| buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html |  34.141.72.9 | 301 Moved Permanently | 88 B |
URL HTTP/1.1buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html IP34.141.72.9:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeASCII text, with no line terminators Hash60a0544e99198f0333ac902de5718d42 269ca2a51eee05eb21431a3d4cf1cb02e2bad4c0 ef194bd25921edf390233d3947144916e1ebd1e089a3e2b88789f1508e0f950b
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /adobe/teleserye-on-tv-full-episode.html HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Location: https://buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html
Server: Netlify
X-Nf-Request-Id: 01GQAQ7W6QDDHTF9776Y69REZ4
Date: Sat, 21 Jan 2023 17:50:23 GMT
Content-Length: 88
Content-Type: text/plain; charset=utf-8
|
|
| r3.o.lencr.org/ |  23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash4714c95a0c854e38f9be444f9343bf14 07ce5eb635448f2b3bafbe51e4dfeef47cdf4f7b 4d47e08c9afb704096e93a51f6e95c0dc7c7bc31e67ded39998ff37ed56e0965
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4D47E08C9AFB704096E93A51F6E95C0DC7C7BC31E67DED39998FF37ED56E0965"
Last-Modified: Sat, 21 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7881
Expires: Sat, 21 Jan 2023 20:01:44 GMT
Date: Sat, 21 Jan 2023 17:50:23 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash20d267853e48ef7d476459ed67da5d97 06d1bd08efd69c0e93486d3c423fa2640f372d29 24323cd45ca2ed01c63f908233d9b2ad5bb6f63394884c45bf6abb0221d0edd6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "24323CD45CA2ED01C63F908233D9B2AD5BB6F63394884C45BF6ABB0221D0EDD6"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14437
Expires: Sat, 21 Jan 2023 21:51:00 GMT
Date: Sat, 21 Jan 2023 17:50:23 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ |  35.241.9.150 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 21 Jan 2023 17:34:44 GMT
content-type: application/json
age: 939
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash38c102db4bcfb9c4fb19174986950fd3 51c2cc8a3aca4da5c9ab3438467c29203fc0b0c3 dad6b64bc9f4dd827471ccc2e5273fceee574685376083aaa80f9d2f918037f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DAD6B64BC9F4DD827471CCC2E5273FCEEE574685376083AAA80F9D2F918037F2"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14945
Expires: Sat, 21 Jan 2023 21:59:28 GMT
Date: Sat, 21 Jan 2023 17:50:23 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash7b922915ebf1fa3639b333f994c74f24 144a3f80b98fd0652d4614f24cf6cbbee40f8938 adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: NqjAmGyDAjruqlO6UQMIxsEsnRbZUUhF5c5oZmqWiuP5u8DWefIbgbcsB5DKwvHn51xg7F2oQ9ktNCZd3lOXHA==
x-amz-request-id: MQ7EEKE0APGS30A4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 21 Jan 2023 17:18:05 GMT
age: 1938
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 314 B |
IP93.184.220.29:0
Hash42de9852bd627ce6d413d448eaa70eab e57f39b0348ed99f36958b39170893650c1d5858 242ecf34b36582aba29aed09563c7cad061aee8163a7cb4a8c8d3e80a955182c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5911
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:23 GMT
Last-Modified: Sat, 21 Jan 2023 16:11:52 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 314
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 21 Jan 2023 17:50:23 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1d497e2648111e44540f16f2e308d48d 7ac7e9c0b63e8c182d21663337a7287b4875d0ea 0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashed52628e343db70042f5b0263977d793 62ba6349704f2894e3f3f807fc55f13e638b711d 865e70f0a901435082e67932b3ddc094ea2f7de24ab3fd01812e9d798889ace7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| i.ytimg.com/vi/JkAPR3lVucs/hqdefault.jpg | 142.250.74.150 | 200 OK | 29 kB |
URL HTTP/2i.ytimg.com/vi/JkAPR3lVucs/hqdefault.jpg IP142.250.74.150:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x360, components 3\012- data Hashf7ee33f29a6ed22a77f4dbf61af2bd20 a26e39e1448e8168dd6afe2f7b56de3b47e3730f 874ea731e89aa22a4c58570bc564c72587f4d8ed71f053dd8836725ba8df37c7
GET /vi/JkAPR3lVucs/hqdefault.jpg HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 28791
date: Sat, 21 Jan 2023 17:50:24 GMT
expires: Sat, 21 Jan 2023 19:50:24 GMT
cache-control: public, max-age=7200
etag: "1511159987"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash1d497e2648111e44540f16f2e308d48d 7ac7e9c0b63e8c182d21663337a7287b4875d0ea 0d4e307a6db13e144d77981270004f6b8c74ee977ad4c59c655946c6206746c9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 35.241.9.150 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP35.241.9.150:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Expires, Last-Modified, Alert, Content-Type, Content-Length, ETag, Pragma, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 21 Jan 2023 17:17:29 GMT
age: 1975
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfc96297d0b59147e8f6052b16f1ca13f 23aeddfa143bb9be19b2ed06f2024a3a8aa120ce 034327c6ada560c662f451f3c95cd8531482d4ab51629e95875fab54c8f3e49a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 342
Cache-Control: max-age=141726
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Etag: "63cbab28-1d7"
Expires: Mon, 23 Jan 2023 09:12:30 GMT
Last-Modified: Sat, 21 Jan 2023 09:06:48 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| buffaloenergy.netlify.app/tRKpE.png | 34.141.55.250 | 200 OK | 112 kB |
URL HTTP/2buffaloenergy.netlify.app/tRKpE.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 700 x 500, 8-bit/color RGBA, non-interlaced\012- data Size112 kB (112514 bytes) Hash5bf71ae11857b7fc9ca51e5790e0e718 24327f434aa4bdff53ac4a558b521f9bad7eee2e 7ab77167fb68e428352f596402a095969536ec30715e281161853cd863db4c86
GET /tRKpE.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "6d50d9e0ff06d05c3bc571048f68ab7a-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X429638N1WYKWFKMHT9
content-length: 112514
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/SLIdis.png | 34.141.55.250 | 200 OK | 8.5 kB |
URL HTTP/2buffaloenergy.netlify.app/SLIdis.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 400 x 955, 8-bit colormap, non-interlaced\012- data Hasha5fa104091b5c7e02173a5cd96a35896 1fc681580f3b4b8915e582a93fec28f66b920abe 0aab79af1d656b5b05c46a77b20085d06be37d386f20faed527ace6b629e3e84
GET /SLIdis.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "751e56eba6b0ff5db123bf06b28b13f8-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X43EXFNFNRZ4HYXD6D6
content-length: 8455
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/cfsJbq.png | 34.141.55.250 | 200 OK | 2.8 kB |
URL HTTP/2buffaloenergy.netlify.app/cfsJbq.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 400 x 429, 8-bit colormap, non-interlaced\012- data Hash56e5ba70c5239d8cdc4a871ac21d07a2 eff2ed73a10973c9421893e4043c07c88b41a1ea f4335439b90877563987afcc44964d494ebaeb295f7a1718afc0bc7e7e6040e7
GET /cfsJbq.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "66d45c7dd398f0009b019efcc9272171-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X43FQJ1XAB7EDTHXB97
content-length: 2769
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/XGr.png | 34.141.55.250 | 200 OK | 6.5 kB |
URL HTTP/2buffaloenergy.netlify.app/XGr.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 125 x 122, 8-bit/color RGBA, non-interlaced\012- data Hashf3656dde6e214d16b6a40e17db9a840d 251a6b1e1c95111215cde424f79447b327fbc4dc 1377e5da0b0c3475e944e01378306fdc0b80cee01c94b0b72adfb056876cc80d
GET /XGr.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "295843be7d48da0ddfe7cdc093d2eb3d-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X494WRA0AKFW5R8ZVP6
content-length: 6459
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/aGKOCXml.png | 34.141.55.250 | 200 OK | 2.2 kB |
URL HTTP/2buffaloenergy.netlify.app/aGKOCXml.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 85 x 43, 8-bit/color RGBA, non-interlaced\012- data Hash7506346891ceeed3c75db2cbf98f9fea 6c799ec05608b2646edfa5ae6483a948c9be2ca4 eec947d8eaf10fcd2247fb4cdd4ca125b3fb9d6cc903283a1ab41328e65d0298
GET /aGKOCXml.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "7797a4c3e5b362fd98de3acd7f1edeec-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X47W3YKRAJAEHF367ED
content-length: 2165
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/oiB.png | 34.141.55.250 | 200 OK | 1.5 kB |
URL HTTP/2buffaloenergy.netlify.app/oiB.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 300 x 300, 8-bit colormap, non-interlaced\012- data Hash86c82f1ae0d44a2daeb293a820779a32 ab7aa088f821d8d65eb5309a69f3f161c92e79f1 24af2bb4e908a44ec0e3d5a7e387b9ddb512fb7c08195bb2a67dbd9e054c85d9
GET /oiB.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "1fdba5462d72b4af6db0364cf296b38c-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X45F9NJD960FG8TBCMY
content-length: 1454
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/IREI.png | 34.141.55.250 | 200 OK | 2.3 kB |
URL HTTP/2buffaloenergy.netlify.app/IREI.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 200 x 105, 8-bit/color RGBA, non-interlaced\012- data Hasha65744b68ab67050e6035ae707ff12e3 12c12ea2c09c1a205cc5cec1268c15767a68853f 7f29b573010137aba919073db7a4921250b9f2b6953b7fe166781f952a6d049a
GET /IREI.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "81f6e9f9abe1bfac2a6a5a742322e9cc-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X47ER04MHZKN4KWQS6Z
content-length: 2264
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/oGVGftApEGu.png | 34.141.55.250 | 200 OK | 2.9 kB |
URL HTTP/2buffaloenergy.netlify.app/oGVGftApEGu.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 56 x 100, 8-bit colormap, non-interlaced\012- data Hash479c7c6eb0b128181282e31983140165 08c233eea7a16e9714a8cfbd58b51fbbe011ae1e 2e432d7fc84deaf9e636a0b8a76ce01b5a4aea6e172c163f578fd9edf22f0fd3
GET /oGVGftApEGu.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "a803f0bd2e6535edf275563d7c6e9f7b-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X49BDS4CNG5RQ7YMCAK
content-length: 2877
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/oVaGx.png | 34.141.55.250 | 200 OK | 1.9 kB |
URL HTTP/2buffaloenergy.netlify.app/oVaGx.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 150 x 53, 8-bit/color RGBA, non-interlaced\012- data Hash16331a1ed18c430f27af91cb4748cc7e fde8ae624b7e438e0c10b5ed078274e236725946 854bf30f7e7ec69dc7be001c6f19e59ed8906440994800e741048ccf16a0796c
GET /oVaGx.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "adb4f498aadfe4080eed027f0a591770-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X48J8RB9GYWDEYW37XX
content-length: 1879
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/Didvwbod.png | 34.141.55.250 | 200 OK | 1.9 kB |
URL HTTP/2buffaloenergy.netlify.app/Didvwbod.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 50 x 29, 8-bit/color RGBA, non-interlaced\012- data Hash11730acc1e1d7f9063f9746a62c5be3f 35c639c5b42630e56451d6cd11e4ded98f8d6d64 a40f20e71b53ce3356c33d22f9b724bdbda390eec73703260d49a88b385d8a17
GET /Didvwbod.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "05fa4b7a6785df133242300587dc33ec-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X4A9MPNMDXWPVPBKM3A
content-length: 1862
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/pJFVWRbu.png | 34.141.55.250 | 200 OK | 1.2 kB |
URL HTTP/2buffaloenergy.netlify.app/pJFVWRbu.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 30 x 19, 8-bit/color RGBA, non-interlaced\012- data Hash70fedd44d410b65887c9f6df0d845590 618dd8bc391f3db32a66ecc1c57b3806a090f85c e8f4d87fa6effcb89cf84f0b013b383960d5d2f895d764fd2a5d1139171e2f51
GET /pJFVWRbu.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "29af7942bf3a72cfb625021651e4fcfc-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X557Y2DDGVH3QVT56Y4
content-length: 1190
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/etK.png | 34.141.55.250 | 200 OK | 20 kB |
URL HTTP/2buffaloenergy.netlify.app/etK.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data Hashee40fd0dfff2e35dbf1be4778ec96e48 5917ef08c0a084dc0262c4237a42e6142a89211d c58d4f1ffdfa980302ef809746e85cf397316b245fbaa69d0e90d6cb11f000c3
GET /etK.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "99ae23bc9719e58965855f1da0123fa2-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X6HGQGSMS3EWEKRH4PY
content-length: 20361
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash83943bda57986df0f10e1a5c96297530 67e6c7e24a7fb5ea8b3421d1847cf2bf38945d29 9b1284075d3de28d4323e770f0fcefe5dc668728584579e0cbc4f67681b83917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Server: ECS (amb/6BBC)
Content-Length: 278
|
|
| buffaloenergy.netlify.app/VAEm.png | 34.141.55.250 | 200 OK | 2.3 kB |
URL HTTP/2buffaloenergy.netlify.app/VAEm.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 605 x 100, 8-bit/color RGBA, non-interlaced\012- data Hashc6ea54bd780df46bcbd94abe78c11775 f0affbed367498b417ad74d5d24f76bb05cbd093 ca858425ea8ca1cc4be1683fb785742a2cd21d8f369863a726d318479f081311
GET /VAEm.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "a9a22f26bbdf62290ca66430fc472831-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X6M1QQHWAE0YNXF1828
content-length: 2314
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash83943bda57986df0f10e1a5c96297530 67e6c7e24a7fb5ea8b3421d1847cf2bf38945d29 9b1284075d3de28d4323e770f0fcefe5dc668728584579e0cbc4f67681b83917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=159026
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Etag: "63cbf012-116"
Expires: Mon, 23 Jan 2023 14:00:50 GMT
Last-Modified: Sat, 21 Jan 2023 14:00:50 GMT
Server: nginx
Content-Length: 278
|
|
| buffaloenergy.netlify.app/aBONd.png | 34.141.55.250 | 200 OK | 48 kB |
URL HTTP/2buffaloenergy.netlify.app/aBONd.png IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typePNG image data, 778 x 114, 8-bit/color RGBA, non-interlaced\012- data Hash9366a5e7b53a409035443ebf575796ae 9d26acbf2c4702def7185a924b9bc6c17524f939 3261b6b0cfbb79b95dc954ae1efc7e3d0bd2b637af09466c7a247cf2fc886444
GET /aBONd.png HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-type: image/png
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "4e40d270d232e45a8f6a5a831d05184c-ssl"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-nf-request-id: 01GQAQ7X6MSRQXT89TJBS262WT
content-length: 48370
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 278 B |
IP93.184.220.29:0
Hash83943bda57986df0f10e1a5c96297530 67e6c7e24a7fb5ea8b3421d1847cf2bf38945d29 9b1284075d3de28d4323e770f0fcefe5dc668728584579e0cbc4f67681b83917
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=159026
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Etag: "63cbf012-116"
Expires: Mon, 23 Jan 2023 14:00:50 GMT
Last-Modified: Sat, 21 Jan 2023 14:00:50 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 278
|
|
| 2.bp.blogspot.com/-YlNqX8InLcU/UAPJig9u0cI/AAAAAAAABH4/T8qGeR8uUgw/s1600/Angelito+Ang+Bagong+Yugto.jpg | 142.250.74.161 | 200 OK | 326 kB |
URL HTTP/22.bp.blogspot.com/-YlNqX8InLcU/UAPJig9u0cI/AAAAAAAABH4/T8qGeR8uUgw/s1600/Angelito+Ang+Bagong+Yugto.jpg IP142.250.74.161:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=3, software=Google], baseline, precision 8, 1307x809, components 3\012- data Size326 kB (326286 bytes) Hash0aa8cf534cca24112ae854bb3d1a2f68 65037a09fa25c7d314466ba9f15a50a3684c0b3a d518f65f6c111d6fa8069a0cae7bc9800fe3a600c30d6a52af9a86baef82b1ab
GET /-YlNqX8InLcU/UAPJig9u0cI/AAAAAAAABH4/T8qGeR8uUgw/s1600/Angelito+Ang+Bagong+Yugto.jpg HTTP/1.1
Host: 2.bp.blogspot.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v47e"
expires: Sun, 22 Jan 2023 17:50:24 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="Angelito Ang Bagong Yugto.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sat, 21 Jan 2023 17:50:24 GMT
server: fife
content-length: 326286
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 471 B |
IP142.250.74.131:0
Hashea5153a310c8aabd7482596ef2ab6d62 027d77622f558de94f201f4511788f22cbe76c74 c9cb290f34b5422f0ee976a1ed63f3dde0049a9804495f54de3298cfc42b3502
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| push.services.mozilla.com/ | 54.190.123.170 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.190.123.170:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: PdE2KrO4EeTsXpImj+6CdA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: /GVnvS2eXm3YiC422AqBhz1Agjc=
|
|
| i.pinimg.com/736x/08/1b/61/081b613cf3e04e9d4db61c59324419e2.jpg |  151.101.244.84 | 200 OK | 14 kB |
URL HTTP/2i.pinimg.com/736x/08/1b/61/081b613cf3e04e9d4db61c59324419e2.jpg IP151.101.244.84:0
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 320x180, components 3\012- data Hash7bfbbfc6108e263e76a2af107d78a11d 0313c078603a19ed9f3e405aa2057cd2d2ceb3f4 1f9acb2d847954ab4c07f6957333b8bc2c9f9d470e36b0de2bc724560160dfba
GET /736x/08/1b/61/081b613cf3e04e9d4db61c59324419e2.jpg HTTP/1.1
Host: i.pinimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
etag: "7bfbbfc6108e263e76a2af107d78a11d"
content-type: image/jpeg
cache-control: max-age=31536000, immutable
accept-ranges: bytes
vary: Origin
x-cdn: fastly
alt-svc: h3=":443";ma=600,h3-29=":443";ma=600,h3-27=":443";ma=600
date: Sat, 21 Jan 2023 17:50:24 GMT
content-length: 13910
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash98eb5e66413b0c350f2d06f284bbf7dd d7f5604f31b6dfcd4c247389102268382f2e69b4 6b6dd108fbeb0de3045691f52c9517de386d70c4c4cda6c136f2feb583caf6d5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5744
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:25 GMT
Last-Modified: Sat, 21 Jan 2023 16:14:41 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
|
|
| www.activewin.com/reviews/software/apps/ms/visio2010/images/Visio%206.jpg | 216.158.234.19 | 200 OK | 160 kB |
URL HTTP/1.1www.activewin.com/reviews/software/apps/ms/visio2010/images/Visio%206.jpg IP216.158.234.19:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2011:07:15 15:32:41], baseline, precision 8, 1680x1050, components 3\012- data Size160 kB (159856 bytes) Hasha73d258df48fff352c1c61682b5880d5 535c6d700f43ba9e3f56332536ed50df04f72083 e9269d726d22fa8025bb8374a6a7a93255a0b40412babc50a44db7a876b5aeb2
GET /reviews/software/apps/ms/visio2010/images/Visio%206.jpg HTTP/1.1
Host: www.activewin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
HTTP/1.1 200 OK
Content-Length: 159856
Content-Type: text/html; charset=windows-1255
Content-Location: http://www.activewin.com/reviews/software/apps/ms/visio2010/images/Visio%206.jpg
Last-Modified: Sat, 16 Jul 2011 20:22:42 GMT
Accept-Ranges: bytes
ETag: "ebc5b1df643cc1:57bd"
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Date: Sat, 21 Jan 2023 17:50:24 GMT
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 312 B |
IP93.184.220.29:0
Hash74065df2b5f18a15fc36a517dd58f271 21ee9e09dc35549d6f8ff8ce1b0367436896e839 17f49f312efb2c0250be2463a514d9082e676b12eac7c12e96479dc94cb0d950
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1229
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sat, 21 Jan 2023 17:50:25 GMT
Etag: "63cbd9a6-138"
Last-Modified: Sat, 21 Jan 2023 17:29:56 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 312
|
|
| buffaloenergy.netlify.com/ | 34.159.75.132 | 301 Moved Permanently | 69 B |
URL HTTP/2buffaloenergy.netlify.com/ IP34.159.75.132:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeHTML document, ASCII text Hash59f4b6628534ecd9909d6c45b77aff0d 6301adef5cad20ab8f4e6d024652fc40144aab4b a499f0700636796232c069bbc2f8f17bd7aa1b570cc43154631e81c8db3788f5
GET / HTTP/1.1
Host: buffaloenergy.netlify.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
content-type: text/html; charset=utf-8
location: https://buffaloenergy.netlify.app/
server: Netlify
x-nf-request-id: 01GQAQ7XXY6NAMBGJZZ0V3HS97
content-length: 69
date: Sat, 21 Jan 2023 17:50:25 GMT
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 21 Jan 2023 18:59:04 GMT
Date: Sat, 21 Jan 2023 17:50:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 21 Jan 2023 18:59:04 GMT
Date: Sat, 21 Jan 2023 17:50:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 21 Jan 2023 18:59:04 GMT
Date: Sat, 21 Jan 2023 17:50:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 21 Jan 2023 18:59:04 GMT
Date: Sat, 21 Jan 2023 17:50:26 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.77.32 | 200 OK | 503 B |
IP23.36.77.32:0 ASN#20940 Akamai International B.V.
Hash6033dad399355478c264e1c7c27e7f62 7d5546258015b8a834ee87b5a679be0545723e9d 5126b70d194535387e80aab563a02db1ade53c682b9db45eb533ff4001e6ed1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5126B70D194535387E80AAB563A02DB1ADE53C682B9DB45EB533FF4001E6ED1C"
Last-Modified: Fri, 20 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4118
Expires: Sat, 21 Jan 2023 18:59:04 GMT
Date: Sat, 21 Jan 2023 17:50:26 GMT
Connection: keep-alive
|
|
| nulnerk.top/?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 | 172.67.206.71 | 200 OK | 12 kB |
URL HTTP/2nulnerk.top/?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 IP172.67.206.71:0
File typeASCII text, with very long lines (619) Hasheb0fe59a37271c4fd376921b26d6954c e1f0bf9775674b06dd6baab79d176fa13476cb34 9526ce7ba2ea7ec548f1eb74c0991ebfa2d914dbde828b2b41b0d9add715429d
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 HTTP/1.1
Host: nulnerk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://buffaloenergy.netlify.app
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 17:50:24 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://buffaloenergy.netlify.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 86400
set-cookie: wLpypahlBB=1.1674409824; expires=Sun, 22-Jan-2023 17:50:24 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IxlMXqYA5SEE1AizCsBmiF%2BBfTNJz3iVN6R0df8qg%2Fcve6%2FkOCy7zjMx%2BbRCU3Z3%2BXTOaihAPSuACp4yPOdnIBshiQlSmq29B6DeEhxIVZhItjG6oyz0%2B6fMxzcHlQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d1e45c0ea3b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb08ef55971faa2683ab9f2af8a11dcec a46c748cccb714f05a068c2438181328b4fbd57a 1d073abf25fbea2d85f34076eae47f9e89502846815094f5288b8e80762a8fe4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcee2448b-66c5-48e7-89de-838393cf3f07.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11562
x-amzn-requestid: 67ff0d3d-ed43-4269-92f4-c3eb5445e9c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EyBEhzIAMFnCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4d9-27c6ebf6450d0e3275dad906;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:21 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8-aCSDcxTLree8fsGCxZEqY0272fNcqQEtHJ7aVAO6XjQRmjZXgqdw==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:18:04 GMT
age: 45142
etag: "a46c748cccb714f05a068c2438181328b4fbd57a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg | 34.120.237.76 | 200 OK | 6.4 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha1b8f3e0407b4d6e24afea546ca274e1 d8a70b23dba532ff8a44ebe4e12890efb5e0c584 24cb3abc9ffe27836d8e0bf2a1eff295d504e09b02237dc4dda938e012c49425
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc231c80e-1faf-4bd6-8ed6-fb607db0086d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6377
x-amzn-requestid: 065663fc-8bc2-4b83-a7e3-ad4e24f895f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e-EzgHCHIAMFvqA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c8b4e3-6bbc3fe80ba4a7de13b99982;Sampled=0
x-amzn-remapped-date: Thu, 19 Jan 2023 03:11:31 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mkifCnUT7O_yZUfHIFdGexUiYGMk8s_Whsfey8PcmGBUWygX-cnjQ==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 05:30:57 GMT
age: 44369
etag: "d8a70b23dba532ff8a44ebe4e12890efb5e0c584"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg | 34.120.237.76 | 200 OK | 8.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash893ea518ea7c11ec06ffea60b2ee7921 34675a13bbac6abd1b087e546425e141215cf072 675ec12ed5803fad5036cedc1a3b66229316836bb321b4ad3a34aab56a100ca7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F02d903ef-00fc-4f25-8b4f-138ec32359bf.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8698
x-amzn-requestid: 97c3bd04-2d8a-447e-85cb-376ea44b283c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e0K85GOQIAMFbPw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c4beb8-5b6517906d2f8bad6488e6f8;Sampled=0
x-amzn-remapped-date: Mon, 16 Jan 2023 03:04:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zUcc2zIMts-JnCwwag8FoDWQ78pUpTK3L9ChnXe1KxWgpoUdZiBGbw==
via: 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 13:48:55 GMT
age: 14491
etag: "34675a13bbac6abd1b087e546425e141215cf072"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52bd8cc-bd8d-41b6-8ab1-485e512fd00e.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52bd8cc-bd8d-41b6-8ab1-485e512fd00e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash95b85d1a68b345de03ba50469e93748c 0013c61dc65bc849fd182738c2d879e97aa379a6 ecc90632e243a7fe2fc43f66a2a8270332a5a678ddf9907dde636f704ad20cb2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd52bd8cc-bd8d-41b6-8ab1-485e512fd00e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4655
x-amzn-requestid: 16417762-4656-41b9-a37a-2552e8587af9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fD5VNEhjoAMF4cw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cb08ed-1b2a54434b352e1275403361;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 21:34:37 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: IYeccdSf2Xqyk8CC76LONtFvMGVkFxoSESjgdB4hAgdiq0Ftg7YZrA==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 20 Jan 2023 21:39:27 GMT
age: 72659
etag: "0013c61dc65bc849fd182738c2d879e97aa379a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg | 34.120.237.76 | 200 OK | 7.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash332e9c85e1817bc0290eb274b63041a1 fa714e6e92bc9af7b1af52322d1f83ed6aa13694 071a92737a107f3d1bd447239236a8f61a2db0fecf9a02458acfa92b01669546
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F128df721-be42-4d48-ad3c-42bf5352ec7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7158
x-amzn-requestid: 8c56873f-f2b3-486c-9591-02f6aacf4cde
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: euIysGYsoAMFvJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c254dd-5b15feba47bb8d704428a26a;Sampled=0
x-amzn-remapped-date: Sat, 14 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ylyM3aRR-xpoakz1Yciy7EOyzRBg7tPUCRavAkav6KfweW5WBF9FpA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 21 Jan 2023 11:29:54 GMT
age: 22832
etag: "fa714e6e92bc9af7b1af52322d1f83ed6aa13694"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html | 34.141.55.250 | 200 OK | 0 B |
URL HTTP/2buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /adobe/teleserye-on-tv-full-episode.html HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
age: 2
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 17:50:23 GMT
etag: "4eefbfa0169ebbe5915bdd9dc16d6113-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GQAQ7WN9RVK379FP32ZVQZNR
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/style.css | 34.141.55.250 | 200 OK | 0 B |
URL HTTP/2buffaloenergy.netlify.app/style.css IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
GET /style.css HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/css; charset=UTF-8
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: "8dfdb07ab0b121230f2015daf3557492-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GQAQ7WXCRXZCK48KAEBV7KT2
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/favicon.ico | 34.141.55.250 | 404 Not Found | 0 B |
URL HTTP/2buffaloenergy.netlify.app/favicon.ico IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
GET /favicon.ico HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/adobe/teleserye-on-tv-full-episode.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
age: 2
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 21 Jan 2023 17:50:24 GMT
etag: 1560109752-ssl-df
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GQAQ7XMKD5YKMK8H1TS84S8H
X-Firefox-Spdy: h2
|
|
| nulnerk.top/?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 | 172.67.206.71 | 200 OK | 0 B |
URL HTTP/2nulnerk.top/?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 IP172.67.206.71:0
| Analyzer | Verdict | Alert |
|---|
| fortinet | Malware | |
GET /?blX=QlpXQ0hfVFUSQhNdUxcAChdKWV8eEV1UVBEASktVGFxYGBVBG1ATDggTAEUMF14BBx8LAR5VFH1/WlEUHgYdAQYCWBsDGlROAVZIYDZIHScmdXd5 HTTP/1.1
Host: nulnerk.top
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://buffaloenergy.netlify.app
Connection: keep-alive
Referer: https://buffaloenergy.netlify.app/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 21 Jan 2023 17:50:24 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://buffaloenergy.netlify.app
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: X-Requested-With
access-control-allow-credentials: true
access-control-max-age: 86400
set-cookie: tJVntsKRSK=1.1674409824; expires=Sun, 22-Jan-2023 17:50:24 GMT; Max-Age=86400; path=/
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aDkgpg99HEwreUtSd7B1RZeCMhz%2FK2mpX2uZl3EOaUhn7Ok910W6x%2BlSgvzLeeUyOKIJgyfIbGF12Ml6e3gelda108kZ8iTbC3yD0w04%2BEuYVSpOwC87JOqKlbLgcw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78d1e45c0ea6b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
| buffaloenergy.netlify.app/ | 34.141.55.250 | 200 OK | 0 B |
URL HTTP/2buffaloenergy.netlify.app/ IP34.141.55.250:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
GET / HTTP/1.1
Host: buffaloenergy.netlify.app
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Referer: https://buffaloenergy.netlify.app/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
age: 0
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=UTF-8
date: Sat, 21 Jan 2023 17:50:25 GMT
etag: "cb0c8cb977e973c44070c7f7164463b2-ssl-df"
server: Netlify
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-nf-request-id: 01GQAQ7XZACGNP3506K49185SQ
X-Firefox-Spdy: h2
|
|