Overview

URL poocolin-apbp.us/
IP190.115.18.159
ASNDDOS-GUARD CORP.
Location Belize
Report completed2022-10-04 12:40:46 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS
Scan Date Severity Indicator Comment
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed
2022-10-04 2 poocolin-apbp.us Sinkholed


Files

URL ocsp.pki.goog/gts1c3
IP  142.250.74.3
Magic gzip compressed data, max compression\012- data
Size 1186
MD5 59d870bbfd5da064fb373b23c60670d5
SHA1 5a15162621874a6d9e8b603f60c67c10ad84b859
SHA256 28b36aefb95579b2b7265e9aa32afee05ce0dc76fe792c16b59ff70ae200bf6a
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (18)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-27 20:08:30 UTC 2022-10-04 11:13:37 UTC 143.204.55.35
mnemonic passive DNS r3.o.lencr.org (4) 344 2020-12-02 08:52:13 UTC 2022-10-04 04:17:22 UTC 23.36.77.32
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-04 04:16:51 UTC 34.117.237.239
mnemonic passive DNS e1.o.lencr.org (2) 6159 2021-08-20 07:36:30 UTC 2022-10-04 05:14:55 UTC 23.36.77.32
mnemonic passive DNS cloudflareinsights.com (3) 84344 2020-10-23 05:27:50 UTC 2022-10-04 09:49:12 UTC 172.64.156.26
mnemonic passive DNS poocolin-apbp.us (19) 0 2022-10-02 07:23:35 UTC 2022-10-04 04:31:09 UTC 190.115.18.159 Unknown ranking
mnemonic passive DNS ocsp.pki.goog (4) 175 2017-06-14 07:23:31 UTC 2022-10-04 04:17:09 UTC 142.250.74.3
mnemonic passive DNS ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-10-04 07:51:20 UTC 93.184.220.29
mnemonic passive DNS api1.poocoin.app (1) 136044 2021-05-06 05:22:52 UTC 2022-10-03 13:24:41 UTC 104.22.4.222
mnemonic passive DNS ocsp.sca1b.amazontrust.com (2) 1015 2017-03-03 15:20:51 UTC 2019-03-27 04:05:54 UTC 54.230.245.110
mnemonic passive DNS bsc-dataseed1.defibit.io (6) 69102 2021-04-13 13:01:35 UTC 2022-10-03 09:39:01 UTC 13.248.174.76
mnemonic passive DNS fonts.gstatic.com (2) 0 2014-08-29 13:43:22 UTC 2022-10-04 09:46:16 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-04 04:18:32 UTC 34.120.237.76
mnemonic passive DNS static.cloudflareinsights.com (1) 1294 2019-09-24 14:34:56 UTC 2022-10-04 07:04:41 UTC 172.64.156.26
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-04 04:29:41 UTC 143.204.55.49
mnemonic passive DNS metamask.io (1) 81413 2015-11-15 17:16:41 UTC 2022-10-04 11:17:52 UTC 185.199.111.153
mnemonic passive DNS fonts.googleapis.com (1) 8877 2013-06-10 20:14:26 UTC 2022-10-04 11:55:48 UTC 142.250.74.10
mnemonic passive DNS unpkg.com (1) 11693 2016-01-07 23:26:01 UTC 2022-10-04 06:08:28 UTC 104.16.124.175


Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 190.115.18.159

Date UQ / IDS / BL URL IP
2022-10-28 04:33:40 +0000
0 - 0 - 3 www.git.cddlknqkbfgnj2pl3aug.coinmarket-sign- (...) 190.115.18.159
2022-10-28 02:52:01 +0000
0 - 0 - 7 coinmarket-account.cc/connect/reset/ 190.115.18.159
2022-10-27 13:55:42 +0000
0 - 0 - 8 coinnjmarketcap.us/connect/reset/ 190.115.18.159
2022-10-27 13:55:05 +0000
0 - 0 - 8 bscscan-view.info/connect/reset/ 190.115.18.159
2022-10-27 13:30:44 +0000
0 - 0 - 2 bsccscan.us/connect/reset/ 190.115.18.159

Last 5 reports on ASN: DDOS-GUARD CORP.

Date UQ / IDS / BL URL IP
2022-12-08 17:04:54 +0000
0 - 0 - 3 pokemon-go.io/pokemongame.exe 186.2.161.20
2022-12-08 06:58:58 +0000
0 - 0 - 7 kemono.party/patreon/user/49509505/post/66693223 190.115.31.142
2022-12-07 21:19:44 +0000
0 - 0 - 43 library.polkastqrtter.com/ 190.115.27.171
2022-12-07 13:45:32 +0000
0 - 0 - 7 shapeshifpt.click/connect/reset/ 186.2.171.6
2022-12-07 07:12:27 +0000
0 - 0 - 12 190.115.18.20/serie/stream/wednesday/staffel- (...) 190.115.18.20

Last 1 reports on domain: poocolin-apbp.us

Date UQ / IDS / BL URL IP
2022-10-04 12:40:46 +0000
0 - 0 - 19 poocolin-apbp.us/ 190.115.18.159

Last 5 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-06 00:36:10 +0000
0 - 0 - 30 poolcoin-aapp.us/ 190.115.18.159
2022-10-04 14:52:30 +0000
0 - 0 - 20 www.poocoiln-aqpp.us/ 190.115.18.159
2022-09-28 19:24:02 +0000
0 - 0 - 27 poocoinz-swaep.us/ 190.115.18.159
2022-09-28 06:05:09 +0000
0 - 0 - 19 www.poocoinz-aptp.us/ 190.115.18.159
2022-09-26 05:41:40 +0000
0 - 0 - 16 poocoin-appd.info/ 190.115.18.159


JavaScript

Executed Scripts (11)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (58)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 11:40:45 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: u00jCaKOs_T8JiQzgUXcu4GdPddjPHoR9ICziNp6DZe9ifz-3AB-HA==
Age: 3588


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            GET / HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                         
                                         190.115.18.159
HTTP/1.1 301 Moved Permanently
Content-Type: text/html; charset=utf8
                                        
Server: ddos-guard
Date: Tue, 04 Oct 2022 12:40:34 GMT
Connection: keep-alive
Keep-Alive: timeout=60
Location: https://poocolin-apbp.us/
Content-Length: 568


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (564), with no line terminators
Size:   568
Md5:    2761b98db33884ab29711096ab315edb
Sha1:   8cea6e53464aea178b72e06a906205d040f14ca5
Sha256: 9f7a07f69d9b9a5af186a79159ccea18935ab4103128ca967e3f3f8ae45fb3ee

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5568
Expires: Tue, 04 Oct 2022 14:13:22 GMT
Date: Tue, 04 Oct 2022 12:40:34 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.49
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Tue, 04 Oct 2022 05:28:28 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 f46f7100ad6fc83a021f62212f945830.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EOtht4CsEPywIPQ0qbf27M8iwRBURcabQ6HdbYrVajNbx5nFz7eHpA==
age: 25927
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    6113f8408c59aebe188d6af273b90743
Sha1:   7398873bf00f99944eaa77ad3ebc0d43c23dba6b
Sha256: b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Tue, 04 Oct 2022 12:40:34 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "8DFAF17FD0DF43B24F11AC2F4C8972856E83B572E5D6D2087CB282B1E3057262"
Last-Modified: Sun, 02 Oct 2022 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21545
Expires: Tue, 04 Oct 2022 18:39:40 GMT
Date: Tue, 04 Oct 2022 12:40:35 GMT
Connection: keep-alive

                                        
                                            GET / HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/html
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
set-cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA; Domain=.poocolin-apbp.us; HttpOnly; Path=/; Expires=Wed, 04-Oct-2023 12:40:35 GMT
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:31 GMT
etag: "3936-5ea1dd02b8deb-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 5149
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (926)
Size:   5149
Md5:    2d9ca996ed82289243971643a7dc9931
Sha1:   8973cf49caad1e78845a4759e27cbe5ed2d6ca39
Sha256: 865bc62b2d5c7a816e86385072de9a8ce9a77a12aac0abf42380cd43927fdc8c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:40:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /charts1/charting_library/charting_library.js HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3564
ddg-cache-status: MISS,MISS
etag: W/"31cc-5ea1dcfe12711-gzip"
age: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (12747)
Size:   3564
Md5:    c96efe582157aecff3aa023f788925fd
Sha1:   22314ee7ea9e23f50ea149dd54a43ed23fb5a7b6
Sha256: 8fdc8efd71f8e71ef136d7b6467e5f22a564ddcff00781abbf96ea43a484355e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/css/5.ccb64771.chunk.css HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:12 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 4029
ddg-cache-status: MISS,MISS
etag: W/"4d5d-5ea1dcf10e6a1-gzip"
age: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (19582)
Size:   4029
Md5:    e7dc52bcb8325548fb746eda0ba1e579
Sha1:   164a026e933a2184bb36fe3122d86a0fe44144d6
Sha256: 95e025d8b7e484e4f24d1988ac34f1f815a000585762a573d2ed4d3ffb49acc0

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /charts1/datafeeds/udf/dist/polyfills.js HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:26 GMT
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-length: 3300
ddg-cache-status: MISS,MISS
etag: W/"2595-5ea1dcfe9d1d0-gzip"
age: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (9620)
Size:   3300
Md5:    d49f236058e599fb4c6354408011e560
Sha1:   4a3a138be3843294051efb429c6e255088abf9b3
Sha256: 5e88e5d0b56b7a15fe2b071b453caeb1034359bc5548a4c92e0da77ac96834aa

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:40:35 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /icons/icon-256x256.png HTTP/1.1 
Host: metamask.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         185.199.111.153
HTTP/2 200 OK
content-type: image/png
                                        
server: GitHub.com
last-modified: Tue, 04 Oct 2022 02:50:57 GMT
access-control-allow-origin: *
etag: "633b9f91-1f63"
expires: Tue, 04 Oct 2022 11:55:05 GMT
cache-control: max-age=600
x-proxy-cache: MISS
x-github-request-id: 0806:2F17:9931C1:9DD2FC:633C1CC1
accept-ranges: bytes
date: Tue, 04 Oct 2022 12:40:35 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1663-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1664887235.287039,VS0,VE102
vary: Accept-Encoding
x-fastly-request-id: f14e6ef763e32199ba60af0007cabc7be6fe51e3
content-length: 8035
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 256 x 256, 8-bit/color RGBA, non-interlaced\012- data
Size:   8035
Md5:    0f1e6b56059a85e4037c274c0d3fde27
Sha1:   50d3443c39ed8fff82e68277a2214640572465da
Sha256: c8bad732ba3e66232cc638880859fb94beb242bc82ac197565d2d6783064f8b1
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         143.204.55.35
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 12:29:33 GMT
Expires: Tue, 04 Oct 2022 13:17:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: mmrxXTxiPgVsMwYWxiC3ISe9jYhLb2igxhx4nYETcudvEc_KJ5kScg==
Age: 662


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 5482
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:40:35 GMT
Last-Modified: Tue, 04 Oct 2022 11:09:13 GMT
Server: ECS (ska/F70E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /ajax/ext?id=6d9ab90147be5f890eff071374fd38ab HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 6034
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (15218), with no line terminators
Size:   6034
Md5:    829a29ed367fc8e36a089af20f9b72e5
Sha1:   dc20ab2dce4b52b1ba3752155d302fd5adb9fcfb
Sha256: 3072412aec91e0cf18298178684bc57c0b418fce1c98bbd3020e170f280f6a39

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ajax/ext?id=1b7352fa0c25f70e314d29a96982f8b2 HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 30902
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65447)
Size:   30902
Md5:    31d53c8cdce8012a24abc8e84aa972e5
Sha1:   7287b1ec5d88304ba44fc1958b8de9596274c4e3
Sha256: 1b72bc7f54bc9170e605f6c4bb5529668c4ee3efeee602fdb63036b45b49f41c

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ajax/ext?id=f86c1b475f0cea8668420bb05ee9a670 HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
vary: Accept-Encoding
content-encoding: gzip
content-length: 1041
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (757)
Size:   1041
Md5:    527596b9914f7c946e7271a224e46f7c
Sha1:   5487ee6b60acba543b8f7985cd20e1afca849c81
Sha256: edf4f2d3d355369fbb5714016e590005ed8152f2f7915e068ad5a4ac07315860

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 04 Oct 2022 12:40:35 GMT
date: Tue, 04 Oct 2022 12:40:35 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   564
Md5:    301b7f4592fe7f17f916efae802852bc
Sha1:   e39d5d11c8c2cfa49d8cfbb3c1fab3b13a62b6df
Sha256: 84b1040fb0562c5f913039805de75f36759019450bb746cfdb828217df0fdd24
                                        
                                            GET /images/logo/poocoin512.png HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: image/png
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:36 GMT
last-modified: Mon, 03 Oct 2022 09:17:34 GMT
accept-ranges: bytes
content-length: 36527
ddg-cache-status: MISS,MISS
etag: "8eaf-5ea1dd05f30a7"
age: 0
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   36527
Md5:    ac9f1ca0c655226c6e7ee8ac5daea6ce
Sha1:   dbd1f44751a0cd7cc79bd53ab5084a6b7375a217
Sha256: b66b609676de60e3f5292ac6ff0165e8fa8cd26c1195c09b7bf2e3f485fb199b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/js/5.8d78701f.chunk.js HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:20 GMT
etag: W/"84f71e-5ea1dcf911317-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (317)
Size:   975273
Md5:    9eed4369a12765a125a3096184338971
Sha1:   d38e75fd3bcfe8656c5e9c5e4874a7ee7c96e353
Sha256: 66e5b6bc10aca4c286b8f833e6310554dd27a15e078243c00ee0ef34bef9fce8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E66709A8A2F684A491A9BFFB807462F0533346A318B2C3FC4A4CEC9503F18FEF"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Tue, 04 Oct 2022 16:01:10 GMT
Date: Tue, 04 Oct 2022 12:40:36 GMT
Connection: keep-alive

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:40:36 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "E66709A8A2F684A491A9BFFB807462F0533346A318B2C3FC4A4CEC9503F18FEF"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12034
Expires: Tue, 04 Oct 2022 16:01:10 GMT
Date: Tue, 04 Oct 2022 12:40:36 GMT
Connection: keep-alive

                                        
                                            GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23040
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:10:21 GMT
expires: Wed, 27 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 588615
last-modified: Tue, 26 Apr 2022 15:56:42 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data
Size:   23040
Md5:    de69cf9e514df447d1b0bb16f49d2457
Sha1:   2ac78601179c3a63ba3f3f3081556b12ddcaf655
Sha256: c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
                                        
                                            GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 27 Sep 2022 17:10:21 GMT
expires: Wed, 27 Sep 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 588615
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Size:   23580
Md5:    e1b3b5908c9cf23dfb2b9c52b9a023ab
Sha1:   fcd4136085f2a03481d9958cc6793a5ed98e714c
Sha256: 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
                                        
                                            OPTIONS /ads HTTP/1.1 
Host: api1.poocoin.app
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         104.22.4.222
HTTP/2 200 OK
content-type: text/plain;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 12:40:36 GMT
content-length: 0
access-control-allow-origin: https://poocoin.app
access-control-allow-headers: *,Accept,Content-Type,Content-Length,Accept-Encoding,Origin,Referer,User-Agent
access-control-allow-methods: *,GET,POST,OPTIONS
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dfcaeeb4bb4f7-OSL
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Tue, 04 Oct 2022 12:40:37 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   1186
Md5:    59d870bbfd5da064fb373b23c60670d5
Sha1:   5a15162621874a6d9e8b603f60c67c10ad84b859
Sha256: 28b36aefb95579b2b7265e9aa32afee05ce0dc76fe792c16b59ff70ae200bf6a

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:40:37 GMT
Last-Modified: Tue, 04 Oct 2022 11:34:02 GMT
Server: ECS (nyb/1D13)
X-Cache: Miss from cloudfront
Via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 29iulkUHPz_zFvkfl7ku4EZoNFYHzGVc-67dwVLKovir61zr7cpXcg==
Age: 3995

                                        
                                            OPTIONS / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         13.248.174.76
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:40:37 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "E8E5212B8D90257F23BDB0D1D643B5E7D7528D964056C3A4A269B5E09F409F2D"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4129
Expires: Tue, 04 Oct 2022 13:49:26 GMT
Date: Tue, 04 Oct 2022 12:40:37 GMT
Connection: keep-alive

                                        
                                            GET /ajax/ext?id=9a998401d6af5d90b5bfb820e05b0c04 HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/ajax/ext?id=8c00fd7f84393f0105f5fcdc14ba4d95
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:36 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (23858)
Size:   144417
Md5:    8d927e9d860f3183b33b8abd123b983e
Sha1:   b3fb11f70312930a6b0b15be5acf8fe6b108ee45
Sha256: ea9e95c96b62ae8b0c5c988ee7a0dc4ed4b02adb9f55c2d54391457de487549f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /cdn-cgi/rum HTTP/1.1 
Host: cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.156.26
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
access-control-allow-origin: https://poocolin-apbp.us
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 754dfcafe9e9fac4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962fb2a2-ad40-48cf-87a7-de082c564a5e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8534
x-amzn-requestid: 8ae51cd3-697b-47ed-8493-8f83e2bc7469
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHuHlXoAMFucg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-165d72034440cf810d42f3bd;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LPt8LUVoKhXjfz-jZHLmnWD15tQgSLRaxl-Bsl0UU83G7wm3jj7_mg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:37:24 GMT
age: 50593
etag: "2b9f6828a38da81b40dcad033572e48b4c5896db"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8534
Md5:    f2287c489794dab0e9ba923a2057988f
Sha1:   2b9f6828a38da81b40dcad033572e48b4c5896db
Sha256: e853fa2acf2425d14cb9746e8bbd45c8765598d2bb630859086b4668182dbf6c
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p5nOqBojKO6S-c_DxIu8B3p-NK0pzRHkz0DOPeyv7PQt9h0x1jdtoQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:55:54 GMT
age: 53083
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   9917
Md5:    d8c08f8066cc732de8befd6ccd629a95
Sha1:   22aab05208a01ae5def4d63dc145085630f57bcb
Sha256: f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MiSh_FjAciKCaOakY2mM_EHBN1Z6GIDYIP8mwS4ikkrToQN3Ktsv2g==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:56:46 GMT
age: 53031
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4858
Md5:    6779181f9c06975f2a662da743893939
Sha1:   585e7146fd24cdc2496b05baafea04091dc541e2
Sha256: 8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: Ovm2wuk28PygH4EZNEUoPchoHQggWCyXbYHOjMV1tZmfyDrL6PjPZA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:29:19 GMT
age: 51078
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5504
Md5:    6c6882c60d7ca6f918c77104e3ad1d52
Sha1:   20ef861be49c652a938e0145e4ca3a60159367e2
Sha256: 861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22873375-e381-41ee-a4b6-18ad56172e59.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8508
x-amzn-requestid: 63afa079-f66e-428a-b491-c5859aed2e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZJFU9EknoAMF1uA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63338285-54f784262318d7ca0e560d44;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 23:08:53 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: GWTKxBPZnk_dqf9onY05WB16ubdsa93FcrjpqVxBrqBbCZXLSk_HHg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 14:41:51 GMT
age: 79126
etag: "a98da6b6ce993bd8f3b58ba42915cd9c4b45946c"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8508
Md5:    515e23ff5ef0fc336ac5ec7fd31dfacd
Sha1:   a98da6b6ce993bd8f3b58ba42915cd9c4b45946c
Sha256: 77c186eb00def4a978d1bfd9eac755f70bf465f622991aaf6681227aec3e118a
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: tJwzKfs7HnQ7dVcINwnlzxTChXiEi4JPj8jrS8p5KhurRx_o3ZVOZQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 9c675215120a4ade8754c4357ef2f3ea.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 22:10:59 GMT
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
age: 52178
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   11955
Md5:    54b3ef7aa50273b78b59c24511b0c1f9
Sha1:   e2ea2ef6805e391c497e62e101e76a0bdecfce64
Sha256: 296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
                                        
                                            POST /cdn-cgi/rum HTTP/1.1 
Host: cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 7090
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.156.26
HTTP/2 200 OK
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
server: cloudflare
cf-ray: 754dfcafe9f0fac4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 22504, version 1.0\012- data
Size:   22504
Md5:    1c6c65523675abc6fcd78e804325bd77
Sha1:   898d9808304dc157f5dcb18ca169ec6e2b96b3d7
Sha256: 08664859baab5ed98f0bf818ed77e38464ff1826dc6406d5ecbd651409afbd92
                                        
                                            POST / HTTP/1.1 
Host: ocsp.sca1b.amazontrust.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         54.230.245.110
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 04 Oct 2022 12:40:37 GMT
Last-Modified: Tue, 04 Oct 2022 10:52:30 GMT
Server: ECS (bsa/EB1F)
X-Cache: Miss from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: v9GAabc8R2DZtIqRlowpj-0gKZLqeUI8why82pWACMtZISeV8HItkQ==
Age: 6487

                                        
                                            GET /images/logos/telegram.svg HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:37 GMT
last-modified: Mon, 03 Oct 2022 09:17:34 GMT
etag: W/"2b5-5ea1dd0648007"
accept-ranges: bytes
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (693), with no line terminators
Size:   13639
Md5:    d49dfab746a8fcce135818bc8b5b9d30
Sha1:   776b926d6b3f96494289d57c43b4107f909c4591
Sha256: efe720aa45ef4c7b6e74dba38e9bcb6204afb93f592fd1ac98150f13532f7439

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.248.174.76
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

                                        
                                            OPTIONS / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.248.174.76
HTTP/2 204 No Content
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
X-Firefox-Spdy: h2

                                        
                                            POST / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 328
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.248.174.76
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   83
Md5:    26320db1852d26f6795f0bb101a72656
Sha1:   f3970db04fa52cab2266673caed61930f31e9a62
Sha256: ae4cbd7af0f76596aad07a490fd285123037469b265c26c0b4b9f37c1960482f
                                        
                                            POST / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 4168
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.248.174.76
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /aos@2.3.1/dist/aos.css HTTP/1.1 
Host: unpkg.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         104.16.124.175
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
date: Tue, 04 Oct 2022 12:40:35 GMT
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Thu, 17 May 2018 22:11:13 GMT
etag: W/"65c5-BVfTdFS2f0LyyxAeV+UHD7EZNXA"
via: 1.1 fly.io
fly-request-id: 01G754J040XBCARD93ACQA76A4-fra
cf-cache-status: HIT
age: 7930908
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 754dfca43966b511-OSL
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /charts1/datafeeds/udf/dist/bundle.js HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:26 GMT
etag: W/"2f8d-5ea1dcfe7fd10-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /icons/android-icon-192x192.png HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:36 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ajax/ext?id=8c00fd7f84393f0105f5fcdc14ba4d95 HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:36 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/js/main.73ab8857.chunk.js HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: application/javascript
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:21 GMT
etag: W/"107730-5ea1dcf97f8b6-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ajax/ext?id=52bd2e74d8b078528d3c952ba6ffed94 HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            OPTIONS /cdn-cgi/rum HTTP/1.1 
Host: cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://poocolin-apbp.us/
Origin: https://poocolin-apbp.us
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.156.26
HTTP/2 200 OK
content-type: text/plain
                                        
date: Tue, 04 Oct 2022 12:40:43 GMT
access-control-allow-origin: https://poocolin-apbp.us
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-max-age: 86400
vary: Origin
access-control-allow-credentials: true
server: cloudflare
cf-ray: 754dfcd80c32fac4-OSL
x-frame-options: DENY
x-content-type-options: nosniff
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /beacon.min.js HTTP/1.1 
Host: static.cloudflareinsights.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.156.26
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
                                        
date: Tue, 04 Oct 2022 12:40:35 GMT
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/2021.12.0
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 754dfca43b66b51e-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /icons/favicon-16x16.png HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 404 Not Found
content-type: text/html; charset=iso-8859-1
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:36 GMT
content-encoding: br
vary: Accept-Encoding
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /static/css/main.2c6bf9ed.chunk.css HTTP/1.1 
Host: poocolin-apbp.us
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Cookie: __ddg1_=C3Hpt7CDpgQW0pgGnMmA
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

                                         
                                         190.115.18.159
HTTP/2 200 OK
content-type: text/css
                                        
server: ddos-guard
content-security-policy: upgrade-insecure-requests;
date: Tue, 04 Oct 2022 12:40:35 GMT
last-modified: Mon, 03 Oct 2022 09:17:15 GMT
etag: W/"70d92-5ea1dcf3d941d-gzip"
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: br
age: 0
ddg-cache-status: MISS,MISS
X-Firefox-Spdy: h2


--- Additional Info ---

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: bsc-dataseed1.defibit.io
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 328
Origin: https://poocolin-apbp.us
Connection: keep-alive
Referer: https://poocolin-apbp.us/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         13.248.174.76
HTTP/2 200 OK
content-type: application/json; charset=utf-8
                                        
date: Tue, 04 Oct 2022 12:40:37 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
access-control-max-age: 600
x-nr-trace-id: 00000000000000000000000000000000
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubdomains
content-encoding: br
X-Firefox-Spdy: h2


--- Additional Info ---