167.71.46.139/
167.71.46.139200 OK 14 kB IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text
Hash d732f73dd51fe059dff165701681d05a
0a9c6206269f4203e872e7f3f9dd3e6fb4ccb9fb
0e1984790a186eb9175bdb15c2084cd4fc46c5955f7be48b847ce10317c2d119
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:30 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
Last-Modified: Tue, 06 Dec 2022 01:14:30 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: private, no-cache, max-age=0
X-XF-Debug-Stats: {"time":0.0493,"queries":11,"memory":4.09}
Content-Encoding: gzip
Vary: Accept-Encoding
Set-Cookie: xf_csrf=weiIdMQzByi1uXPp; path=/
Content-Length: 13771
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6385
Expires: Tue, 06 Dec 2022 03:00:56 GMT
Date: Tue, 06 Dec 2022 01:14:31 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ee088fab9b287e174cfd1f2c735a909f
25c3335b514a36ad1a24d00413d60c3d394f5161
494e96358ff12366213d7cc0f9197648c6c62ec14fa0d2c78732a683fa26b192
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5545
Cache-Control: max-age=125353
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Etag: "638dc877-1d7"
Expires: Wed, 07 Dec 2022 12:03:44 GMT
Last-Modified: Mon, 05 Dec 2022 10:31:19 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 06 Dec 2022 00:18:32 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3359
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8946
Expires: Tue, 06 Dec 2022 03:43:37 GMT
Date: Tue, 06 Dec 2022 01:14:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: XHBnayarsDSS9q5U0dudoiArO17S5IsIw938mzE45mDl6jC5uyBrpaX2IWky1122aNKhiLCstrw=
x-amz-request-id: 872WKWS79PMNK1CE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 06 Dec 2022 00:48:43 GMT
age: 1548
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 06 Dec 2022 01:14:31 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
167.71.46.139/js/xf/preamble.min.js?_v=f73d2470
167.71.46.139200 OK 1.6 kB URL HTTP/1.1 167.71.46.139/js/xf/preamble.min.js?_v=f73d2470
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (506)
Hash 0cac7be96f8931cd1dfae88dc22f3fb6
08d883702b068e1772283b65eab6cebbde9108d7
e2c45f1576c5c2a783db8ea34f2788aa2bb3ed70585cb65b3401a017c5cf66a5
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xf/preamble.min.js?_v=f73d2470 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:30 GMT
ETag: "c4a-5c67a9d49b3b8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1561
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
167.71.46.139/css.php?css=public%3Alightslider.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Axfmg_media_list.less%2Cpublic%3Aextra.less&s=1&l=3&d=1668975348&k=365e01a4d4c2265f75555afba7a4b2e8f5e3f96a
167.71.46.139200 OK 6.4 kB URL HTTP/1.1 167.71.46.139/css.php?css=public%3Alightslider.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Axfmg_media_list.less%2Cpublic%3Aextra.less&s=1&l=3&d=1668975348&k=365e01a4d4c2265f75555afba7a4b2e8f5e3f96a
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
Hash 796abccf0328c5dab73d5e82cf07abf8
d1982b60367776f870ea8d3dc5ea48bda7d7d773
71c226ba5f92f3d4174af61e283bde7d8dea823c7e30326022cb9eb8205b5e17
Analyzer Verdict Alert quad9 Sinkholed
GET /css.php?css=public%3Alightslider.less%2Cpublic%3Anode_list.less%2Cpublic%3Anotices.less%2Cpublic%3Axfmg_media_list.less%2Cpublic%3Aextra.less&s=1&l=3&d=1668975348&k=365e01a4d4c2265f75555afba7a4b2e8f5e3f96a HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Expires: Wed, 06 Dec 2023 01:14:31 GMT
Last-Modified: Sun, 20 Nov 2022 20:15:48 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6400
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
code.jquery.com/jquery-1.12.4.js
69.16.175.10200 OK 87 kB URL HTTP/2 code.jquery.com/jquery-1.12.4.js
IP 69.16.175.10:0
Hash 4cc1fb9dd16dba6f29268671930d0c91
dcd1f866cbd8b126e3d70ea2c26fc648db5460d4
a2a66bcd92ddb55a079903017b9d58c79c434f085ef54e69596acadbb8dc215d
GET /jquery-1.12.4.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 06 Dec 2022 01:14:31 GMT
content-encoding: gzip
content-length: 87176
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-47a36"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-hw: 1670289271.dop227.sk1.t,1670289271.cds246.sk1.hn,1670289271.cds203.sk1.c
X-Firefox-Spdy: h2
167.71.46.139/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.1
167.71.46.139200 OK 174 kB URL HTTP/1.1 167.71.46.139/styles/fonts/fa/fa-regular-400.woff2?_v=5.15.1
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 173596, version 331.-31392\012- data
Size 174 kB (173596 bytes)
Hash f3beba98d10f221fd533c55345fc6823
4902280f4a68de569f0e8fe25d2f13eb9f8daa1b
4e4cc2d5669ad1bb831c050c273dbf760a070eb5f413458cf5cd7625c594a583
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/fonts/fa/fa-regular-400.woff2?_v=5.15.1 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:32 GMT
ETag: "2a61c-5c67a9d65c75e"
Accept-Ranges: bytes
Content-Length: 173596
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7dfb548d8f8a99d32050803775fad5d6
8b47999a01db7c2217d76a1cec576809a229cf1b
68dd2a1e5a0002f4d25d3b5884ab55bc6b5a91e38f6dc464c4261b19c6e5887e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
167.71.46.139/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.1
167.71.46.139200 OK 78 kB URL HTTP/1.1 167.71.46.139/styles/fonts/fa/fa-brands-400.woff2?_v=5.15.1
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 78464, version 331.-31392\012- data
Hash ff496de99efc36ce4f6f1e611ada7e65
f6b96b15619d6c70e152ccc6901f5872b58b08be
59beb1f8f4ea7e16c50ae0652005e6f7a39f58f9deb0e155d8c8981ea99544b0
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/fonts/fa/fa-brands-400.woff2?_v=5.15.1 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:32 GMT
ETag: "13280-5c67a9d65a81e"
Accept-Ranges: bytes
Content-Length: 78464
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
167.71.46.139/js/vendor/jquery/jquery-3.5.1.min.js?_v=f73d2470
167.71.46.139200 OK 31 kB URL HTTP/1.1 167.71.46.139/js/vendor/jquery/jquery-3.5.1.min.js?_v=f73d2470
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65451)
Hash 888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendor/jquery/jquery-3.5.1.min.js?_v=f73d2470 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:30 GMT
ETag: "15d84-5c67a9d487b37-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
167.71.46.139/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.1
167.71.46.139200 OK 141 kB URL HTTP/1.1 167.71.46.139/styles/fonts/fa/fa-solid-900.woff2?_v=5.15.1
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 140996, version 331.-31392\012- data
Size 141 kB (140996 bytes)
Hash 25d740d42658b6e2c293ce7b3322aac7
41cc9ae4b5dd70fd3988059dfb864f20f99ae371
8b5a3ff47c2413e0bf3dd3bb7899a25aeef9b390a055847a1185a39ad48a2da2
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/fonts/fa/fa-solid-900.woff2?_v=5.15.1 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:32 GMT
ETag: "226c4-5c67a9d65d6fe"
Accept-Ranges: bytes
Content-Length: 140996
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
167.71.46.139/js/vendor/lightslider/lightslider.min.js?_v=f73d2470
167.71.46.139200 OK 4.9 kB URL HTTP/1.1 167.71.46.139/js/vendor/lightslider/lightslider.min.js?_v=f73d2470
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15891)
Hash 222855615270d086f09b8feb49e742cb
7c8cb48240e7aa865cd850bcb30325d015bd14bf
0f0bfd03e3926583b7e6b5ad67b4bd390acc842494f3341b9f3be34734beea21
Analyzer Verdict Alert quad9 Sinkholed
GET /js/vendor/lightslider/lightslider.min.js?_v=f73d2470 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:30 GMT
ETag: "3e97-5c67a9d488ad7-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4945
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
167.71.46.139/js/xfmg/slider.min.js?_v=f73d2470
167.71.46.139200 OK 951 B URL HTTP/1.1 167.71.46.139/js/xfmg/slider.min.js?_v=f73d2470
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (518)
Hash 7f49c4aed7792ad5aad0fe7c447c9b50
b8f36f69db52ef58a46a94bf5c88eac4f0029cbf
e0a5a6f439ff39470a85318fb2f495eff9f48b3079165aa848ae64120a900575
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xfmg/slider.min.js?_v=f73d2470 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Fri, 09 Jul 2021 08:39:41 GMT
ETag: "830-5c6acb66fad40-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 951
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
167.71.46.139/js/xf/core-compiled.js?_v=f73d2470
167.71.46.139200 OK 64 kB URL HTTP/1.1 167.71.46.139/js/xf/core-compiled.js?_v=f73d2470
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (603)
Hash 47dcc8dfdf12418ba7cede923f1415d3
32c4959abd09ddd30f63d8548831793f5f8c5f4f
6580985ca0d8c5c82f53fde5ff32a9c3c8c4e91b32a485cfb608dbeb6dd1f7c7
Analyzer Verdict Alert quad9 Sinkholed
GET /js/xf/core-compiled.js?_v=f73d2470 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 06 Jul 2021 20:53:30 GMT
ETag: "36888-5c67a9d49d2f8-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
167.71.46.139/styles/default/maagalim/klali.png
167.71.46.139200 OK 3.4 kB URL HTTP/1.1 167.71.46.139/styles/default/maagalim/klali.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 260 x 229, 8-bit/color RGBA, non-interlaced\012- data
Hash c4726aac7a4d821030a4c50ae7dfae7b
f032ed4bf247acaafeeb6c6c0ff49e5a3d71412a
a20aca5a485552689e89fded8c13beddc451c098e30f1c36f3130a4b0132802e
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/klali.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 03 Feb 2019 22:41:30 GMT
ETag: "d60-5810513c43a80"
Accept-Ranges: bytes
Content-Length: 3424
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
167.71.46.139/styles/default/maagalim/thameret.png
167.71.46.139200 OK 37 kB URL HTTP/1.1 167.71.46.139/styles/default/maagalim/thameret.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1246 x 1251, 8-bit/color RGBA, non-interlaced\012- data
Hash b91980ed7fcd752248f9752f6e356d24
e3383c4a7c4b4f4c338fef7db06337caac4821f7
72db3a46a8fbdd5c06caa687dec1f8f33602385c7abb804ac45272f1d6a94837
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/thameret.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 13 May 2020 18:57:29 GMT
ETag: "8fd3-5a58c26d43840"
Accept-Ranges: bytes
Content-Length: 36819
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
167.71.46.139/styles/default/maagalim/acfticon.png
167.71.46.139200 OK 4.7 kB URL HTTP/1.1 167.71.46.139/styles/default/maagalim/acfticon.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 142 x 158, 8-bit/color RGBA, non-interlaced\012- data
Hash 50f547577dda0b6b78d56997ea1f2d29
b541a0913b6de83250326b53c12284aca6284379
5b0ff77ef51b168ac4c27a3346a6a081f283f16cbfdbed920a3ed00efd60ffea
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/acfticon.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 30 Mar 2019 21:42:56 GMT
ETag: "1256-58556ab967800"
Accept-Ranges: bytes
Content-Length: 4694
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.googletagmanager.com/gtag/js?id=UA-131529628-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-131529628-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1921)
Hash 11e8095e53726a08e2a0695f5af0aae3
037fb4ccf8ad8b51be7db8cd292c4d20f59c483a
b3d49206c807a0449f40d46e6e6b16fe3d3f77da425b23c2bc0a12fe4cbd8704
GET /gtag/js?id=UA-131529628-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 06 Dec 2022 01:14:31 GMT
expires: Tue, 06 Dec 2022 01:14:31 GMT
cache-control: private, max-age=900
last-modified: Tue, 06 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43633
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
167.71.46.139/styles/default/maagalim/briut.png
167.71.46.139200 OK 4.4 kB URL HTTP/1.1 167.71.46.139/styles/default/maagalim/briut.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 260 x 229, 8-bit/color RGBA, non-interlaced\012- data
Hash 5555189fb7966e03d09fdfbe8dc67bcb
00390502d83793d5c22db19af99e46187c8c2634
e8c0edd1597e98fe65bf4d9b1bb1421507950e5a56e45ed490c43a520da4d862
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/briut.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 03 Feb 2019 22:41:30 GMT
ETag: "1126-5810513c43a80"
Accept-Ranges: bytes
Content-Length: 4390
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
167.71.46.139/styles/default/maagalim/mishpacha.png
167.71.46.139200 OK 5.3 kB URL HTTP/1.1 167.71.46.139/styles/default/maagalim/mishpacha.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 260 x 229, 8-bit/color RGBA, non-interlaced\012- data
Hash dd0cec49f79059368656e4ef54373dbe
5b3f800926375446bccce6c3c7e3ab4b4e261959
17f809b4ca467ba3dc52b4c205c2abd3562560d558ce5d45a0bb7b6eb2b20835
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/mishpacha.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 03 Feb 2019 22:41:30 GMT
ETag: "14d7-5810513c43a80"
Accept-Ranges: bytes
Content-Length: 5335
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c10bc583c46449dc192a809398b4e814
ff0f7ad905d32d7f3d01e4054552d0ad551503a5
defd2b2559e55c9c6c0f8be9b23c53c4e781a736feae3dd73b4d203b69cfcc57
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5f16a534222e5749ef240d413826c2f6
11683d84d420dd6f919425094edb8961278f7fed
691ebf7feb1f7d6ae7e5e7efd678626c62042dda520506f262c7d9a67a48e3ed
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 06 Dec 2022 01:11:20 GMT
cache-control: public,max-age=3600
age: 191
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
www.negishim.com/accessibility/accessibility_pro_group255.js
199.203.20.98200 OK 16 kB URL HTTP/2 www.negishim.com/accessibility/accessibility_pro_group255.js
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (65107), with no line terminators
Hash ccbe6dfe586645604192d2c01dc409db
e0797c19e8564fb7fef572d6649feee4baaf7545
b58ef2d147bc1ab338946c598ccf4ec669de6c1cf6a473400f39f32e70d44c63
GET /accessibility/accessibility_pro_group255.js HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-encoding: gzip
last-modified: Mon, 27 Aug 2018 06:17:44 GMT
accept-ranges: bytes
etag: "0f493aacd3dd41:0"
vary: Accept-Encoding
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 16363
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 2b9d6a686aa3c4ea24568425e43a5221
d53bb4c9579bd1db78a0520619e888aec79f750f
c38734a8dbe51217d73896c0bf7f5c38c107fd79e0dee24b717f130377e9b5f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5541
Cache-Control: max-age=120282
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:31 GMT
Etag: "638db4ac-1d7"
Expires: Wed, 07 Dec 2022 10:39:13 GMT
Last-Modified: Mon, 05 Dec 2022 09:06:52 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d3241a719f09d824c3ccae92d358e03f
40fc3f338cd62b2d9672171afb58fbc1dbb3b88c
fe76a39d82624de2c53fd37b60b7d1870b40e2b6db6095ad43781072ed3e27f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE76A39D82624DE2C53FD37B60B7D1870B40E2B6DB6095AD43781072ED3E27F5"
Last-Modified: Sun, 04 Dec 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Tue, 06 Dec 2022 07:14:31 GMT
Date: Tue, 06 Dec 2022 01:14:31 GMT
Connection: keep-alive
167.71.46.139/styles/default/maagalim/icon.png
167.71.46.139200 OK 464 B URL HTTP/1.1 167.71.46.139/styles/default/maagalim/icon.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 18 x 15, 8-bit/color RGBA, non-interlaced\012- data
Hash 337742544018503e40dbeb646a09072d
4add25e45cf161fc9313061ba7f3794ca3a2e3f1
03367e5e4c06e3e03eff5da96dc3748f2418b5b0e142a04d8c56aa0f5d17c254
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/default/maagalim/icon.png HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Thu, 17 Jan 2019 22:27:45 GMT
ETag: "1d0-57faee74a5a40"
Accept-Ranges: bytes
Content-Length: 464
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/png
www.google-analytics.com/analytics.js
142.250.74.14200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.14:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 06 Dec 2022 00:46:55 GMT
expires: Tue, 06 Dec 2022 02:46:55 GMT
cache-control: public, max-age=7200
age: 1656
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.maagalimgroups.com/styles/default/maagalim/logo.png
167.71.46.139200 OK 29 kB URL HTTP/1.1 www.maagalimgroups.com/styles/default/maagalim/logo.png
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1743 x 680, 8-bit/color RGBA, non-interlaced\012- data
Hash 1bbe67358b8c3ef698574fc5c57a7392
3dac17c97edf7900fd60b3ee8a305406432b0d8b
f794351a38f3b6ccb638aeb7a022f462b2a65a77687a37fdab7d7438bc746c54
GET /styles/default/maagalim/logo.png HTTP/1.1
Host: www.maagalimgroups.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Tue, 01 Jan 2019 21:00:56 GMT
ETag: "704f-57e6bd3595200"
Accept-Ranges: bytes
Content-Length: 28751
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
167.71.46.139/data/xfmg/thumbnail/0/34-7462b043d5dd2c917a22de8517553fce.jpg?1640205320
167.71.46.139200 OK 14 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/34-7462b043d5dd2c917a22de8517553fce.jpg?1640205320
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 690949c74afef9653fbd74220d5c9148
41872435063670f02f4ad18592ac8d6ec6ba416e
ad0e907e6d2974647f051a558cd3b5dc778b5c2dc3f2e41fb8e307456282744f
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/34-7462b043d5dd2c917a22de8517553fce.jpg?1640205320 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 22 Dec 2021 20:37:07 GMT
ETag: "3564-5d3c215defeda"
Accept-Ranges: bytes
Content-Length: 13668
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/6-019efe8ca9b8947b2ab9b12b53b8c2e7.jpg?1549477079
167.71.46.139200 OK 6.8 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/6-019efe8ca9b8947b2ab9b12b53b8c2e7.jpg?1549477079
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 202a8ae746eea8aea46cd3b1f8fe68ec
35cd6f009b0a9a71b84fb04a7b8ab34cb5e55476
ee59bbefdfee2a0781a114eb39c2ccb3bc41a07c8c8e71b60e57810a3c0deed1
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/6-019efe8ca9b8947b2ab9b12b53b8c2e7.jpg?1549477079 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 06 Feb 2019 18:18:33 GMT
ETag: "1a7d-5813dc0edbe9f"
Accept-Ranges: bytes
Content-Length: 6781
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/38-6086f9d5b1e741c4ec359da8dd631695.jpg?1658688324
167.71.46.139200 OK 5.9 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/38-6086f9d5b1e741c4ec359da8dd631695.jpg?1658688324
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 48b9eddb8a1191c91ec2f3b97b98c279
46f313dfd6d21bffe660c90fe43be48d8bee2513
c7000d86d4673482c80febda7f48db5c17ca6f789eb9fc3d42008950b17974a8
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/38-6086f9d5b1e741c4ec359da8dd631695.jpg?1658688324 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 24 Jul 2022 18:45:31 GMT
ETag: "1737-5e49178c669ce"
Accept-Ranges: bytes
Content-Length: 5943
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/4-ecfcf6b00a3a6de1c6fbf5dd6c4e8e58.jpg?1549476725
167.71.46.139200 OK 9.8 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/4-ecfcf6b00a3a6de1c6fbf5dd6c4e8e58.jpg?1549476725
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 31c079b0e5c67f02ba1bf85a29830a93
650a9c34cab281cbb19feea6d62ccce217eaaae2
e74603cd3d1b806b46e4581a9d8dfd43777ced650233aac18797485c80311bb2
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/4-ecfcf6b00a3a6de1c6fbf5dd6c4e8e58.jpg?1549476725 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 06 Feb 2019 18:13:03 GMT
ETag: "2662-5813dad4b1279"
Accept-Ranges: bytes
Content-Length: 9826
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
push.services.mozilla.com/
52.39.57.61101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.57.61:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: mcrVkKRlrZs7M4LyxGIySA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: L/hA3glZ1xB1ULpyNkgYdYuNvnk=
167.71.46.139/data/xfmg/thumbnail/0/10-147af11a4bf7248b021b6441115a54fe.jpg?1549477773
167.71.46.139200 OK 10 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/10-147af11a4bf7248b021b6441115a54fe.jpg?1549477773
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 7ac3819335d2907caa4506a6eed8a22c
3f6b4047b08cccd9bbfe82937e12e72a3d83d6e2
92b0b13502aae58612ce90e5a1a9059e525b79ed33699f46e69c7bbfb92f97b8
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/10-147af11a4bf7248b021b6441115a54fe.jpg?1549477773 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 06 Feb 2019 18:29:38 GMT
ETag: "27bd-5813de8978fec"
Accept-Ranges: bytes
Content-Length: 10173
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
www.negishim.com/accessibility/wheelchair.ashx?is_pro=1&fps=7f193532908c96e4ecc4cc0b24ce9bac&v=255&css_style=1&src=167.71.46.139&purl=http://167.71.46.139/&ii=1670289269280
199.203.20.98200 OK 306 B URL HTTP/2 www.negishim.com/accessibility/wheelchair.ashx?is_pro=1&fps=7f193532908c96e4ecc4cc0b24ce9bac&v=255&css_style=1&src=167.71.46.139&purl=http://167.71.46.139/&ii=1670289269280
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 887470e3bf04f3732e052a64c5e7af7b
ae7d317a5169ab19853930d87cb37c78628fd161
5097c822a21c85df71171072a93e7f439de3c813e85f08ee44c60db1d3d06de5
GET /accessibility/wheelchair.ashx?is_pro=1&fps=7f193532908c96e4ecc4cc0b24ce9bac&v=255&css_style=1&src=167.71.46.139&purl=http://167.71.46.139/&ii=1670289269280 HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: image/png
server: Microsoft-IIS/10.0
access-control-allow-origin: *
content-disposition: attachment; filename=wheelchair_18_black.png
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 306
X-Firefox-Spdy: h2
www.negishim.com/accessibility/menu_18_black.png
199.203.20.98200 OK 237 B URL HTTP/2 www.negishim.com/accessibility/menu_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash 3b90d4ba583b5c2780186c995b63de0e
5066fa1a1e7fdfed639231d37045ccec5e353936
869ea62eaf5a43cebda3959180d48e30d83568d6dab66a1668797b3d2115a57e
GET /accessibility/menu_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 30 Aug 2016 15:50:47 GMT
accept-ranges: bytes
etag: "b0be4146d62d21:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 237
X-Firefox-Spdy: h2
www.negishim.com/accessibility/font_size_18_black.png
199.203.20.98200 OK 159 B URL HTTP/2 www.negishim.com/accessibility/font_size_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 4-bit colormap, non-interlaced\012- data
Hash 02dcd185722d5c42dc985d299d6bc171
68443074a84c1febba6df90781cd9b5e897fe613
9ce8fc1e991fd4e104de2bc58d3e069142e3c19ae35bd19c3759124b306a6fcc
GET /accessibility/font_size_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Tue, 30 Aug 2016 18:51:55 GMT
accept-ranges: bytes
etag: "3d9e394ef2d21:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 159
X-Firefox-Spdy: h2
www.negishim.com/accessibility/contrast_18_black.png
199.203.20.98200 OK 285 B URL HTTP/2 www.negishim.com/accessibility/contrast_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d5d806232e16680a9402cf166299157
f8ac5be40c8264093b7356ed8fd8640603d2d062
d5657761b83b78fd9e8db73283ad1cbf05aafbcd0774321f4097630da3b5cc2e
GET /accessibility/contrast_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 285
X-Firefox-Spdy: h2
www.negishim.com/accessibility/gray_images_18_black.png
199.203.20.98200 OK 218 B URL HTTP/2 www.negishim.com/accessibility/gray_images_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash d5b6a6a27f670f0910b1423d1df3161e
156921f114f67747dd2bf5b5f04dd773815c524f
b5ae9008d4f723cbe585d776f9693d6c4b65a3cf757b0e189e9fdda38fb5483e
GET /accessibility/gray_images_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 218
X-Firefox-Spdy: h2
www.negishim.com/accessibility/underline_18_black.png
199.203.20.98200 OK 308 B URL HTTP/2 www.negishim.com/accessibility/underline_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 38882fc1548d72045f593c4f28328ade
4490798da8a4d1da0523f9fdf1b6d26cfd74bdb9
9402439af5da5d0507dd51c79c4a84ee8944152c2a34231df4410993fff2ea19
GET /accessibility/underline_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 308
X-Firefox-Spdy: h2
www.negishim.com/accessibility/eye_blocked_18_black.png
199.203.20.98200 OK 341 B URL HTTP/2 www.negishim.com/accessibility/eye_blocked_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 7b1774eef64da6259a1359f0043cec80
b4fd9dbe0fb120a7ef16793bbfe6cd92fa6c279a
c7bc017c71f72c012df4b09cb321091b4448b72f9174ac5d92b2ba45a82da964
GET /accessibility/eye_blocked_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 341
X-Firefox-Spdy: h2
www.negishim.com/accessibility/font_18_black.png
199.203.20.98200 OK 292 B URL HTTP/2 www.negishim.com/accessibility/font_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash bcf7d5847f7af923b23b083b355f5c12
acaf8d36cd2dd72404a651d8360ba7b42bdbd667
3ff5b32447f60a7aacdb99ff951585ba85809756f263b481f0a6cc9cd9966125
GET /accessibility/font_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 292
X-Firefox-Spdy: h2
www.negishim.com/accessibility/close_18_black.png
199.203.20.98200 OK 265 B URL HTTP/2 www.negishim.com/accessibility/close_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit colormap, non-interlaced\012- data
Hash adab46e5b4621ee74ee5a67efb9bb06f
cf0cfbf75343d67ae97fae676b0990fb65fabd19
e1bb0facbd5151b5ce31dd798a25624666a0e943c4bb57c9e0a8e88ea5e4aba9
GET /accessibility/close_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Wed, 06 Sep 2017 12:17:58 GMT
accept-ranges: bytes
etag: "63c3f2da27d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 265
X-Firefox-Spdy: h2
www.negishim.com/accessibility/power_off_18_black.png
199.203.20.98200 OK 303 B URL HTTP/2 www.negishim.com/accessibility/power_off_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash f196ab65150f26c5a3f7e43b16f10c31
2b60dc17a63ad44c9dfdd2bb9abddd91e6cf29fb
f32171a4d21f4fe45729e31d37257be9b75fbbf3f42ded3ad6c46c1bba7f1509
GET /accessibility/power_off_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 303
X-Firefox-Spdy: h2
167.71.46.139/data/xfmg/thumbnail/0/35-548dd53642647eaa12af98876fb8e917.jpg?1641075687
167.71.46.139200 OK 27 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/35-548dd53642647eaa12af98876fb8e917.jpg?1641075687
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash cf9e87e26d2b6657208d95641ac96b09
b4f093a8145047af5e734c6c25113de9ce6151df
527bb8d75551bbd2859a30c620d4cd4ff5602d03cbc3ead944a33129ade60940
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/35-548dd53642647eaa12af98876fb8e917.jpg?1641075687 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 01 Jan 2022 22:26:50 GMT
ETag: "6838-5d48cc8a418dc"
Accept-Ranges: bytes
Content-Length: 26680
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/7-f03284ce299b625196179abc0472b17e.jpg?1549477192
167.71.46.139200 OK 21 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/7-f03284ce299b625196179abc0472b17e.jpg?1549477192
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 200522b1572325bc6d55547e04d8c615
b69413e3edea7aa51f41eb29e7ce503b52c35b21
47ecd8fd09b32eacc33d478d73916c5e339458561d437d860a757cd225df9839
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/7-f03284ce299b625196179abc0472b17e.jpg?1549477192 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Wed, 06 Feb 2019 18:21:00 GMT
ETag: "5284-5813dc9b7b119"
Accept-Ranges: bytes
Content-Length: 21124
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/18-e5617f9fdfec5e55ea324af0ce97b748.jpg?1609069229
167.71.46.139200 OK 22 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/18-e5617f9fdfec5e55ea324af0ce97b748.jpg?1609069229
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 7f0124a9e9b209533aeec304384bc60c
2cc678fea8eddfa1ccfe85f65638e2bcfdab87f0
7235ac73618c793196cf27a2c3d0e0ead99158a9a32bfae3e795be01f450d692
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/18-e5617f9fdfec5e55ea324af0ce97b748.jpg?1609069229 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Dec 2020 11:41:51 GMT
ETag: "5707-5b770a4b4c31d"
Accept-Ranges: bytes
Content-Length: 22279
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/23-f66242325e09c9b73f81e72f491659be.jpg?1630783032
167.71.46.139200 OK 28 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/23-f66242325e09c9b73f81e72f491659be.jpg?1630783032
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 869434eb69bc66cdd2d47ac6c4b910ed
b6f36d6c21188d957771badc8d6f53aa662377df
b4d049181e9c41acef712071bd2ba560631c4270049e1bd999b990fc65d49555
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/23-f66242325e09c9b73f81e72f491659be.jpg?1630783032 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sat, 04 Sep 2021 19:17:45 GMT
ETag: "6d72-5cb304552b34b"
Accept-Ranges: bytes
Content-Length: 28018
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/11-19249125508a007021db58ac7e73ef57.jpg?1549780157
167.71.46.139200 OK 32 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/11-19249125508a007021db58ac7e73ef57.jpg?1549780157
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 800c2d2b098409bbc6697f8de65c6531
18bf33e6abc824c3a794d747be4a5dae3e22b099
6505c0a466a3441d6026d5c2cecf5a40de5969ccfed82a9f3b2e555304521dd1
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/11-19249125508a007021db58ac7e73ef57.jpg?1549780157 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 10 Feb 2019 06:30:15 GMT
ETag: "7cae-581845336f649"
Accept-Ranges: bytes
Content-Length: 31918
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/19-93ea33a4a937a255ae2a2fb1a219513a.jpg?1609069232
167.71.46.139200 OK 24 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/19-93ea33a4a937a255ae2a2fb1a219513a.jpg?1609069232
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash 8919436e168ce4b0ff77eefc3728b6bf
dabbe19d19e01fcbc7cd45a32248808200634713
524704ac9df39466e704279848b1fc845eac0de10e845a1cdce171742aae1f9f
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/19-93ea33a4a937a255ae2a2fb1a219513a.jpg?1609069232 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 27 Dec 2020 11:41:51 GMT
ETag: "5ec1-5b770a4b5019d"
Accept-Ranges: bytes
Content-Length: 24257
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
167.71.46.139/data/xfmg/thumbnail/0/12-7e2891db6ba15dc102dfec272df57005.jpg?1549780174
167.71.46.139200 OK 26 kB URL HTTP/1.1 167.71.46.139/data/xfmg/thumbnail/0/12-7e2891db6ba15dc102dfec272df57005.jpg?1549780174
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v80), quality = 85", baseline, precision 8, 315x400, components 3\012- data
Hash a2ff46f56b88a2a094be57d4cd1427c1
5ae8d6e267839f60354aee12c72c772c03c18826
63f1c9a2842da1eff972c4187bb8fdad07e192ef4fc2e098afcf708d8fa70789
Analyzer Verdict Alert quad9 Sinkholed
GET /data/xfmg/thumbnail/0/12-7e2891db6ba15dc102dfec272df57005.jpg?1549780174 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Last-Modified: Sun, 10 Feb 2019 06:30:15 GMT
ETag: "6448-581845337734b"
Accept-Ranges: bytes
Content-Length: 25672
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
www.negishim.com/accessibility/info_18_black.png
199.203.20.98200 OK 303 B URL HTTP/2 www.negishim.com/accessibility/info_18_black.png
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
File type PNG image data, 18 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 602c2e3c8ec8cfceb0c30f7fda93b7f4
77ad8be35ef47f63948ecfea93d367f22fdc4fe4
6bd9f3ab8929b5199116b3dcdc63c1a6dea5dd1a2e32f5c64cc362dd02dc3ec3
GET /accessibility/info_18_black.png HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
last-modified: Sun, 17 Sep 2017 07:37:50 GMT
accept-ranges: bytes
etag: "05b13dd872fd31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 303
X-Firefox-Spdy: h2
www.negishim.com/accessibility/ls.ashx?ii=1670289269430&callback=jsonpCallback&_=1670289268950
199.203.20.98200 OK 0 B URL HTTP/2 www.negishim.com/accessibility/ls.ashx?ii=1670289269430&callback=jsonpCallback&_=1670289268950
IP 199.203.20.98:0
ASN #1680 Cellcom Fixed Line Communication L.P.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /accessibility/ls.ashx?ii=1670289269430&callback=jsonpCallback&_=1670289268950 HTTP/1.1
Host: www.negishim.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: private
content-type: application/json; charset=utf-8
server: Microsoft-IIS/10.0
access-control-allow-origin: *
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
date: Tue, 06 Dec 2022 01:14:44 GMT
content-length: 0
X-Firefox-Spdy: h2
167.71.46.139/job.php
167.71.46.139200 OK 13 B IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 0e39d94e5cb74ff58a25ce8b548e0d45
ab709bacd5860d4b5c09aa9e3b783eb0aae515b5
1c4ad1d9a39baf5d48d8b276f5716971964de9bbdce7913a032f5e021ffb616b
Analyzer Verdict Alert quad9 Sinkholed
POST /job.php HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://167.71.46.139
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 01:14:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 13
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131529628-1&cid=407548538.1670289269&jid=238146102&gjid=730820387&_gid=263100980.1670289269&_u=YEBAAUAAAAAAACAAI~&z=1158941328
108.177.14.157200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131529628-1&cid=407548538.1670289269&jid=238146102&gjid=730820387&_gid=263100980.1670289269&_u=YEBAAUAAAAAAACAAI~&z=1158941328
IP 108.177.14.157:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-131529628-1&cid=407548538.1670289269&jid=238146102&gjid=730820387&_gid=263100980.1670289269&_u=YEBAAUAAAAAAACAAI~&z=1158941328 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://167.71.46.139
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://167.71.46.139
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 06 Dec 2022 01:14:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
167.71.46.139/job.php
167.71.46.139200 OK 14 B IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 70f7be64c25ab759c99977732dbab7f1
9462ce9dd8476f17b791c67f44f8fff8eb2dbdde
f779de80f6ebd5d15cb3209e82969f8ad90e4ba02899e24c1796f2c9aca80343
Analyzer Verdict Alert quad9 Sinkholed
POST /job.php HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
X-Requested-With: XMLHttpRequest
Origin: http://167.71.46.139
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp; _ga=GA1.1.407548538.1670289269; _gid=GA1.1.263100980.1670289269; _gat_gtag_UA_131529628_1=1
Content-Length: 0
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:32 GMT
Server: Apache/2.4.29 (Ubuntu)
Expires: Tue, 03 Jul 2001 06:00:00 GMT
Last-Modified: Tue, 06 Dec 2022 01:14:32 GMT
Cache-Control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 14
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/json; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5670c32d73c3d5771a2d9396774a7eb9
3fb62916ff54f22a011e11730ba87fea48e5d239
062531ed89864b713048421c9639d4a6249e92f33ef4177206f1deb5d85a8757
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 06 Dec 2022 01:14:32 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 01:14:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 01:14:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 01:14:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 01:14:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10626
Expires: Tue, 06 Dec 2022 04:11:39 GMT
Date: Tue, 06 Dec 2022 01:14:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd0fdca9dfb3e18fcbb5c89e12922da7
d8acf7053a01df2c503c734d52070ff4802d5a01
61e6235613c8ecda0321ecbe0870419bfa65cf3e44e3b85acd257f78725a6843
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8450e32d-c4fa-4c40-82bc-1c36f479692e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8978
x-amzn-requestid: 59cc852a-eb8c-45ab-a370-a176bffea0ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cqSrJGoaoAMF_jQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d97e0-3760c58b6d2b7a6561541201;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 07:04:00 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 7JodQ_7rkuySzNZtj0cThOwMxYT0BLrVbtivk6G_aWwEzbPk_5QcWA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 07:12:14 GMT
age: 64939
etag: "d8acf7053a01df2c503c734d52070ff4802d5a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8055d0db573ab34924db3b60ed788bb2
a4aae05e7a929fc7f652f56748d2a2da9c44ac45
f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: cE8n21yLSOS1FFSW_80l4MKNtJ9uJj7SXJS1Xza-lTYruvI2Wvkwlw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:11 GMT
age: 12382
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2f60a6490f38a772dcd50a1132e98e1b
ff254a1df087d2c157d88a6ef04e395dc49efe5e
653e40becd103cd76cc2f194a87e933e8c548d346f87520fefca3b16430fc4ab
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa99f7bcf-386e-4655-b6f0-99abdf67f097.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8469
x-amzn-requestid: c17eff92-da62-4f0f-9e75-2741012ec43a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: co_sqFSjoAMFQ6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d131d-61d61d2f0bb01ecb21b809ea;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 21:37:33 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TKSlCefkyQ7VDufJJOh1D7zhioft93jfOsoXxTD4ncAK5ktxlPvIoA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:52:07 GMT
age: 12146
etag: "ff254a1df087d2c157d88a6ef04e395dc49efe5e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2e11524d75503e35c404d6c9a12ac540
5626b75f5c2523f1a0fc301839a06a4e2407f106
d5eb74d026014c0a68893bde1107a9a111b1f0af835e28bb740308017ef80b7f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00b01871-cd98-4bab-b47d-4a29bb438277.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9354
x-amzn-requestid: fb2dad44-2f8c-4f02-bbc5-405e9586e5af
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmctYGLdoAMFyDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e55-28b5680933de0ff4208240be;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 9DoDl2ynVT-wtTVbAsUO7LoGG8T559DkLEfVf8ALbnAGcjajBq25yQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 03:56:21 GMT
age: 76692
etag: "5626b75f5c2523f1a0fc301839a06a4e2407f106"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7f2c354a00ab51d4a41221b6bf191c10
01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4
7d3c8417e1db0db41ceb8b4bf3f506864392dd1ad29319a06a8a6055f6f2ed12
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffaf0de04-19bf-4944-9ac5-5178afafb192.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11352
x-amzn-requestid: 7c3fc7bb-eb1f-46ec-8e92-b6ffc6261848
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSwuF1ToAMFiIA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64d1-7c53152a279f00595b9886bd;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:25 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: EQorA5VTb0s2BEIWBkdkhDho-bLdLVvu8LnAIQsQqsIjgBLneYqCzg==
via: 1.1 b6d577696b14c86cbfeb5b3459f38c50.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 21:48:22 GMT
age: 12371
etag: "01ceb7233fe05ad8dff3a0a43eef879ea2b83ec4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: YVR50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGtiCE9C3j0BUruNaFN2j1mKxCSouLmocmTXpmLMBJaLNyVwkXu1gQ==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 05 Dec 2022 22:09:28 GMT
age: 11105
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
167.71.46.139/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=3&d=1668975348&k=3d1308152e4fca70f76e6f5e2cfcdfdda9df1e94
167.71.46.139200 OK 0 B URL HTTP/1.1 167.71.46.139/css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=3&d=1668975348&k=3d1308152e4fca70f76e6f5e2cfcdfdda9df1e94
IP 167.71.46.139:0
ASN #14061 DIGITALOCEAN-ASN
Analyzer Verdict Alert quad9 Sinkholed
GET /css.php?css=public%3Anormalize.css%2Cpublic%3Afa.css%2Cpublic%3Acore.less%2Cpublic%3Aapp.less&s=1&l=3&d=1668975348&k=3d1308152e4fca70f76e6f5e2cfcdfdda9df1e94 HTTP/1.1
Host: 167.71.46.139
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://167.71.46.139/
Cookie: xf_csrf=weiIdMQzByi1uXPp
HTTP/1.1 200 OK
Date: Tue, 06 Dec 2022 01:14:31 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Expires: Wed, 06 Dec 2023 01:14:31 GMT
Last-Modified: Sun, 20 Nov 2022 20:15:48 GMT
Cache-Control: public, max-age=31536000
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 88083
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
fonts.googleapis.com/css?family=Arimo
142.250.74.106200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Arimo
IP 142.250.74.106:0
GET /css?family=Arimo HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://167.71.46.139/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 06 Dec 2022 01:14:31 GMT
date: Tue, 06 Dec 2022 01:14:31 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2