r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash eb76c0b3adf4098ad8a9d1e38250758f
99610ddb2b4ec6d04250ac244f966951695d4f00
01ed8c191c175471aee23cbc196d558e5bf5209f166806fc97db08eb06544bab
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "01ED8C191C175471AEE23CBC196D558E5BF5209F166806FC97DB08EB06544BAB"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17522
Expires: Sat, 19 Nov 2022 23:51:48 GMT
Date: Sat, 19 Nov 2022 18:59:46 GMT
Connection: keep-alive
www.sauna-bb.com/
81.169.145.80200 OK 36 kB IP 81.169.145.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5237)
Hash b949a6d9ea471e04accbcb0d7506d14b
1a52163a09c10f6ea605c5860117041519f177cd
73464b757780b1ba3aeb9d0ab30f68ebd0c7c91df3341b4dc3c628db4ef2448a
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:46 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
p3p: CP="CAO PSA OUR"
cache-control: no-store
Content-Type: text/html; charset=utf-8
set-cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1; HttpOnly; Path=/; Version=1; SameSite=strict; Discard
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash f732c50f6a2482aeea20552e0370c2d0
6f33119d5c38e92a0a62f3a46766ff86014e4d68
a47e38c199c5fecd5594544a3889e1cfca5547d85f19056f06eaeeadf17f4fe9
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4093
Cache-Control: max-age=146380
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:46 GMT
Etag: "6378b071-1d7"
Expires: Mon, 21 Nov 2022 11:39:26 GMT
Last-Modified: Sat, 19 Nov 2022 10:31:13 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Alert, Content-Type, Retry-After, Content-Length
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 19 Nov 2022 18:44:58 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 888
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cee7787feebac18f9eca273e56e3741
3a7dac544172921e24c2a1701beef5079b21d01b
79ff4a450c749d64e116c00ca3b00d40e968906c5c3881d6eeb2dc6374a4c858
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "79FF4A450C749D64E116C00CA3B00D40E968906C5C3881D6EEB2DC6374A4C858"
Last-Modified: Sat, 19 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15066
Expires: Sat, 19 Nov 2022 23:10:52 GMT
Date: Sat, 19 Nov 2022 18:59:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 3CZWzKUqWLjQeWHsIGGUgdDQugvQKSUCvq3a3aolGBOZpyp388k2RFdfuY3Ov84Ta2f8EyMeh7k=
x-amz-request-id: Q0XG6K8X5BX9H2VE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 19 Nov 2022 18:38:25 GMT
age: 1281
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 19 Nov 2022 18:59:46 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
strato-editor.com/cm4all-beng-proxy/beng-proxy.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/cm4all-beng-proxy/beng-proxy.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /cm4all-beng-proxy/beng-proxy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/cm4all-beng-proxy/beng-proxy.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/css/deploy.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/css/deploy.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/beng-editor/5.1.96/css/deploy.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/css/deploy.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/jquery-1.7/jquery.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/jquery-1.7/jquery.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/jquery-1.7/jquery.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/jquery-1.7/jquery.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/prototype-1.7.3/prototype.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/prototype-1.7.3/prototype.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/prototype-1.7.3/prototype.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/prototype-1.7.3/prototype.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/jslib/1.2.1/js/legacy.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/jslib/1.2.1/js/legacy.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/jslib/1.2.1/js/legacy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/jslib/1.2.1/js/legacy.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/js/deploy.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/js/deploy.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/res/static/beng-editor/5.1.96/js/deploy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/js/deploy.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/uro/assets/js/uro-min.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/uro/assets/js/uro-min.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/uro/assets/js/uro-min.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/uro/assets/js/uro-min.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
www.sauna-bb.com/.cm4all/widgetres.php/cm4all.com.widgets.CookiePolicy/show.js?v=3.1.46
81.169.145.80200 OK 4.3 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/widgetres.php/cm4all.com.widgets.CookiePolicy/show.js?v=3.1.46
IP 81.169.145.80:0
Hash 8e1283486082c0fe4dd3b822f4c654d0
d004e335b63b078bbd3533e614040ed82f5f3b89
1f9651cb78e6dcd9c1e7d58470aaad75e0ddc78d2030f42a6efaf287c89ff98e
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/widgetres.php/cm4all.com.widgets.CookiePolicy/show.js?v=3.1.46 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
access-control-allow-origin: *
cache-control: max-age=31536000
content-length: 4289
Last-Modified: Mon, 12 Sep 2022 17:45:56 GMT
Content-Type: text/javascript;charset=UTF-8
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
www.sauna-bb.com/.cm4all/handler.php/vars.css?v=20211001072710
81.169.145.80200 OK 34 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/handler.php/vars.css?v=20211001072710
IP 81.169.145.80:0
File type ASCII text, with very long lines (2341)
Hash 2cd1b97c2bdb7bd51a7e62509e2d2204
a62dddeff7817b88cf8cb8b6dc72e91ab7dae36b
01a8d223ff2d4a9b0aa25205915f6d991b90e6678fbf2feef1392aef84dcac21
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/handler.php/vars.css?v=20211001072710 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
accept-ranges: bytes
Last-Modified: Mon, 21 Mar 2022 14:12:57 GMT
etag: "30-fe41e856-623887e9"
content-length: 33508
Content-Type: text/css
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4cef3693091b873deec131905dbe0c32
65722877ab43c9d0aa1fb8a8ede3ac02a2a8aaeb
aae0d4e5f87f754fb486f6b4b61ac15d627b097a711772fbbe90229c14454747
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=161056
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "6378f6a1-1d7"
Expires: Mon, 21 Nov 2022 15:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4cef3693091b873deec131905dbe0c32
65722877ab43c9d0aa1fb8a8ede3ac02a2a8aaeb
aae0d4e5f87f754fb486f6b4b61ac15d627b097a711772fbbe90229c14454747
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=161056
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "6378f6a1-1d7"
Expires: Mon, 21 Nov 2022 15:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4cef3693091b873deec131905dbe0c32
65722877ab43c9d0aa1fb8a8ede3ac02a2a8aaeb
aae0d4e5f87f754fb486f6b4b61ac15d627b097a711772fbbe90229c14454747
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=161056
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "6378f6a1-1d7"
Expires: Mon, 21 Nov 2022 15:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4cef3693091b873deec131905dbe0c32
65722877ab43c9d0aa1fb8a8ede3ac02a2a8aaeb
aae0d4e5f87f754fb486f6b4b61ac15d627b097a711772fbbe90229c14454747
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=161056
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "6378f6a1-1d7"
Expires: Mon, 21 Nov 2022 15:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css
81.169.145.190200 OK 1.4 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css
IP 81.169.145.190:0
File type ASCII text, with very long lines (17053), with no line terminators
Hash f8d41664a1c1fe6e4207b32b84d35078
2480a26952c3743d5181af3ce0f0382b3cc64017
0d6558850bc0bd5af8a0a59abff645384c823bac90a3401f77e113d86bd67f05
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/css/slideshow-common.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Fri, 26 Aug 2022 14:44:56 GMT
etag: "fe02-1152-6308dc68"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 1363
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/cm4all-beng-proxy/beng-proxy.js
81.169.145.190200 OK 2.1 kB URL HTTP/1.1 strato-editor.com/cm4all-beng-proxy/beng-proxy.js
IP 81.169.145.190:0
Hash 194b854bb4b1aacf06882b7814ed4144
b4dcb3ebacb808dd8c52c665f72b8eaa1a4f5c18
7fb84e626da5c118db0e95e5649a1e26c5c0a36fbc4a4c77edc367cb50ec741c
GET /cm4all-beng-proxy/beng-proxy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Wed, 31 Aug 2022 19:42:53 GMT
etag: "fe02-2ba-630fb9bd"
expires: Sun, 20 Nov 2022 18:59:47 GMT
content-type: application/javascript
accept-ranges: bytes
content-length: 2076
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css
81.169.145.190200 OK 712 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css
IP 81.169.145.190:0
File type Unicode text, UTF-8 text, with very long lines (1897), with no line terminators
Hash fe0514092f0cd641839ce9f01bd56e12
5a93bb83d3f336d6a006e705a620d609594de8b0
9b1a3edb9ad384708b7cff2184b22236be355c2f81a646d2baf27c9c1752f32a
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/css/widget-runtime.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Fri, 26 Aug 2022 14:44:54 GMT
etag: "fe02-1355-6308dc66"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 712
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css
81.169.145.190200 OK 31 kB URL HTTP/1.1 strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css
IP 81.169.145.190:0
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /.cm4all/e/static/3rdparty/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Mon, 24 Oct 2016 15:52:54 GMT
etag: "fe02-c2c01-580e2e56"
expires: Sun, 20 Nov 2022 18:59:47 GMT
content-type: text/css
accept-ranges: bytes
content-length: 31000
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/jslib/1.2.1/js/legacy.js
81.169.145.190200 OK 9.6 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/jslib/1.2.1/js/legacy.js
IP 81.169.145.190:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (30284), with no line terminators
Hash 464c4992741d025d784e071546497a96
a465ba7f3a2db951e37ec54d1d71e9d752f75091
087a61135449b4662b88e1ab9ac607001cd103673197a0130b258c2d12077af8
GET /.cm4all/res/static/jslib/1.2.1/js/legacy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Mon, 01 Aug 2022 12:44:15 GMT
etag: "fe02-207f5-62e7ca9f"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 9648
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4cef3693091b873deec131905dbe0c32
65722877ab43c9d0aa1fb8a8ede3ac02a2a8aaeb
aae0d4e5f87f754fb486f6b4b61ac15d627b097a711772fbbe90229c14454747
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 802
Cache-Control: max-age=161056
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "6378f6a1-1d7"
Expires: Mon, 21 Nov 2022 15:44:03 GMT
Last-Modified: Sat, 19 Nov 2022 15:30:41 GMT
Server: ECS (ska/F716)
X-Cache: HIT
Content-Length: 471
strato-editor.com/.cm4all/res/static/jquery-1.7/jquery.js
81.169.145.190200 OK 40 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/jquery-1.7/jquery.js
IP 81.169.145.190:0
File type ASCII text, with very long lines (58158)
Hash 31a402cf7c2be07cab7e33027ab3950c
f63fa2eaffd4bfc6d0489ee8d2cdb0e1c5fced00
d2e2bc5c213a7e4ada9644aed43478009d46ae19831a2e1ea1d4a71ac6abb73c
GET /.cm4all/res/static/jquery-1.7/jquery.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Thu, 11 Jan 2018 14:38:20 GMT
etag: "9723af289061e4ef64b1046190459b15"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 40314
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/js/deploy.js
81.169.145.190200 OK 5.1 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/js/deploy.js
IP 81.169.145.190:0
Hash 63a05e2ff4adc6858210ee4316a414fb
f28ed1d1960adebd6bc5372880eec1be20cbf276
5dce5ae382b286936ce51a1385870a92aff941d2fb36eef619a7407180ea5342
GET /.cm4all/res/static/beng-editor/5.1.96/js/deploy.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Mon, 01 Aug 2022 11:39:49 GMT
etag: "fe02-c3e-62e7bb85"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 5119
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/prototype-1.7.3/prototype.js
81.169.145.190200 OK 34 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/prototype-1.7.3/prototype.js
IP 81.169.145.190:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 263ea58207bc1d8ed3bd089ed31a32b6
928e6e446e9e0be82af358efe95ef7f322eb8cc4
5f024b0c2bc38035a39566e5f95ea96aa8639852df5001c63d5dfaaff6f08f9b
GET /.cm4all/res/static/prototype-1.7.3/prototype.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Fri, 29 Sep 2017 11:41:30 GMT
etag: "dbe3e04290c71b72eb1e7c864bb86d94"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 34085
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js
81.169.145.190200 OK 6.3 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js
IP 81.169.145.190:0
File type HTML document, ASCII text, with very long lines (20826), with no line terminators
Hash 5349bae1eba8c85fddb8413e1321ee7b
42cc44bfcbbcf499d12f81c9c8c4f8f5dba3d70a
e6ae44443ec547e381cb64b8735587bd499199b2ef9069274f8225e579cd0cd6
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/js/slideshow-common.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Fri, 26 Aug 2022 14:44:56 GMT
etag: "fe02-1154-6308dc68"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 6251
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/css/deploy.css
81.169.145.190200 OK 2.8 kB URL HTTP/1.1 strato-editor.com/.cm4all/res/static/beng-editor/5.1.96/css/deploy.css
IP 81.169.145.190:0
File type ASCII text, with very long lines (14253), with no line terminators
Hash 8adeef1330fa007e72470b8d1fd4872f
7f170c581de742ae23b4429f800662fb236601dd
0fad76ec09abd6e2474ac1c7e93373b0dd81ab79bb8ef12e361c123380892139
GET /.cm4all/res/static/beng-editor/5.1.96/css/deploy.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Mon, 01 Aug 2022 11:39:49 GMT
etag: "fe02-bdf-62e7bb85"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 2793
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/uro/assets/js/uro-min.js
81.169.145.190200 OK 500 B URL HTTP/1.1 strato-editor.com/.cm4all/uro/assets/js/uro-min.js
IP 81.169.145.190:0
File type ASCII text, with very long lines (859)
Hash 9513a0f4643d6f4b38b5a38a15d7b862
6abbd7039a2d98e0b5baf9feb5f6b36a78e3de9c
cbb5a90477e239ad22edb9e023000e6157588136e5e90d0a775de446bdef2742
GET /.cm4all/uro/assets/js/uro-min.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Wed, 07 Sep 2022 14:31:18 GMT
etag: "fe02-2337f-6318ab36"
expires: Sun, 20 Nov 2022 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 500
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css
81.169.145.190200 OK 20 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css
IP 81.169.145.190:0
Hash 3970e82605c7d109bb348fc94e9eecc0
e03849ea786b9f7b28a35c17949e85a93eb1cff1
f5d031af01f137ae07fa71720fab94d16cc8a2a59868766002918b7c240f3967
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/cm-templates-global-style.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 22 Jun 2021 22:07:46 GMT
etag: "30-ff295818-60d25f32"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 20
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css
81.169.145.190200 OK 1.9 kB URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css
IP 81.169.145.190:0
File type Unicode text, UTF-8 text, with very long lines (577)
Hash 64bf7df772991eb04ae6be5cf2a26226
9fa6852d6086bf6a71f28ad30a5c91dba7f5c5aa
370dac6f9c891cf9ded5fdb5b70db1de5d4f06129add442d80e2b92f7b05eb3b
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/main.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 22 Jun 2021 22:07:46 GMT
etag: "30-ff29581d-60d25f32"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 1887
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js
81.169.145.190200 OK 1.7 kB URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js
IP 81.169.145.190:0
File type ASCII text, with CRLF line terminators
Hash a9e30bcc399332add787da3669110b23
1ed0808c90b8f36451725380279b68ae9cf95e38
5a9c8b87d67ee97a96ef714c4c33b773bc6ae6076bd5c3f702012be81b0a9a1f
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/effects.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 01 Jun 2021 06:58:20 GMT
etag: "30-fea92ba5-60b5da8c"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 1679
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css
81.169.145.190200 OK 789 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css
IP 81.169.145.190:0
Hash 5232627ec2cf7992b6b7efefea9ec3dc
f1787333e2bee842e43e93d6c9a3d42098999446
12c7d9580aaa49d45d6b1af0e01313f3a6becf132bbff7d55b95a33f5cf9bd25
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/css/responsive.css HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 22 Jun 2021 22:07:46 GMT
etag: "30-ff295820-60d25f32"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: text/css
content-encoding: gzip
vary: accept-encoding
content-length: 789
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js
81.169.145.190200 OK 1.1 kB URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js
IP 81.169.145.190:0
Hash cab9f5d77561d61b01e828e93df6e98b
528d4ddad9bdd50ea82703e59fe20208d1abfe53
2943faf86da4e53dcefe329d051177edc2dda8ccb7a5f01f5eff5c47b0d37118
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm_template-focus-point.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 04 May 2021 11:02:40 GMT
etag: "30-fea92ba4-609129d0"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 1146
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js
81.169.145.190200 OK 224 B URL HTTP/1.1 strato-editor.com/.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js
IP 81.169.145.190:0
Hash 4216771b2a7fe6a4d18a4a39f50d4aad
cb04355db7124ec8f48d1f01bc123825b31df55b
8aaeace939906ff79ce8cb2a5752d01771fa2c94b4645c9b82e8da712f3cdf7b
GET /.cm4all/designs/static/sys/cm_dux_088_2/1624399668.32/js/cm-templates-global-script.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Tue, 22 Jun 2021 11:34:20 GMT
etag: "30-ff295825-60d1cabc"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 224
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 19 Nov 2022 18:25:01 GMT
cache-control: public,max-age=3600
age: 2086
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.sauna-bb.com/.cm4all/uproc.php/0/.iStock-831925822.mov/poster?_=17bab4f82eb
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/.iStock-831925822.mov/poster?_=17bab4f82eb
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/.iStock-831925822.mov/poster?_=17bab4f82eb HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/.iStock-831925822.mov/poster
Content-Type: text/html
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
fonts.cm4all.net/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Comfortaa:300,regular,500,600,700|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
85.215.6.125200 OK 2.2 kB URL HTTP/1.1 fonts.cm4all.net/css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Comfortaa:300,regular,500,600,700|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
IP 85.215.6.125:0
File type ASCII text, with very long lines (2199), with no line terminators
Hash afc67cb231a7fe7da733a749e8853263
ac713e56563bfc614904b7730e3b54018ee21138
dce05b55f7d9b531e1e4b615a082882fe3e160f23f34438a22c857433e787392
GET /css?subset=cyrillic,cyrillic-ext,devanagari,greek,greek-ext,khmer,latin,latin-ext,vietnamese&family=Open+Sans:300,regular,500,600,700,800,300italic,italic,500italic,600italic,700italic,800italic|Comfortaa:300,regular,500,600,700|Montserrat:100,100italic,200,200italic,300,300italic,regular,italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic HTTP/1.1
Host: fonts.cm4all.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Strict-Transport-Security: max-age=31536000
Expires: Sat, 19 Nov 2022 18:59:47 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Accept-Ranges: none
Vary: Accept-Encoding
strato-editor.com/.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref=
81.169.145.190301 Moved Permanently 26 B URL HTTP/1.1 strato-editor.com/.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref=
IP 81.169.145.190:0
File type ASCII text, with no line terminators
Hash 2ef27b5421b25c11cb1cad8fabc6348f
d57fa451961aad67be222caa47da7de7e2ac2cb4
ee6730380abe73154592c1e2e1f2065240df51c128f28debfef73d76ae9afe60
GET /.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref= HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
HTTP/1.1 301 Moved Permanently
location: https://strato-editor.com/.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref=
content-type: text/plain
content-length: 26
date: Sat, 19 Nov 2022 18:59:47 GMT
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc3ec65ccf7ff94ae7100b0dfcf95511
554ca7450b72598cdf02eaca25b0b12de625cb04
a755f0cb16a9266e2e4de4770edd38cbd9e22b2468b0b06a9070464795258aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A755F0CB16A9266E2E4DE4770EDD38CBD9E22B2468B0B06A9070464795258AA1"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sat, 19 Nov 2022 20:55:51 GMT
Date: Sat, 19 Nov 2022 18:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc3ec65ccf7ff94ae7100b0dfcf95511
554ca7450b72598cdf02eaca25b0b12de625cb04
a755f0cb16a9266e2e4de4770edd38cbd9e22b2468b0b06a9070464795258aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A755F0CB16A9266E2E4DE4770EDD38CBD9E22B2468B0B06A9070464795258AA1"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sat, 19 Nov 2022 20:55:51 GMT
Date: Sat, 19 Nov 2022 18:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc3ec65ccf7ff94ae7100b0dfcf95511
554ca7450b72598cdf02eaca25b0b12de625cb04
a755f0cb16a9266e2e4de4770edd38cbd9e22b2468b0b06a9070464795258aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A755F0CB16A9266E2E4DE4770EDD38CBD9E22B2468B0B06A9070464795258AA1"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sat, 19 Nov 2022 20:55:51 GMT
Date: Sat, 19 Nov 2022 18:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc3ec65ccf7ff94ae7100b0dfcf95511
554ca7450b72598cdf02eaca25b0b12de625cb04
a755f0cb16a9266e2e4de4770edd38cbd9e22b2468b0b06a9070464795258aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A755F0CB16A9266E2E4DE4770EDD38CBD9E22B2468B0B06A9070464795258AA1"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sat, 19 Nov 2022 20:55:51 GMT
Date: Sat, 19 Nov 2022 18:59:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash cc3ec65ccf7ff94ae7100b0dfcf95511
554ca7450b72598cdf02eaca25b0b12de625cb04
a755f0cb16a9266e2e4de4770edd38cbd9e22b2468b0b06a9070464795258aa1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A755F0CB16A9266E2E4DE4770EDD38CBD9E22B2468B0B06A9070464795258AA1"
Last-Modified: Sat, 19 Nov 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6964
Expires: Sat, 19 Nov 2022 20:55:51 GMT
Date: Sat, 19 Nov 2022 18:59:47 GMT
Connection: keep-alive
www.sauna-bb.com/.cm4all/uproc.php/0/.iStock-831925822.mov/video.mp4?_=17bab4f82eb
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/.iStock-831925822.mov/video.mp4?_=17bab4f82eb
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/.iStock-831925822.mov/video.mp4?_=17bab4f82eb HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Range: bytes=0-
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/.iStock-831925822.mov/video.mp4
Content-Type: text/html
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sauna-bb.com/.cm4all/uproc.php/0/SaunaGif.gif?_=17bb829a143
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/SaunaGif.gif?_=17bb829a143
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/SaunaGif.gif?_=17bb829a143 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/SaunaGif.gif
Content-Type: text/html
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sauna-bb.com/.cm4all/uproc.php/0/.logoHPH.png/picture-1200?_=17b8d7e5924
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/.logoHPH.png/picture-1200?_=17b8d7e5924
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/.logoHPH.png/picture-1200?_=17b8d7e5924 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/.logoHPH.png/picture-1200
Content-Type: text/html
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
strato-editor.com/.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref=
81.169.145.190200 OK 43 B URL HTTP/1.1 strato-editor.com/.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref=
IP 81.169.145.190:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
GET /.cm4all/_pixel.img?site=1984929--KcT9PYn&page=pid_5248150&path=%2Fhome%2Findex.php%2F&nt=HOME&domain=www.sauna-bb.com&ref= HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-length: 43
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
cache-control: no-store, no-cache, must-revalidate
content-type: image/gif
expires: Sat, 01 Jan 2000 00:00:00 UTC
set-cookie: vid=0718800CEC2325069B457C9236A17E522DBD; Expires=Sat, 26 Nov 2022 18:59:47 GMT; SameSite=None; Secure
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 060d538b33e370fcd033339830d33a42
4a37d427988358eb318e18e2678c3484ef4a5ebd
efa33f92547243814b5bd3bca4f94d26055d590a4431611b3ba251a8d774bfbb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2737
Cache-Control: max-age=139962
Content-Type: application/ocsp-response
Date: Sat, 19 Nov 2022 18:59:47 GMT
Etag: "63789cac-1d7"
Expires: Mon, 21 Nov 2022 09:52:29 GMT
Last-Modified: Sat, 19 Nov 2022 09:06:52 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
fonts.cm4all.net/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
85.215.6.125200 OK 29 kB URL HTTP/2 fonts.cm4all.net/s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2
IP 85.215.6.125:0
File type Web Open Font Format (Version 2), TrueType, length 28712, version 1.0\012- data
Hash 1520051846f9dcefc38cdb90fc8b3456
057acb7bd46dfcf39244fb3582d560d98425e444
d3295fbcef086eb975b0fdcc4b929f0c59d4daf848dba6982a6aa915eb3011e0
GET /s/comfortaa/v40/1Ptsg8LJRfWJmhDAuUs4TYFq.woff2 HTTP/1.1
Host: fonts.cm4all.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sauna-bb.com
Connection: keep-alive
Referer: http://fonts.cm4all.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 18:59:47 GMT
content-type: font/woff2
content-length: 28712
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
expires: Tue, 14 Nov 2023 22:56:30 GMT
cache-control: public, max-age=31536000
age: 376249
last-modified: Fri, 24 Jun 2022 19:20:35 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.sauna-bb.com/.cm4all/uproc.php/0/HannesSitztaufderSauna?_=17bb7d476dd
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/HannesSitztaufderSauna?_=17bb7d476dd
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/HannesSitztaufderSauna?_=17bb7d476dd HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/HannesSitztaufderSauna
Content-Type: text/html
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sauna-bb.com/.cm4all/uproc.php/0/HS.gif?_=17bb7cfb257
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/HS.gif?_=17bb7cfb257
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/HS.gif?_=17bb7cfb257 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/HS.gif
Content-Type: text/html
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sauna-bb.com/.cm4all/uproc.php/0/GutenMorgenHannes?_=17bb7d2c010
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/GutenMorgenHannes?_=17bb7d2c010
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/GutenMorgenHannes?_=17bb7d2c010 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/GutenMorgenHannes
Content-Type: text/html
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
fonts.cm4all.net/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
85.215.6.125200 OK 45 kB URL HTTP/2 fonts.cm4all.net/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 85.215.6.125:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.cm4all.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sauna-bb.com
Connection: keep-alive
Referer: http://fonts.cm4all.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 18:59:47 GMT
content-type: font/woff2
content-length: 44856
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
expires: Tue, 14 Nov 2023 18:50:24 GMT
cache-control: public, max-age=31536000
age: 365013
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
fonts.cm4all.net/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
85.215.6.125200 OK 31 kB URL HTTP/2 fonts.cm4all.net/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 85.215.6.125:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.cm4all.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sauna-bb.com
Connection: keep-alive
Referer: http://fonts.cm4all.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 19 Nov 2022 18:59:47 GMT
content-type: font/woff2
content-length: 30928
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
expires: Wed, 15 Nov 2023 16:06:09 GMT
cache-control: public, max-age=31536000
age: 310753
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.sauna-bb.com/.cm4all/uproc.php/0/.canstockphoto27891272.jpg/picture-1600?_=17b93844788
81.169.145.80302 Found 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/uproc.php/0/.canstockphoto27891272.jpg/picture-1600?_=17b93844788
IP 81.169.145.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/uproc.php/0/.canstockphoto27891272.jpg/picture-1600?_=17b93844788 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 302 Found
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
X-Powered-By: PHP/7.4.32
Location: /./.cm4all/mediadb/canstockphoto27891272.jpg
Content-Type: text/html
Keep-Alive: timeout=3, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
www.sauna-bb.com/.cm4all/mediadb/.iStock-831925822.mov/poster
81.169.145.80200 OK 48 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/.iStock-831925822.mov/poster
IP 81.169.145.80:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, comment: "Lavc58.35.100", baseline, precision 8, 1280x720, components 3\012- data
Hash 42b681d4dba1066658b14eac4d83be07
0cf8c8bb6338e59485899ac4ec2d3158bc315082
6638f3330cf244890a1a898e27d0b239d8e274331569ee166262e41fe159351d
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/.iStock-831925822.mov/poster HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Fri, 03 Sep 2021 10:59:29 GMT
ETag: "bbe9-5cb1531836640"
Accept-Ranges: bytes
Content-Length: 48105
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
81.169.145.190200 OK 77 kB URL HTTP/1.1 strato-editor.com/.cm4all/e/static/3rdparty/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 81.169.145.190:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
GET /.cm4all/e/static/3rdparty/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://www.sauna-bb.com
Connection: keep-alive
Referer: https://strato-editor.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Mon, 24 Oct 2016 15:52:54 GMT
etag: "fe02-c2bf9-580e2e56"
expires: Sun, 20 Nov 2022 18:59:47 GMT
content-type: application/font-woff2
accept-ranges: bytes
access-control-allow-origin: *
access-control-allow-headers: X-Requested-With
content-length: 77160
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
www.sauna-bb.com/.cm4all/mediadb/.logoHPH.png/picture-1200
81.169.145.80200 OK 59 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/.logoHPH.png/picture-1200
IP 81.169.145.80:0
File type PNG image data, 1200 x 720, 8-bit/color RGBA, non-interlaced\012- data
Hash 297e2a30665eb9a252ce56a1ae736721
8f781fe1e791b5555885aab037bffcf660f9d44b
e688cb0144d45ef3f2099321d714100cd10dfe2aab08d294f297fd39a3675635
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/.logoHPH.png/picture-1200 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sat, 28 Aug 2021 16:01:17 GMT
ETag: "e826-5caa0b5c94d40"
Accept-Ranges: bytes
Content-Length: 59430
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
push.services.mozilla.com/
35.161.136.21101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.136.21:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DLCwNpPoXJJt6jAmHMW/kA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: l6W4K1SOaa6KVrNOrVAVqQqBYso=
www.sauna-bb.com/.cm4all/mediadb/canstockphoto27891272.jpg
81.169.145.80200 OK 629 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/canstockphoto27891272.jpg
IP 81.169.145.80:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1600x1200, components 3\012- data
Size 629 kB (629053 bytes)
Hash 3a29fb79e95f98ac678073426722e2ff
86330d91a7a51ff489b358f9c0048b30e6dc7e5d
230e55becae3038a1ca0992d38a4b1d88b943e09c430f123ea31b78bd80dda82
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/canstockphoto27891272.jpg HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sun, 29 Aug 2021 20:05:25 GMT
ETag: "9993d-5cab83cb76b40"
Accept-Ranges: bytes
Content-Length: 629053
Keep-Alive: timeout=3, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.sauna-bb.com/.cm4all/sysdb/favicon/icon-196x196_91e2fcd.png
81.169.145.80200 OK 12 kB URL HTTP/1.1 www.sauna-bb.com/.cm4all/sysdb/favicon/icon-196x196_91e2fcd.png
IP 81.169.145.80:0
File type PNG image data, 196 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash b85e501587ec9ae502254fdb0cde279f
9340895dfc289b71ba2e329cd3f879d91d8c6723
86abd9013ea4d18206e8315302d47d51a61d6cfd4ce9a8ff27eadcbf11a05c06
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/sysdb/favicon/icon-196x196_91e2fcd.png HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.sauna-bb.com/
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:48 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Fri, 01 Oct 2021 07:27:12 GMT
ETag: "2f9a-5cd457de2b400"
Accept-Ranges: bytes
Content-Length: 12186
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 18:59:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 18:59:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 18:59:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 18:59:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f7c5da16d7c4384a4c2454d6b0d84710
69fd80fdf2f1ce27b25617589c867cd1c6e5d2ab
a80d1b813523e44d2e59d7c2edd6919c0354873637bb15bccc88f66f5c24e05d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A80D1B813523E44D2E59D7C2EDD6919C0354873637BB15BCCC88F66F5C24E05D"
Last-Modified: Thu, 17 Nov 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13271
Expires: Sat, 19 Nov 2022 22:41:00 GMT
Date: Sat, 19 Nov 2022 18:59:49 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 481c033b9ffd030ff0de6e35cf788b47
85d3baad9217af2b5d75c019d2ef95dbb919a788
02443c7869914c2b29892deb0c645395bcf4e8379da3cf20974614ff9c92893b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fac98a873-8b46-43f5-9ac0-fc1cc1a0cd81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11249
x-amzn-requestid: 65a3db77-b2e6-40b9-a776-021c2e9b56d0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bubSsHbZoAMFZNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6375a5aa-1286b97968cc2e4c7fe8ab29;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PYoD_MxycYfiNvyRlBnLWCcyqQK9sZi8y2ir1U9eCavNoAB-3oFcxg==
via: 1.1 38eecd3ca21bf068d69a2f9cfe668d14.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 03:43:53 GMT
age: 54956
etag: "85d3baad9217af2b5d75c019d2ef95dbb919a788"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d6b026c34985bbf2ebf89a62d0724c66
72369ebeccf447fa91ef77711d6297063c99777e
e5598ada634274ab9995dedda8c1fd18344abcfdd49b3a1aaede0a86fafc0f40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc0d2467c-b158-442b-92be-e4cb236d17fa.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3035
x-amzn-requestid: 3e3f3a7f-9a1d-4b37-b932-22c6e3e638f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: b0QRcFOuoAMF_fQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6377fa6f-09dc20ea5620dd167e3f7265;Sampled=0
x-amzn-remapped-date: Fri, 18 Nov 2022 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xvVfLfP2DUilu7GSJMGArO90Kdoq5cPBVtmtyVjZmX5ZKnvOjpR_UQ==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:36:25 GMT
age: 77004
etag: "72369ebeccf447fa91ef77711d6297063c99777e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
34.120.237.76200 OK 3.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e9f6e24e829065d4f201b4c9d9c8fd1
317ec439968641329b83210f7fcab59023310077
d1d304d12f3e1c2ad9cf9279bbb7cab4a954942ab86f41d5333e030cdc7a55c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F680965e1-a075-4bd9-8788-73e1a3c92de2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3842
x-amzn-requestid: 8effd7ec-299f-471f-8746-3cb81d94998b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: boYBREE6oAMFmfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63733a07-46160f6159dfb4a729e5d688;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 07:04:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 37fj6lqvqFTCEPkclxpI6OuYvlIB57GI2bS4wySNP3X4eQ3Lwy3WQA==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 10:26:23 GMT
age: 30806
etag: "317ec439968641329b83210f7fcab59023310077"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a9d32fa3866dd741de610a61a93ad893
4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e
4492338de536cfae6fb42fd37170c60f4fbc281a2a924efe6d2b5af352cd102c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1b43b0-5ba1-4c6c-9a53-bfae9befdd7d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6344
x-amzn-requestid: cac35b04-be3b-4ae1-bb5e-8cedcd7a7db4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: btqOVFCXIAMFcOg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63755728-45c28fa333b748520be29b57;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 21:33:28 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RQqPegf6sdVW0qmrGnUo6EORLuT7BRikwhtF08LAxWNCpLGwGZnG8Q==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:34:18 GMT
age: 77131
etag: "4cb2141b1ef1e5bf19a3b355995dcd8fa36f695e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b2b393e36ee2c9649d90db136aa49542
e88c5832ff0c49bab181d948c3a510d88343bb6f
8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: WpaBFpaCu0GBiHiiQzCCsyXrA7uzesHS92c_PsgxROxPkqjZ8RyI6Q==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Fri, 18 Nov 2022 21:52:45 GMT
age: 76024
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 459df915ce91b32b2dcc4850516d68a0
d7a5473d367e7965a4af55acbf4675ed7088fab2
a03e26ebee79ad9b9dda1bf680e0d2467ae6d5e582589ada9fe6ddfa437c483c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47c537d4-e03f-4ec6-8922-6dce72c72ab9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4851
x-amzn-requestid: 8c868655-d0eb-428d-9fc0-a7449f770bd4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: brtDFF9HoAMFV9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63748ee0-4f7daf8f7451dc5e0840f620;Sampled=0
x-amzn-remapped-date: Wed, 16 Nov 2022 07:18:56 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: xirMw5z5GPbmx9Sii_I4iNeh1GS5k9lGmaaJvUGAPWoVyP0Tldhf1w==
via: 1.1 e9ba0a9a729ff2960a04323bf1833df8.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Sat, 19 Nov 2022 07:17:42 GMT
age: 42127
etag: "d7a5473d367e7965a4af55acbf4675ed7088fab2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.sauna-bb.com/.cm4all/mediadb/GutenMorgenHannes
81.169.145.80200 OK 5.2 MB URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/GutenMorgenHannes
IP 81.169.145.80:0
File type GIF image data, version 89a, 5472 x 3080\012- data
Size 5.2 MB (5187915 bytes)
Hash d66a520ca75865d7ff4aaadc78a4c619
aaed2d0a05ebe2cac32b996e9c11be5494abee7f
7e3cafe83f1039c55ae197b39f03206b8337231da3250937488c55ca5cd75300
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/GutenMorgenHannes HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sun, 05 Sep 2021 21:17:32 GMT
ETag: "4f294b-5cb460f83d300"
Accept-Ranges: bytes
Content-Length: 5187915
Keep-Alive: timeout=3, max=98
Connection: Keep-Alive
www.sauna-bb.com/.cm4all/mediadb/HannesSitztaufderSauna
81.169.145.80200 OK 5.5 MB URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/HannesSitztaufderSauna
IP 81.169.145.80:0
File type GIF image data, version 89a, 5472 x 3080\012- data
Size 5.5 MB (5504248 bytes)
Hash 877e670af7e27d483c683999858a5cf6
74047eb7ee3e463e5954a3df53ac9947e0713c33
648c5f58bdcdc65d987aa4b3aa967072ebf97246c7a1fe129a16013b6b9fb19c
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/HannesSitztaufderSauna HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sun, 05 Sep 2021 21:19:22 GMT
ETag: "53fcf8-5cb4616124a80"
Accept-Ranges: bytes
Content-Length: 5504248
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
www.sauna-bb.com/.cm4all/mediadb/SaunaGif.gif
81.169.145.80200 OK 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/SaunaGif.gif
IP 81.169.145.80:0
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/SaunaGif.gif HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sun, 05 Sep 2021 22:52:39 GMT
ETag: "1af4bcc-5cb4763adbbc0"
Accept-Ranges: bytes
Content-Length: 28265420
Keep-Alive: timeout=3, max=99
Connection: Keep-Alive
Content-Type: image/gif
strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js
81.169.145.190200 OK 0 B URL HTTP/1.1 strato-editor.com/.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js
IP 81.169.145.190:0
GET /.cm4all/res/static/libcm4all-js-widget/3.87.12/js/widget-runtime.js HTTP/1.1
Host: strato-editor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
last-modified: Fri, 26 Aug 2022 14:44:54 GMT
etag: "fe02-1356-6308dc66"
expires: Sun, 19 Nov 2023 18:59:47 GMT
content-type: application/javascript
content-encoding: gzip
vary: accept-encoding
content-length: 36446
date: Sat, 19 Nov 2022 18:59:47 GMT
server: CM4all Webserver
www.sauna-bb.com/.cm4all/mediadb/.iStock-831925822.mov/video.mp4
81.169.145.80206 Partial Content 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/.iStock-831925822.mov/video.mp4
IP 81.169.145.80:0
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/.iStock-831925822.mov/video.mp4 HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: video/webm,video/ogg,video/*;q=0.9,application/ogg;q=0.7,audio/*;q=0.6,*/*;q=0.5
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Range: bytes=0-
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 206 Partial Content
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Fri, 03 Sep 2021 10:59:36 GMT
ETag: "2fd3e5-5cb1531ee3600"
Accept-Ranges: bytes
Content-Length: 3134437
Content-Range: bytes 0-3134436/3134437
Keep-Alive: timeout=3, max=97
Connection: Keep-Alive
Content-Type: video/mp4
www.sauna-bb.com/.cm4all/mediadb/HS.gif
81.169.145.80200 OK 0 B URL HTTP/1.1 www.sauna-bb.com/.cm4all/mediadb/HS.gif
IP 81.169.145.80:0
Analyzer Verdict Alert quad9 Sinkholed
GET /.cm4all/mediadb/HS.gif HTTP/1.1
Host: www.sauna-bb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://www.sauna-bb.com/
Connection: keep-alive
Cookie: beng_proxy_session=d177bcb446c3c83500000000d02991c1
HTTP/1.1 200 OK
Date: Sat, 19 Nov 2022 18:59:47 GMT
Server: Apache/2.4.54 (Unix)
Last-Modified: Sun, 05 Sep 2021 21:14:40 GMT
ETag: "2654dac-5cb4605435000"
Accept-Ranges: bytes
Content-Length: 40193452
Keep-Alive: timeout=3, max=100
Connection: Keep-Alive
Content-Type: image/gif