-type: text/css; charset=utf-8
vary: Accept-Encoding
cdn-pullzone: 252412
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cdn-requestcountrycode: SE
cdn-edgestorageid: 722, 617
last-modified: Mon, 25 Jan 2021 22:04:55 GMT
cdn-cachedat: 2021-03-10 20:26:20
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cache-control: public, max-age=31919000
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
x-content-type-options: nosniff
cdn-requestid: 121d365db7a9aba3915641185d93b963
cdn-cache: HIT
cf-cache-status: HIT
age: 16123156
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7605947dfc4bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
142.250.74.10200 OK 1.1 kB URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:300,600&subset=latin,latin-ext
IP 142.250.74.10:0
Hash de7bc92a0fc3fe345dd05db17fc576e8
f3de9ec998be2a421ad9bfbd1af88153d531f387
4785be96f03437d63bf2049a25172c36f46f2b19d17289633781359793059b57
GET /css?family=Open+Sans:300,600&subset=latin,latin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 26 Oct 2022 19:25:49 GMT
date: Wed, 26 Oct 2022 19:25:49 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.forclassified.com/oc-content/plugins/popular_ads/pop_ads_style.css
173.82.105.11200 OK 1.7 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/popular_ads/pop_ads_style.css
IP 173.82.105.11:0
File type ASCII text, with CRLF, CR line terminators
Hash 44f8cf947e39cb456c11135e75f0ca5a
68391abb1c6ffead1cdaf5cd318b0222c592628f
d09f92efbe0fe4bcee4f1f9cf4e96c08a6734da502df7502994a6ee4d5b1d0e4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/popular_ads/pop_ads_style.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Tue, 06 May 2014 08:06:44 GMT
Accept-Ranges: bytes
Content-Length: 1709
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/css/responsivefix.css
173.82.105.11200 OK 1.4 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/responsivefix.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 6bc6109d8bcf8f4e8f4f26e3b4bf71ca
d3f1f53a3d4514c41b0f4c7244761d6e5e54a186
7216a052baeba5252901a9d7a0bbc33ee2ae878460ffe3087498ee563d09ae89
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/responsivefix.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:02 GMT
Accept-Ranges: bytes
Content-Length: 1426
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/scrolltop/css/scrolltop.css
173.82.105.11200 OK 582 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/scrolltop/css/scrolltop.css
IP 173.82.105.11:0
Hash 51f33c9e3b0260ae2833c31c17dfa83e
da68c6df32515a625db1584fe35b9e7c2940f385
4f8dd34efe751f4d210fe4251b40ffb2fd9f65dad754c3c5d924ddd4ccb029bc
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/scrolltop/css/scrolltop.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 14 Sep 2015 11:12:20 GMT
Accept-Ranges: bytes
Content-Length: 582
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/realestate_attributes/css/style.css
173.82.105.11200 OK 524 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/realestate_attributes/css/style.css
IP 173.82.105.11:0
Hash 96f354a28a40042c170a5de095e72d85
4d7e3bf94c1dc91b5b2b9fdd9040264091a42688
4e94efd8e5c3ee5d615352b417b94f6f4fcb85c651d44575d77c297a7eeec1d6
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/realestate_attributes/css/style.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Tue, 29 Apr 2014 13:35:27 GMT
Accept-Ranges: bytes
Content-Length: 524
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/jobs_attributes/css/styles.css
173.82.105.11200 OK 1.5 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/jobs_attributes/css/styles.css
IP 173.82.105.11:0
Hash 31694d4a9c9dd16aa47ec07b9923e004
1c687cdca79fb8709d37ed21a31c9bd8a1e62d40
6a5b5077224167164ed9db544b65b7492e1526532b3db03ae3ec64edbf128cf9
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/jobs_attributes/css/styles.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Sun, 20 Apr 2014 13:03:56 GMT
Accept-Ranges: bytes
Content-Length: 1519
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
173.82.105.11200 OK 37 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 5047d22c1abff1b41c0a30bfd7da4683
e2f4d106e10d4a103011fbdf4bc3e2502fb6349b
0c370004311dcafb69f711804b26b97b85f6dd4463b067795fe7c18914979392
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/style.css?42372 HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:02 GMT
Accept-Ranges: bytes
Content-Length: 36864
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/osclasspoint_updater/css/tipped.css
173.82.105.11200 OK 9.3 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclasspoint_updater/css/tipped.css
IP 173.82.105.11:0
File type ASCII text, with very long lines (9338), with no line terminators
Hash 3234435840d5cb11e1081b834a94f07d
7c36985e11c7903bbb1591ea33f9d62415e6bc12
fa99d8a7877e52ca1ba485b32970281ffbf9bf8546b708d04cca56c49543db08
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/osclasspoint_updater/css/tipped.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Thu, 12 Dec 2019 18:35:12 GMT
Accept-Ranges: bytes
Content-Length: 9338
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/osclass_pay/css/tipped.css
173.82.105.11200 OK 9.3 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclass_pay/css/tipped.css
IP 173.82.105.11:0
File type ASCII text, with very long lines (9338), with no line terminators
Hash 3234435840d5cb11e1081b834a94f07d
7c36985e11c7903bbb1591ea33f9d62415e6bc12
fa99d8a7877e52ca1ba485b32970281ffbf9bf8546b708d04cca56c49543db08
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/osclass_pay/css/tipped.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 19 Mar 2021 20:11:46 GMT
Accept-Ranges: bytes
Content-Length: 9338
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/osclass_pay/css/admin_items.css
173.82.105.11200 OK 504 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclass_pay/css/admin_items.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 2184e7cff2d3f92e73729ab41a9f1f32
700c12c39c23f08e43ef54450829442d6111456f
280c60296b03aaf24aaa9d67b63a19f78aafda3369983b3d08b69d2de3f64e49
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/osclass_pay/css/admin_items.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 19 Mar 2021 20:11:46 GMT
Accept-Ranges: bytes
Content-Length: 504
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/js/fancybox/jquery.fancybox.css
173.82.105.11200 OK 4.9 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/js/fancybox/jquery.fancybox.css
IP 173.82.105.11:0
Hash 10613901ee33dc2dfdcd95589fedafa3
f5195fbd557bf38109a4739e416d80633f00a179
2d64ce33c2001f69e070d01a69767213d51c5dc64819fd7709c4471155574f61
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/js/fancybox/jquery.fancybox.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:32 GMT
Accept-Ranges: bytes
Content-Length: 4888
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-includes/osclass/assets/js/fineuploader/fineuploader.css
173.82.105.11200 OK 4.9 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/fineuploader/fineuploader.css
IP 173.82.105.11:0
Hash bf8acaf68fb094e42f94aa716e4af6d7
783e4af86275513ffc09b5efa9011e8fe51e925c
55c7b96c38bc46b97dc88d1d2a7266a2d507ce94f4cca6a4b6fe98d643dc44cf
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/fineuploader/fineuploader.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 4875
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Wed, 26 Oct 2022 21:19:49 GMT
Date: Wed, 26 Oct 2022 19:25:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Wed, 26 Oct 2022 21:19:49 GMT
Date: Wed, 26 Oct 2022 19:25:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Wed, 26 Oct 2022 21:19:49 GMT
Date: Wed, 26 Oct 2022 19:25:49 GMT
Connection: keep-alive
www.forclassified.com/oc-content/themes/boxer/css/ajax-uploader.css
173.82.105.11200 OK 1.2 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/ajax-uploader.css
IP 173.82.105.11:0
Hash 3b0cbd9b73f4c9481337dac8b6d8c55c
1cd3c460286e7cf5fe6e4b90b98f0724f4ece51a
a9e3da59361659bf330ad92a860c47cc8e08afaea11b2f18a81ca0cdfc805e17
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/ajax-uploader.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:06 GMT
Accept-Ranges: bytes
Content-Length: 1226
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Wed, 26 Oct 2022 21:19:49 GMT
Date: Wed, 26 Oct 2022 19:25:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 358ecd0ec047d700042e2a62f9847199
7bf4c552f47536fe451dc6ccfb0930c592084ef9
e14317aace5d64e9901867578379dd4dd4252b059070d37722f82ebb2e649d27
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E14317AACE5D64E9901867578379DD4DD4252B059070D37722F82EBB2E649D27"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6840
Expires: Wed, 26 Oct 2022 21:19:49 GMT
Date: Wed, 26 Oct 2022 19:25:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cd3b0c2f628a973659cdb368dfc64cf
c5097681a4dcff980dc788191356e7e7c21ef3b1
03374811ad045fafd0d6898ef3b1beea094b785e8144f570e2d7e9912773c2a9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F337e2b0e-2813-4291-b863-bbc99409db00.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10380
x-amzn-requestid: 9027dbc2-08da-449f-9a40-59c58169fa28
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aelDlG5XIAMFTTw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6355b549-4dd10f5c123194ff6ce4070f;Sampled=0
x-amzn-remapped-date: Sun, 23 Oct 2022 21:42:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Xu_0AjIlVylGEl9Y_lr76TvbxH32dN_Ixcc4wbt-E7imX5S8FfO-yg==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 a3bd0eb50c22e4d5fbda56a30b96002c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:09:33 GMT
age: 69376
etag: "c5097681a4dcff980dc788191356e7e7c21ef3b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
34.120.237.76200 OK 4.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 91ee720c15dc69de45080d0c951353af
5292b31a99d90bcb7071f327b93d52034bdf9dcb
7fbe9f0f6db08fd539f2e8d4ac22e3b4d5ca14f7cde69f8424cce8b361d026e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fadc5382d-fbb1-4d8e-8ee0-d7dcda16508e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4524
x-amzn-requestid: a493efe7-11c7-4032-b36b-7f838f8180bc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: aljicH_6IAMFqpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63587fa9-0f15eae7680ea7b15e5e47ec;Sampled=0
x-amzn-remapped-date: Wed, 26 Oct 2022 00:30:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: NQJHFIbLMzw0aGwCkVGIEIHOMHprTpvLkLQRKgrGeVj35sk7sW4IUg==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 00:36:34 GMT
age: 67755
etag: "5292b31a99d90bcb7071f327b93d52034bdf9dcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash db946866312c734e0c5f91ca76255b2f
e8b8236baab9106a426a415eb01494cc4cc91ad1
a695e7bc87da2c6d9f5669c09e662fe22982e69cb139466efa5093429fe19866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae122c0f-a41b-4abc-a703-a5de223ae39a.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8439
x-amzn-requestid: e0eed725-0725-4f5a-9c91-fec13ad0ebe5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ajKYQGWhIAMFdhw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63578a9b-2a0115120e75f5271cea992f;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 07:04:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: pf98qKWMjPBID3auXFKPhj1kt67xEWF_e2CpRMQ7_HkPJGzJ3cK1qw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 2324edbcb8fc72f617442c65f36a40fc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 26 Oct 2022 07:18:26 GMT
age: 43643
etag: "e8b8236baab9106a426a415eb01494cc4cc91ad1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
34.120.237.76200 OK 3.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 494a826ce7609ee5cc8157ea5de5f4f7
3d28f2daeef33f37c91bd26cb527793288635103
09f702f40e29e6b0c27abc5c7bb4605e504453b543c92805ba4045bd3d65c4d0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feac38eda-2bed-4703-8560-7d07ad90dabc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3337
x-amzn-requestid: 5a06b710-2b88-435e-8863-3e0e58742e6d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ21FjooAMFp8Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585691-2adc1ac2375e087b20ad0e32;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:13 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 02nWxjGUWnLOfCCH-_N91bhvwj9nD2aqZr757DDchdNlHitK7bih4Q==
via: 1.1 a8e5d5aeee6eacca5c379e5059b1f68c.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:12:48 GMT
age: 76381
etag: "3d28f2daeef33f37c91bd26cb527793288635103"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5987bcd44ab0db5313aa4f409a8a212f
691a36cde98a9fe1660745dd811e0be2ae67036c
e47ce3587c647b52669f675dc7e84e21555f82138091fb04febc951b4c06ba30
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5da11cdb-c8be-46f4-95b0-792c49d930a7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8553
x-amzn-requestid: 69931a9c-027e-428e-a88d-61c5fac64daa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alJ2iEnzoAMFZAA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585690-12c78c5157fb3fa41a13548c;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:35:12 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zfjAcNokC0aMpSY3juYAi_Wo1MMRskGGJ0y9jb7x3Ps9R6wfiUg-IQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 21:57:47 GMT
age: 77282
etag: "691a36cde98a9fe1660745dd811e0be2ae67036c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
34.120.237.76200 OK 7.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c3ae78510434fd68063fc144bf614382
3bb87ca5274ce9f6d81da60ab940d23ccd12843b
f42d89328435cb37cba1111903a6bd5e900857d0942e1506ea2115b4e6301541
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6fe27cf2-33a8-42cc-a8cd-f5e804e60e26.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7929
x-amzn-requestid: 6324abd6-8e27-4903-8bfc-a0fc6a8625be
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: alK9LEeoIAMF5mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63585854-2900343b1ae208a903fe58fd;Sampled=0
x-amzn-remapped-date: Tue, 25 Oct 2022 21:42:44 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5MR4UzoW6rVsSpEyPAWrcFb2LCRICaG-toy3JflaXRrzZwcgMs48VQ==
via: 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Tue, 25 Oct 2022 22:09:07 GMT
etag: "3bb87ca5274ce9f6d81da60ab940d23ccd12843b"
content-type: image/jpeg
age: 76602
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.forclassified.com/oc-content/plugins/password_meter/passwordM.css
173.82.105.11200 OK 669 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/password_meter/passwordM.css
IP 173.82.105.11:0
Hash 6fe71cbf8ec51f41cf53bd3fc405535e
214ef802a452b69de4bc7b59d8483bfe2cbcbaba
68f63b8ee5ed040d30d237217a76da469f37e71420bc612325fd371f9f59b06d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/password_meter/passwordM.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Wed, 07 May 2014 07:39:20 GMT
Accept-Ranges: bytes
Content-Length: 669
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/navigate/style.css
173.82.105.11200 OK 1.4 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/navigate/style.css
IP 173.82.105.11:0
Hash e83f7f8a76ff2c4570ef7441b962dac3
a1bf213efd98a8e9fda30e4f6966cbca51bafd80
481428ef4967add941e0c1a7675ef09a34f8fc68c652c22c2e05e9c26ac8d529
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/navigate/style.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 09 Jan 2015 10:40:59 GMT
Accept-Ranges: bytes
Content-Length: 1378
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/osclass_pay/css/user.css?v=20221027005548
173.82.105.11200 OK 93 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclass_pay/css/user.css?v=20221027005548
IP 173.82.105.11:0
File type ASCII text, with very long lines (469), with CRLF line terminators
Hash f9cf79b898c3ceca891f88c07a10def9
b16366239cc78a9fea3f59e18ec9aff94e6136d1
cd2c996ecf94cbeff47ab41a1cc965d325a089171788c8fda3a8b2734feea982
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/osclass_pay/css/user.css?v=20221027005548 HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 19 Mar 2021 20:11:46 GMT
Accept-Ranges: bytes
Content-Length: 92921
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/css/orange.css
173.82.105.11200 OK 1.3 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/orange.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash c7126b65cf0fd5c49d537032a4e970d3
e8f8553295f9c837dfd13f10f040396f9df1706a
1a6fb636cfed3003ff0494ca41a48d49ad7e7e565d574287ae7e3151cda75e3b
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/orange.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:02 GMT
Accept-Ranges: bytes
Content-Length: 1269
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/slider/responsiveslides.css
173.82.105.11200 OK 2.1 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/slider/responsiveslides.css
IP 173.82.105.11:0
Hash 81c53ff10514fd6cf21d365732b56bb3
88e8f102b78dfee6fd90b9e7282bc9187d86e08f
8d9775f7b0d4d13538bf64eb2b8bbb26cf420ac65c9fea5782a7ec33002495f4
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/slider/responsiveslides.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Tue, 03 Aug 2021 18:23:37 GMT
Accept-Ranges: bytes
Content-Length: 2121
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/tags/css/tags.css
173.82.105.11200 OK 948 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/tags/css/tags.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 18772d9cf41d1c8f87f3c9e688aae97b
55e93fda8ce6ceb150381cadd77e18d69e89d379
868cac56ccab71fc0db7d60e5ccb849e23568f080fe2c51adb724d8f059bc0e7
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/tags/css/tags.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Mon, 24 Nov 2014 17:52:50 GMT
Accept-Ranges: bytes
Content-Length: 948
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/plugins/zo_advancedcaptcha/assets/web/css/main.css
173.82.105.11200 OK 131 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/zo_advancedcaptcha/assets/web/css/main.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash b89db0e9268b24cf3fb397cf0c18049f
21879ec46154d3153a4c6a75308b4d7ddb26fa0b
5121c008f52a899f8fe8625644e90e6d567d0d7948256cbe8d56e6fc68a82583
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/plugins/zo_advancedcaptcha/assets/web/css/main.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Sun, 31 May 2020 18:05:40 GMT
Accept-Ranges: bytes
Content-Length: 131
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-includes/osclass/assets/js/jquery.min.js
173.82.105.11200 OK 93 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/jquery.min.js
IP 173.82.105.11:0
File type Unicode text, UTF-8 text, with very long lines (65481)
Hash 3a728460147fb9af7faf0e587b9fbf42
f3a55f44fb81cf8ee908a3872841f70d6548f8c1
8c574e0a06396dfa7064b8b460e0e4a8d5d0748c4aa66eb2e4efdfcb46da4b31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/jquery.min.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 92555
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/osclasspoint_updater/js/tipped.js
173.82.105.11200 OK 76 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclasspoint_updater/js/tipped.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (32117)
Hash e4e79115d36f8ab56330e87562ff5639
1543bad54c75ef1804553a30fcc00b0e266b3d40
6a094efa02280805fe7b09f51e2b5c823b87466682b70b900c63a9daa5192651
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/osclasspoint_updater/js/tipped.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Thu, 12 Dec 2019 18:35:12 GMT
Accept-Ranges: bytes
Content-Length: 76379
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/location_required/jquery.metadata.js
173.82.105.11200 OK 4.0 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/location_required/jquery.metadata.js
IP 173.82.105.11:0
File type HTML document, Unicode text, UTF-8 text
Hash 41d9b9831d715277ebb8dad3b6fa57d6
59380223c3347d7c98e60a61e105389abf625505
f0c0f9c55ec8feec67e104caf5765d8ed2b1eaaf8bc3ebac518b146982bd1ed3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/location_required/jquery.metadata.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Sat, 22 Feb 2020 17:57:37 GMT
Accept-Ranges: bytes
Content-Length: 3952
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/osclass_pay/js/user.js?v=20221027005548
173.82.105.11200 OK 17 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclass_pay/js/user.js?v=20221027005548
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 8301f4349d89010c89de2ac02319db0d
2b656f05a9a3eacc7e76d56ee9c30edb15f8d9c6
0f0de66c1c2fa4258a03163ebaffac617cc9b2eb88142c3fee808f55f3a63014
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/osclass_pay/js/user.js?v=20221027005548 HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 19 Mar 2021 20:11:48 GMT
Accept-Ranges: bytes
Content-Length: 17389
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-includes/osclass/assets/js/fancybox/jquery.fancybox.pack.js
173.82.105.11200 OK 23 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/fancybox/jquery.fancybox.pack.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (623)
Hash 306eae36a9954e4b28a85432bf88bb7b
c2588fb8555970073baf92e394efba291259df13
4330215f7a858522e3186202c41b82ae686c8ad2b5d81664eb0f86a067058e85
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/fancybox/jquery.fancybox.pack.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 22595
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-includes/osclass/assets/js/date.js
173.82.105.11200 OK 9.8 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/date.js
IP 173.82.105.11:0
Hash eee2877181e186cfad52b1bade457529
ab3a05241f917f42c7aaf78ed40dcde449c9c5e3
2c07182652ec9c9932571db22ddcfec8dc957e9853fb46d912e85ab346473b65
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/date.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 9834
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-includes/osclass/assets/js/fineuploader/jquery.fineuploader.min.js
173.82.105.11200 OK 81 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/fineuploader/jquery.fineuploader.min.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (32330)
Hash 6310aec6bc327d3291df40a63f13eb5c
e6b08ec22d9673d4bab1c4775d9045d0fa17f03a
0d87590c2a69e11f90d45e92f0333e35e88aa2fd20d0915e63c16c6caef2312e
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/fineuploader/jquery.fineuploader.min.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 81100
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/password_meter/passwordMeter.js
173.82.105.11200 OK 241 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/password_meter/passwordMeter.js
IP 173.82.105.11:0
Hash dec1368c0d695ec7cda77729d0f2329f
aaaa78f2b9e82cf762561dc4b5c59f7efb6308ef
0a47f28a855d03dbd6003d708961a081c548804393e3562f8be73151d9cfce36
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/password_meter/passwordMeter.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Wed, 07 May 2014 07:39:20 GMT
Accept-Ranges: bytes
Content-Length: 241
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/password_meter/jquery.pwdMeter.js
173.82.105.11200 OK 2.7 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/password_meter/jquery.pwdMeter.js
IP 173.82.105.11:0
Hash 3e2653863cb36979f206d296c25e8484
0dfe569380fdef7e82b6e06fa42270972a179826
505758f804c802e84fd19d8c723764dec7ed546cdec2ebf2921725395386513a
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/password_meter/jquery.pwdMeter.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Wed, 07 May 2014 07:39:20 GMT
Accept-Ranges: bytes
Content-Length: 2747
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/watchlist/js/watchlist.js
173.82.105.11200 OK 481 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/watchlist/js/watchlist.js
IP 173.82.105.11:0
Hash e428147f093036d08a1bf833f5421771
a027202e998db04ebd742f616098009c54c2a5d5
f5745b21d683b5192e09e17c29c9c4d64d021bacde0aad1243de1970e95ed242
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/watchlist/js/watchlist.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Sun, 19 Jan 2020 12:05:25 GMT
Accept-Ranges: bytes
Content-Length: 481
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/zo_advancedcaptcha/assets/web/js/main.js
173.82.105.11200 OK 1.2 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/zo_advancedcaptcha/assets/web/js/main.js
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 1f38173eeb1618b6d73fa1f2d6cd7ea2
83e985e442f3638a0edf3e4936f58060181e5483
206e3acb467c5289ab0b353ced16ea4c4b5f274072b296b4272939176649ad35
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/zo_advancedcaptcha/assets/web/js/main.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Sun, 31 May 2020 18:05:40 GMT
Accept-Ranges: bytes
Content-Length: 1152
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/scrolltop/js/scrolltop.js
173.82.105.11200 OK 935 B URL HTTP/1.1 www.forclassified.com/oc-content/plugins/scrolltop/js/scrolltop.js
IP 173.82.105.11:0
Hash eda12672ef4b28bb05e3bbb4974e3251
a928390400d2b779bba27e2150e5d94f3d004253
dce1d174cd5c8059d939b7393a1b7747e314e20acb30a78350cd851911288bfb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/scrolltop/js/scrolltop.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 14 Sep 2015 11:12:20 GMT
Accept-Ranges: bytes
Content-Length: 935
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/slider/responsiveslides.min.js
173.82.105.11200 OK 3.4 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/slider/responsiveslides.min.js
IP 173.82.105.11:0
File type HTML document, ASCII text, with very long lines (521)
Hash 04f1b2ac39e762cd516cb359755c8cc6
d649fbd823db40eb881b9810310698caced0ea58
1f306db5a9c29477acdd6b78d57734f0aa7936a1fa9b9ba8bd36204ba12aaf40
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/slider/responsiveslides.min.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Tue, 03 Aug 2021 18:23:37 GMT
Accept-Ranges: bytes
Content-Length: 3397
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/plugins/osclass_pay/js/tipped.js
173.82.105.11200 OK 76 kB URL HTTP/1.1 www.forclassified.com/oc-content/plugins/osclass_pay/js/tipped.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (32117), with CRLF line terminators
Hash f7222af7fdd7e7314dce098f5853be2d
c880141b5098b4c961b555a5045484451eb8f3bd
5a13c8e42cad14beee42a78c41f138ff2d5429ebcc9eea32960b253104219fe4
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/plugins/osclass_pay/js/tipped.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:49 GMT
Server: Apache
Last-Modified: Fri, 19 Mar 2021 20:11:48 GMT
Accept-Ranges: bytes
Content-Length: 76389
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/themes/boxer/js/custom.js
173.82.105.11200 OK 1.6 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/js/custom.js
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash 548f3353ace5accd73579b8a211246e7
5c3826ea2d313cbc7df3b3684148af9b5b8e1c33
bc735747f9f2a8bd86b836deaa3e0c5bf66ad37cfc65b1acde3f8055aa915417
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/js/custom.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:32 GMT
Accept-Ranges: bytes
Content-Length: 1584
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/themes/boxer/js/bootstrap.min.js
173.82.105.11200 OK 29 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/js/bootstrap.min.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (28941)
Hash ba847811448ef90d98d272aeccef2a95
5814e91bb6276f4de8b7951c965f2f190a03978d
898d05a17f2cfc5120ddcdba47a885c378c0b466f30f0700e502757e24b403a1
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/js/bootstrap.min.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:32 GMT
Accept-Ranges: bytes
Content-Length: 29110
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/themes/boxer/css/bootstrap-theme.min.css
173.82.105.11200 OK 13 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/bootstrap-theme.min.css
IP 173.82.105.11:0
File type ASCII text, with very long lines (13015)
Hash ddbca5c2c952b7e52496bfd8ca81aaeb
cb987aba7ffc59bb8bb3af241b2a032affc2094f
c72060928bf66e8ff55b42e653f95429d4777769d790921ff8390eb1068da303
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/bootstrap-theme.min.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:04 GMT
Accept-Ranges: bytes
Content-Length: 13185
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/css/iconmoon.css
173.82.105.11200 OK 24 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/iconmoon.css
IP 173.82.105.11:0
File type ASCII text, with CRLF line terminators
Hash e25b1e5713b63149a06f094d846835e5
979c0c87bd500a356b8849711eb6e03d2ce08dc7
24f49decff5b91c0a385b48b56ae80c46f8b5299a2140a0f10cb84f83fd857fa
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/iconmoon.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:04 GMT
Accept-Ranges: bytes
Content-Length: 24451
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-content/themes/boxer/css/font-awesome.min.css
173.82.105.11200 OK 21 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/css/font-awesome.min.css
IP 173.82.105.11:0
File type ASCII text, with very long lines (20604)
Hash bbfef9385083d307ad2692c0cf99f611
63a234ea4d60f6643a60a4d79e28f291b93c1743
b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/css/font-awesome.min.css HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:04 GMT
Accept-Ranges: bytes
Content-Length: 20766
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: text/css
www.forclassified.com/oc-includes/osclass/assets/js/jquery-ui.min.js
173.82.105.11200 OK 228 kB URL HTTP/1.1 www.forclassified.com/oc-includes/osclass/assets/js/jquery-ui.min.js
IP 173.82.105.11:0
File type ASCII text, with very long lines (64561)
Size 228 kB (228062 bytes)
Hash dd4d50ee7806010e283543924ff2abd3
ff271d77526139487e4f34b030c63292ce282411
5e4e0c1a2d7b2f4d3835b1ea8f0c7c538e5a46e0b6b29258c5fbdf1d1b4480ba
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
GET /oc-includes/osclass/assets/js/jquery-ui.min.js HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Fri, 06 May 2022 15:15:24 GMT
Accept-Ranges: bytes
Content-Length: 228062
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript
www.forclassified.com/oc-content/uploads/boxer_logo.png
173.82.105.11200 OK 10 kB URL HTTP/1.1 www.forclassified.com/oc-content/uploads/boxer_logo.png
IP 173.82.105.11:0
File type PNG image data, 200 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash 77f31f84de3c1f7309b286036c2331d2
19123eb29a02a24b8fd27462348c93d662fecee2
40d5d2439b85ea79e181a5b760b8612abb8cfabcb288efd6ac7afb51e84f9351
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/uploads/boxer_logo.png HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:50 GMT
Server: Apache
Last-Modified: Tue, 03 Aug 2021 10:55:43 GMT
Accept-Ranges: bytes
Content-Length: 9953
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: image/png
www.forclassified.com/oc-content/themes/boxer/images/btn-back-top.png
173.82.105.11200 OK 3.3 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/images/btn-back-top.png
IP 173.82.105.11:0
File type PNG image data, 35 x 53, 8-bit/color RGBA, non-interlaced\012- data
Hash 678f7e1f86d6e4dfa66e217a18df6c86
3fd32e228468021d5b35f66cfcb129c5f04962b5
373912434b7fa7a221e957bcb7bcf1b3f48fd7036ddb0feae9fd38a326830902
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/images/btn-back-top.png HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:51 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:28 GMT
Accept-Ranges: bytes
Content-Length: 3253
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ssl.google-analytics.com/ga.js
142.250.74.40200 OK 17 kB URL HTTP/2 ssl.google-analytics.com/ga.js
IP 142.250.74.40:0
File type ASCII text, with very long lines (1305)
Hash 01d5892e6e243b52998310c2925b9f3a
58180151b6a6ee4af73583a214b68efb9e8844d4
7e90efb4620a78e8869796d256bcddbde90b853c8c15c5cc116cb11d3d17bc4d
GET /ga.js HTTP/1.1
Host: ssl.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 17168
date: Wed, 26 Oct 2022 18:32:37 GMT
expires: Wed, 26 Oct 2022 20:32:37 GMT
cache-control: public, max-age=7200
age: 3194
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Wed, 26 Oct 2022 18:41:09 GMT
expires: Wed, 26 Oct 2022 20:41:09 GMT
cache-control: public, max-age=7200
age: 2682
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash e7f1de4025eee44eed5a0ada1e998d6c
fd8bfad40b964ffd3534ac3aff68aaf31d38ba37
fba4107e5627b68a00dc9c31a657be714c85dc7c648b8e8e1c7373cc305f8228
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 26 Oct 2022 19:25:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.forclassified.com/oc-content/themes/boxer/images/icon-search.png
173.82.105.11200 OK 1.3 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/images/icon-search.png
IP 173.82.105.11:0
File type PNG image data, 16 x 13, 8-bit/color RGBA, non-interlaced\012- data
Hash 2441d107c9dac014fae03ea61530865c
cd9943bb6ec332831d81a7cd74b3107579405d94
1376c49c51624aaa7d1f2985d30b4b5ad46329b231657c74152ffbbb41d66cfe
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/images/icon-search.png HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/oc-content/themes/boxer/css/style.css?42372
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:51 GMT
Server: Apache
Last-Modified: Mon, 19 Jan 2015 16:25:24 GMT
Accept-Ranges: bytes
Content-Length: 1263
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
www.forclassified.com/oc-content/themes/boxer/favicon/favicon.ico
173.82.105.11200 OK 15 kB URL HTTP/1.1 www.forclassified.com/oc-content/themes/boxer/favicon/favicon.ico
IP 173.82.105.11:0
File type MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash eb01f39f93ad01a9848de7a8714ec711
046db182db6e74d8781123ca3866316a548449c6
e3384f6cea16a53d730c3b25e2d24d57d82e4de9a8617e99337c600b7680c34d
Analyzer Verdict Alert mnemonic_dns Sinkholed
GET /oc-content/themes/boxer/favicon/favicon.ico HTTP/1.1
Host: www.forclassified.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/ms/unepquarucestttiicundo
Cookie: osclass=18f384793e95a3f1a1eed4325e55e3d3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 26 Oct 2022 19:25:51 GMT
Server: Apache
Last-Modified: Sun, 01 Aug 2021 19:51:24 GMT
Accept-Ranges: bytes
Content-Length: 15086
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/x-icon
www.getzon.com/application/modules/Like/externals/images/like_button.png
172.67.195.178301 Moved Permanently 0 B URL HTTP/1.1 www.getzon.com/application/modules/Like/externals/images/like_button.png
IP 172.67.195.178:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /application/modules/Like/externals/images/like_button.png HTTP/1.1
Host: www.getzon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 301 Moved Permanently
Date: Wed, 26 Oct 2022 19:25:53 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Wed, 26 Oct 2022 20:25:53 GMT
Location: https://www.getzon.com/application/modules/Like/externals/images/like_button.png
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Av6JeqqayeJjfU1IJd3iGfOWIUdb22fI8HjAxJ57DXvGAT0kFoxeMuM7cEVBEWSQ07DhIKsDofPeP9SQiT175aNaOiWLh%2B9UCm%2FwRAMqa4M%2Fhm9jEWxR50yU2fb2jeWlvA%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7605949c5b5db50c-OSL
alt-svc: h2=":443"; ma=60
www.getzon.com/like-box/user/3046
172.67.195.178200 OK 2.7 kB URL HTTP/2 www.getzon.com/like-box/user/3046
IP 172.67.195.178:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (11981), with CRLF line terminators
Hash 7a94c0669459e1c705bfa0b50a5ca8e7
234957082873b0062189f3e7b49030e55f436cfd
e8d52ec5267798011c68681d1f38ee15d672db99e736072d77c763d087e361b3
GET /like-box/user/3046 HTTP/1.1
Host: www.getzon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.getzon.com/show-like-box/user/3046
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Wed, 26 Oct 2022 19:25:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
set-cookie: PHPSESSID=b0b0255d305178d5e736ac6839f666f2; path=/
en4_language=en; expires=Thu, 26-Oct-2023 19:25:53 GMT; Max-Age=31536000; path=/
en4_locale=en; expires=Thu, 26-Oct-2023 19:25:53 GMT; Max-Age=31536000; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PodoWadaA3J%2FeOyXii1isQjuGN64VDq3fl5fUuFogxCArGY9tWIA2n3%2FTCQ7dF77HgOyNvVg42xgb2iQLuG3VRTocv%2FYJ6Z0Gxw6rSwV8Rnl7lCcoYtoakYQguJKYcZvig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760594990f7b1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.getzon.com/show-like-box/user/3046
172.67.195.178200 OK 4.7 kB URL HTTP/2 www.getzon.com/show-like-box/user/3046
IP 172.67.195.178:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 62e627b56fa172353e0ed0b00b8b03bd
a419c8aa58b2ae12f6f8365e33ab4716b89521d3
e32316334be6d227f65cbb9dece2f3729cb2293b9f8ca60ddba2d45f170f68d6
GET /show-like-box/user/3046 HTTP/1.1
Host: www.getzon.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.forclassified.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 26 Oct 2022 19:25:53 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding,User-Agent
set-cookie: PHPSESSID=ae132c8cc9e7df3b9a5f0a3decb8b52b; path=/
en4_language=en; expires=Thu, 26-Oct-2023 19:25:51 GMT; Max-Age=31536000; path=/
en4_locale=en; expires=Thu, 26-Oct-2023 19:25:51 GMT; Max-Age=31536000; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=19ueSFc3Vqq6XLECSGTNJbj1AT39xfpGcbfDASWMWZ8tmDuYL%2B862DcCm10%2FIEeIb4wmx0riLHefNo9ZVNA0ICaQSDlpXEp%2F4wOFi5s72WB21X3b1iYub%2B6hHyFFtmE45g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760594897ebe1c12-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2