Report - 39.105.19.255/

Report Overview

Submitted URL
39.105.19.255/
IP
39.105.19.255
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.
Submitted
2022-12-03 22:05:23
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
42

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	34.208.31.97
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.2 kB	60 kB	34.120.237.76
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	5.3 kB	95.101.11.115
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.5 kB	93.184.220.29
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
39.105.19.255	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	7.7 kB	1.9 MB	39.105.19.255
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed
2022-12-03	medium	39.105.19.255	Sinkholed

JavaScript (11)

	URL	Size	First Seen	Last Seen
	39.105.19.255/umi.426feac3.js	1.4 MB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/umi.426feac3.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 15ba4d597d492af3e10a80d7a6434970 0d4e157995d4c1adbeb1b44592017f343f1d616f a08d9eb6aa698a64484bbe56948e988cb54d4f2d4a83d433851fbd560d4ee234 Loading...

	39.105.19.255/t__plugin-layout__Layout.328c221c.async.js	28 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/t__plugin-layout__Layout.328c221c.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash aeb6678fa927b8a27f4aad351f97335d fb10df6ea7f98d4b2c68059333c67ea853f03026 a82164b869f593103d77b6d06a83833273f8a23193973e36f3dd5f547ba5eadd Loading...

	39.105.19.255/vendors~p__404~t__plugin-layout__Layout.d555384f.async.js	47 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__404~t__plugin-layout__Layout.d555384f.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 02b356e439af35acf4468a45c4d9e445 7624c16404a7fea2ec721e9c93529ff69ed2d3d4 d2be1112a7ee4b96227db3270375d4760d0f978424abf7725ec5a8b96c119067 Loading...

	39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.146e403b.async.js	25 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.146e403b.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 5055ca8505147c195ac24bda2d38e8f9 3833615d55420f6b833fb7a3bf10f386a831699d 28e947b3e019b37dad5fc1c4c47ba811260f026e8b92d09acfdc9f9f480dfc57 Loading...

	39.105.19.255/p__User__Login.c82191f1.async.js	15 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/p__User__Login.c82191f1.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash b4e69d7435758c348716145dc868d97e 687bee1198001365fccbbb46becc49d856771e15 f016964cbe0db7bdffe0a6e67f3c3f67e89cc49e50572cd47c13c42c229b4aea Loading...

	39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.222599de.async.js	34 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.222599de.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 40f133670ce3cee78720b3f9e897939e 7afbb3085dc410eeb13bf6d1c55bf2b193ed09ea 62705f4f359b0edf5b7fcd2f1e694be7a779b5c3668cb649d3a20e75bc24973f Loading...

	39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.2df291ac.async.js	24 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.2df291ac.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 9741cc248c89d8007e1787d37a0eb396 1e8438b1d6c81f507cf04069fbf2bf749909e4bc fece567412183255fba86744611918472b54efc1086bc075d884bce735844954 Loading...

	39.105.19.255/	36 B	2023-03-07	2023-12-11
Pretty URL 39.105.19.255/ IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:33 Last Seen2023-12-11 09:40:05 Times Seen14 Hash a3ab558af5b0e38caa5f178f4cf53845 804b2895d19015c504ba310ba6ef705a32e93bb3 60cf2e23617e55f1d42e20c5d53f9409898fc2cb2fbd695ecb3e64da0b664d0a Loading...

	39.105.19.255/	34 B	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/ IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 1325f10ab815cf088ece6c5e9bc1be4c a98e1daa0dce96fc2d4b56940314a62712a48d3f f41d1a76cbec3727a5d1b36e7689878e1ad293be7cceeaa5fa3e7d51dab9c42a Loading...

	39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.b970a3a2.async.js	20 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.b970a3a2.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 72caf48bda7ee3e15ebd02104c8a3415 66a2de5fc8a8848a6cedf7f01f9a58bcc325d037 551c41824624645549f8a5ecb52f0c4784ecebd9d4771868122b91f6f77a26eb Loading...

	39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.b09604e5.async.js	132 kB	2023-03-08	2023-03-08
Pretty URL 39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.b09604e5.async.js IP 39.105.19.255 ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:35:48 Last Seen2023-03-08 15:35:48 Times Seen1 Hash 8fe6d157d1d6e8c39b39d8bd64a118ca 567f94778fce624b89a669a15e5488e127c9599c c5a42a8419fa781a6ba7a4c38ef0fb10f25e7dcee78600bcb2df09d87815ce29 Loading...

HTTP Transactions (40)

URL IP Response Size

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
3bbb845b153026fc5332dd4506585b57
3cad200fac28fd00f34ce6ef79373e661e188743
6035871c0de6ff2d120921461207cfa32bc286e1fe78849ce74815ffbb9ff950

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6035871C0DE6FF2D120921461207CFA32BC286E1FE78849CE74815FFBB9FF950"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2259
Expires: Sat, 03 Dec 2022 22:42:51 GMT
Date: Sat, 03 Dec 2022 22:05:12 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
67e9370f1bf3e4946a01f346eeae8966
aaab391d1134302d718de7a0d5edbedf884633e6
27a8654fb14db88d4b2bb3b45c1b197fc498cd94143d4a68687742fa48a41358

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6196
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:05:12 GMT
Last-Modified: Sat, 03 Dec 2022 20:21:56 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
55b4c61a1e99001307750e3647fe1102
7559f9f6770b7d3f45b723167062096312641e08
39f6bb64420bcfc8f0b010168fd35b67732984cd0698409f04d5ae40410422aa

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39F6BB64420BCFC8F0B010168FD35B67732984CD0698409F04D5AE40410422AA"
Last-Modified: Thu, 01 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14034
Expires: Sun, 04 Dec 2022 01:59:06 GMT
Date: Sat, 03 Dec 2022 22:05:12 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 03 Dec 2022 21:20:00 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2712
alt-svc: clear
X-Firefox-Spdy: h2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: s9h633rh8Ij99qYeDA+AQP1axWTbPpWGYeb27hbfsfaXELGWKIQuCdqQBQGhV/54BTgIoupZHHA=
x-amz-request-id: H7J030W52R8SSKZ4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 03 Dec 2022 21:47:17 GMT
age: 1075
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

39.105.19.255/

39.105.19.255

200 OK

2.1 kB

URL HTTP/1.1
39.105.19.255/
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Size
2.1 kB (2118 bytes)
Hash
62e957702b0f7d05ff8d836d3938c145
34b1f28b23679c2b0b6728868617a8d3b02e5484
a73c7d670c725cbf0b88e3a3d1e6df4e210c34c43a339e77070513a881f1b3da

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:12 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 1ef0083e-cfad-4ea2-8c8d-b34b1997cbf8
Content-Encoding: gzip

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Sat, 03 Dec 2022 22:05:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 03 Dec 2022 21:08:58 GMT
cache-control: public,max-age=3600
age: 3374
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

39.105.19.255/umi.ced15bae.css

39.105.19.255

200 OK

24 kB

URL HTTP/1.1
39.105.19.255/umi.ced15bae.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
24 kB (23780 bytes)
Hash
558edacf499e60ab608658a7e9dae6b8
33b51786e224389bb2ec5301b51b53a5007718f1
55731f742d70f6ef480723a85f0c74eae4c8e549fdd68d7425fd5267d57b6038

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /umi.ced15bae.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:12 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 9d2550d2-6b4e-4f70-9cbe-06780cf84c38
Content-Encoding: gzip

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
a151c326c67e1abb747847c1427db76f
80885d30ef8ba867bf33c40b861976958a27493a
de2b573ee1c8af980e593352e0c331b2595f62bd4499300ace30821d20814760

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6188
Cache-Control: max-age=132287
Content-Type: application/ocsp-response
Date: Sat, 03 Dec 2022 22:05:12 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:49:59 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

34.208.31.97

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
34.208.31.97:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 2NK4TWpmLYfcuUKeVnXfwA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 7nILHYgOGbzjY1ZCmdxbezSMC5w=

39.105.19.255/favicon.png

39.105.19.255

200 OK

85 kB

URL HTTP/1.1
39.105.19.255/favicon.png
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 3061 x 3061, 8-bit colormap, non-interlaced\012- data
Size
85 kB (85376 bytes)
Hash
6d07440dcda38480ac6fd8c32edf0102
d297805246e00c93d7c41615326f49bd115c4327
c9050f0f23f89118b5f98359766e92445b37c27d674e7bb7b92687137ad6a379

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.png HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:12 GMT
Content-Type: image/png
Content-Length: 85376
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 8e2ae474-882a-4dc3-8432-6be555604c5e

39.105.19.255/umi.426feac3.js

39.105.19.255

200 OK

1.4 MB

URL HTTP/1.1
39.105.19.255/umi.426feac3.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
1.4 MB (1447304 bytes)
Hash
15ba4d597d492af3e10a80d7a6434970
0d4e157995d4c1adbeb1b44592017f343f1d616f
a08d9eb6aa698a64484bbe56948e988cb54d4f2d4a83d433851fbd560d4ee234

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /umi.426feac3.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:12 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 1447304
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: ae2538a4-d700-4e42-8048-7c495a3a548e

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:05:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:05:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:05:14 GMT
Connection: keep-alive

r3.o.lencr.org/

95.101.11.115

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
95.101.11.115:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19016
Expires: Sun, 04 Dec 2022 03:22:10 GMT
Date: Sat, 03 Dec 2022 22:05:14 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10431 bytes)
Hash
2636f91bb8fa4d9bb7bef114c248a9ae
8637105f41058bc0d2b259d462b560881928adb6
3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 1088
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

9.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.0 kB (8989 bytes)
Hash
a6e7b32ac999cf3c899a234c621fa91a
fc5d4f3163ebb9faf85968cbb1d194e8e68418be
f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 913
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4782 bytes)
Hash
6b0065d160e7dbd17cf58f2c837b45a7
0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f
833c0a39ed1d9dcfa4a22f201d06d085e5131121810e98d5e79dd6f84e8fe436

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd5b41d2b-ab64-4a18-814e-d348d7921eca.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4782
x-amzn-requestid: 98b5d5ca-7590-4756-9b92-3fb327ecc97b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsANG8koAMF_Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-546b61a82a8b952f664346b9;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ncXSPf1et6vSgEBmWwY_PperGXmgJGEx0hlLr0lhN6XHi0RLRr6WCA==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:05 GMT
age: 1089
etag: "0ebefb37db37dcbf1ad421ab0cac2cccdcd83a2f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

16 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
16 kB (16143 bytes)
Hash
14dcca2a9c4792d835ee709bcd947402
1d702df3a64258628f4124eafd580695f2d350af
da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: KHd4ajJWl-8TDH5HGbkuJXI4NL6I83IwSUBKzfq85cxpyRH_LGl6OA==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 07:43:43 GMT
age: 51691
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.7 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.7 kB (4666 bytes)
Hash
c01fe1cccdb3b672bbade6d98217ffe9
a9a529dc9894827f6243a1bf57f81caa4fe88fc2
c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 1273
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.3 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.3 kB (8286 bytes)
Hash
b7717ff9fcf6cf3268d10312dc3fdaaf
c4f05fdb231c7870b2a918198fa0809d8e8f9c89
bf3b6304a45f172653f45e1e8b4afa7da90096ca36c82b981ca6ec01ccf122a8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F32949ec5-eb15-4096-b713-fd83ae7aa650.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8286
x-amzn-requestid: 6880d30e-3624-402e-819d-610e35ae27d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAAG1HIAMF6Vw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-43f8e7d312f96110713a7092;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XcnZ2pTQoGkuHEPsazEI09yhI6WWbmZD6g7QYW7rDf5HsegvjdgkXg==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:00 GMT
age: 1274
etag: "c4f05fdb231c7870b2a918198fa0809d8e8f9c89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.642fef05.chunk.css

39.105.19.255

200 OK

1.4 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.642fef05.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (6308), with no line terminators
Size
1.4 kB (1413 bytes)
Hash
8751cc3d8664bf4d749690bb900caad6
f6bb09d69299c15e05f79858d47b96de0cbcdc5c
bbdfe2b2e4a74a51ee4396024ac4e2d7c2bfb03244c5739a57edbdcfb98835db

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.642fef05.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: c9cc28f1-eff8-481f-9350-2825c157a80d
Content-Encoding: gzip

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.30816cfa.chunk.css

39.105.19.255

200 OK

2.4 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.30816cfa.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (16720), with no line terminators
Size
2.4 kB (2360 bytes)
Hash
0a5e51fdde3055c81545916736b4f58c
a01abaa4aefd9b7ada204856acda2f6c7ddb0d7a
3e9d5fe7b6fab0e1a4ce248f7af930702fdbf89552ec37dc6c53d248857efc1a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.30816cfa.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: ca49e9ed-03c9-4ec9-8a2c-157b057d7ce3
Content-Encoding: gzip

39.105.19.255/vendors~p__404~t__plugin-layout__Layout.72c52f54.chunk.css

39.105.19.255

200 OK

966 B

URL HTTP/1.1
39.105.19.255/vendors~p__404~t__plugin-layout__Layout.72c52f54.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (966), with no line terminators
Size
966 B (966 bytes)
Hash
7724506ab795a79eb00a113a2223578c
079d38f8fee46c753565780b648e1fc102b81c77
bad828dbddb33becb040dc98c85874fd0f4756531bb1914700aa5b0be6570cf9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__404~t__plugin-layout__Layout.72c52f54.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 966
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 797046a0-cb4f-4f63-bf1f-1830d66a6062

39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.fa5df0ab.chunk.css

39.105.19.255

200 OK

2.4 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.fa5df0ab.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (11098), with no line terminators
Size
2.4 kB (2365 bytes)
Hash
76a99866ba5cf953281ac2bfbad20c74
0eea2fdf9f313780bf4c41d19310723cb945f407
e9da204c3c8037fe247817d6fee424955bc0807fcb3a11aed5008e60f362bbd8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Dashboard~t__plugin-layout__Layout.fa5df0ab.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: f4f3f910-d861-4d8f-9635-e9981257ca07
Content-Encoding: gzip

39.105.19.255/t__plugin-layout__Layout.68bfa84a.chunk.css

39.105.19.255

200 OK

978 B

URL HTTP/1.1
39.105.19.255/t__plugin-layout__Layout.68bfa84a.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (978), with no line terminators
Size
978 B (978 bytes)
Hash
90ac51ee68f8a73809e593daaea8c381
98e426c46d7fca0dd4cc8197fe8754b3cc6ddbf1
61dbf34af20fb992e39b1fd3228f589a21bb48a540bffba9a01da9d8ccb1acc4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /t__plugin-layout__Layout.68bfa84a.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/css; charset=utf-8
Content-Length: 978
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 24a33911-6dea-45f1-805e-2d240f9dcaeb

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.b970a3a2.async.js

39.105.19.255

200 OK

20 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.b970a3a2.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (20345), with no line terminators
Size
20 kB (20345 bytes)
Hash
72caf48bda7ee3e15ebd02104c8a3415
66a2de5fc8a8848a6cedf7f01f9a58bcc325d037
551c41824624645549f8a5ecb52f0c4784ecebd9d4771868122b91f6f77a26eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~82ccce19.b970a3a2.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 20345
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 43d4608b-60f7-4b96-9c37-e63624ee090f

39.105.19.255/t__plugin-layout__Layout.328c221c.async.js

39.105.19.255

200 OK

28 kB

URL HTTP/1.1
39.105.19.255/t__plugin-layout__Layout.328c221c.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (27451), with no line terminators
Size
28 kB (27451 bytes)
Hash
aeb6678fa927b8a27f4aad351f97335d
fb10df6ea7f98d4b2c68059333c67ea853f03026
a82164b869f593103d77b6d06a83833273f8a23193973e36f3dd5f547ba5eadd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /t__plugin-layout__Layout.328c221c.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:15 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 27451
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: f66a21c1-05c7-4f7f-a914-d8874e21cfb3

39.105.19.255/vendors~p__404~t__plugin-layout__Layout.d555384f.async.js

39.105.19.255

200 OK

47 kB

URL HTTP/1.1
39.105.19.255/vendors~p__404~t__plugin-layout__Layout.d555384f.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (46617), with no line terminators
Size
47 kB (46617 bytes)
Hash
02b356e439af35acf4468a45c4d9e445
7624c16404a7fea2ec721e9c93529ff69ed2d3d4
d2be1112a7ee4b96227db3270375d4760d0f978424abf7725ec5a8b96c119067

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__404~t__plugin-layout__Layout.d555384f.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 46617
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: d2256566-c857-4fd6-a38a-af109b8128cf

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.146e403b.async.js

39.105.19.255

200 OK

25 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.146e403b.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (25440), with no line terminators
Size
25 kB (25440 bytes)
Hash
5055ca8505147c195ac24bda2d38e8f9
3833615d55420f6b833fb7a3bf10f386a831699d
28e947b3e019b37dad5fc1c4c47ba811260f026e8b92d09acfdc9f9f480dfc57

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__Dashboard~p__PluginTemplate__Create~p__PluginTempla~135f647e.146e403b.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:14 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 25440
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: f0860cfd-c87b-47a9-ad20-a7e4c104a064

39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.b09604e5.async.js

39.105.19.255

200 OK

132 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Dashboard~t__plugin-layout__Layout.b09604e5.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (65536), with no line terminators
Size
132 kB (132468 bytes)
Hash
8fe6d157d1d6e8c39b39d8bd64a118ca
567f94778fce624b89a669a15e5488e127c9599c
c5a42a8419fa781a6ba7a4c38ef0fb10f25e7dcee78600bcb2df09d87815ce29

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Dashboard~t__plugin-layout__Layout.b09604e5.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:15 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 132468
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 8f19387e-cc90-45d9-8929-3a2131c69c12

39.105.19.255/static/logo.3d9a56bf.svg

39.105.19.255

200 OK

5.6 kB

URL HTTP/1.1
39.105.19.255/static/logo.3d9a56bf.svg
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (3830)
Size
5.6 kB (5603 bytes)
Hash
8d341bc5e8775b3671c537228a4bb0ec
502c3c595b3ba695211f6c3edf62c8ca4af9d565
9721fbfce22f231a454b5e7ee30bda0abcbe480fb5e6c6adcb09190ceb4ea3bd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /static/logo.3d9a56bf.svg HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: image/svg+xml
Content-Length: 5603
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: f25cadc6-15bc-4b18-9526-98466c04b764

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.329c6d03.chunk.css

39.105.19.255

200 OK

3.2 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.329c6d03.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (20424), with no line terminators
Size
3.2 kB (3200 bytes)
Hash
547cc16285c4ec1fd7a5b5888ddce705
3acfc261e086e8c65f37ee618e1a3c5d01d200d0
c05145ef9d3c80c45636e5d94f53c10da04748523868bde86292d2280c3c8847

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.329c6d03.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 09db3878-00d9-4c0c-a407-31c8d230e3b3
Content-Encoding: gzip

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.88216a8a.chunk.css

39.105.19.255

200 OK

2.5 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.88216a8a.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (18297), with no line terminators
Size
2.5 kB (2545 bytes)
Hash
e45e355e9d4c269fe31c1bc779fe50b0
941413506bfff67dccc652f3e239c4741b19d6e9
4ce9b16bf9750f7c0afb5362c73a1406a9773d5f3a790f8bdd06ed482b874492

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.88216a8a.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 1421d1f6-48da-4761-b11e-82419b5c4e4f
Content-Encoding: gzip

39.105.19.255/p__User__Login.f2cc3ae2.chunk.css

39.105.19.255

200 OK

689 B

URL HTTP/1.1
39.105.19.255/p__User__Login.f2cc3ae2.chunk.css
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (1428), with no line terminators
Size
689 B (689 bytes)
Hash
9946caf7f293ab5c13be924d3c66b6c9
c28128c23bf072ac98d024aac2320dcecd6ca215
fc0ca3698a03d47c75b8f47d454400809f327f5faad65a56dbb473dbf9491a6d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /p__User__Login.f2cc3ae2.chunk.css HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/css; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 08e94ec2-a457-434a-86e1-99d784c89d4b
Content-Encoding: gzip

39.105.19.255/p__User__Login.c82191f1.async.js

39.105.19.255

200 OK

15 kB

URL HTTP/1.1
39.105.19.255/p__User__Login.c82191f1.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (14970), with no line terminators
Size
15 kB (14970 bytes)
Hash
b4e69d7435758c348716145dc868d97e
687bee1198001365fccbbb46becc49d856771e15
f016964cbe0db7bdffe0a6e67f3c3f67e89cc49e50572cd47c13c42c229b4aea

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /p__User__Login.c82191f1.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 14970
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: d6492518-d99c-4f7b-9b15-7db298feb2e1

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.222599de.async.js

39.105.19.255

200 OK

34 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.222599de.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (34375), with no line terminators
Size
34 kB (34375 bytes)
Hash
40f133670ce3cee78720b3f9e897939e
7afbb3085dc410eeb13bf6d1c55bf2b193ed09ea
62705f4f359b0edf5b7fcd2f1e694be7a779b5c3668cb649d3a20e75bc24973f

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~0e5c387a.222599de.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 34375
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 553b5f0d-772d-4f9e-a228-f88c7518b67a

39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.2df291ac.async.js

39.105.19.255

200 OK

24 kB

URL HTTP/1.1
39.105.19.255/vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.2df291ac.async.js
IP
39.105.19.255:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
ASCII text, with very long lines (23775), with no line terminators
Size
24 kB (23775 bytes)
Hash
9741cc248c89d8007e1787d37a0eb396
1e8438b1d6c81f507cf04069fbf2bf749909e4bc
fece567412183255fba86744611918472b54efc1086bc075d884bce735844954

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /vendors~p__Consumer__Create~p__Consumer__List~p__PluginTemplate__Create~p__PluginTemplate__List~p__P~3ef20d0c.2df291ac.async.js HTTP/1.1
Host: 39.105.19.255
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://39.105.19.255/user/login?redirect=%2F

HTTP/1.1 200 OK
Date: Sat, 03 Dec 2022 22:05:16 GMT
Content-Type: text/javascript; charset=utf-8
Content-Length: 23775
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization
Access-Control-Allow-Methods: *
Access-Control-Allow-Origin: *
Last-Modified: Wed, 16 Jun 2021 12:59:46 GMT
X-Request-Id: 9ed77c71-873d-43df-8a64-8f51159d1a0c

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (11)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations