firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash b593eb39329cfe060d55be5e4a5405e2
78e46c1028e9f94f8569303ad2d90d7df13a059a
08a810103557efe55ca4425ff0cf82593f1f54633df899127eaec9bee05d4d04
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, Alert, Content-Length, Content-Type, Backoff
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 08 Sep 2022 21:05:27 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 dbfaae0db03f11cf713bbcbdb25be4a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eiMkPd7e7F03xnUtg_eVXjfJs2hQ8KMZbQGx23mb4NK9h03ytzUauA==
Age: 3303
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash b9adda4796e3cda8d92753c46964621c
5f1eba1f6085b23dea088a91fe6f8947172f9f62
a0577a8fcfa81b3f86d99566eb4429655b93a238ffd1a3752bc9aae3d969deea
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A0577A8FCFA81B3F86D99566EB4429655B93A238FFD1A3752BC9AAE3D969DEEA"
Last-Modified: Tue, 06 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5695
Expires: Thu, 08 Sep 2022 23:35:25 GMT
Date: Thu, 08 Sep 2022 22:00:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
143.204.55.49200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP 143.204.55.49:0
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Thu, 08 Sep 2022 03:46:35 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 8ddb6d7670d8c5a85c04a10525a71b90.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 5A_LT4DhfWy5t6MZWHRhrEL--6fY7YLVPMUDqvbSnDYrR-2nk2orhg==
age: 65636
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:30 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/?null
49.12.243.70301 Moved Permanently 162 B URL HTTP/1.1 jolly-lovelace.49-12-243-70.plesk.page/web1/?null
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /web1/?null HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 08 Sep 2022 22:00:30 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e3acb0d198d04f1173dce30baed74d90
bf1d3d43c846311ff8977ef2253e2cdbf483b943
8300eb7ac67c6e28c23877db507ff259a574de25d0534e989ae53305facc568e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8300EB7AC67C6E28C23877DB507FF259A574DE25D0534E989AE53305FACC568E"
Last-Modified: Tue, 06 Sep 2022 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17387
Expires: Fri, 09 Sep 2022 02:50:18 GMT
Date: Thu, 08 Sep 2022 22:00:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Thu, 08 Sep 2022 21:38:18 GMT
Cache-Control: max-age=3600
Expires: Thu, 08 Sep 2022 22:15:17 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: iv1LC46JRkWditepof53PWM09BBiuDl9DYg9ZbR7TY4BlKSvLoDxrw==
Age: 1333
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 042105f89c8d64b470d84e052cd412d1
a26c7e2559b3760ea2765b16a3f8d1be27f5dcf4
fadb8cdd22f4d7773d5c20d576f6400ab25e20e1efe3e3fe50d2ae39ca6f2725
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6279
Cache-Control: max-age=129053
Content-Type: application/ocsp-response
Date: Thu, 08 Sep 2022 22:00:31 GMT
Etag: "6319a295-1d7"
Expires: Sat, 10 Sep 2022 09:51:24 GMT
Last-Modified: Thu, 08 Sep 2022 08:06:45 GMT
Server: ECS (ska/F715)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.149.101.24101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.149.101.24:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ERm7Cn4wVidfalzaqgiuTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: S0YgqurvyM8Dm6j9g/rt2M6UzHw=
jolly-lovelace.49-12-243-70.plesk.page/web1/images/youtube-new.svg
49.12.243.70200 OK 1.4 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/youtube-new.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (971)
Hash 376247a0b06e705c758fe04978ea9df5
90d50c682c2ea23a9d26926c6eb3d849b7b94661
acd3eaf2b608fb48f9915964c36772b322ad91106508c4490e2a72122db4d347
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/youtube-new.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 1412
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-584"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/dhl-logo.svg
49.12.243.70200 OK 1.6 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/dhl-logo.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3fecc9db35d5d2a9e6e71ab4b02d22e5
628ba2f505b480097445aaf08649a08242bd6847
362bcaa42090e36611031bec6bdaa0600375ef847092cca195c58d3bae9b4419
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/dhl-logo.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 1603
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-643"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/glo-footer-logo.svg
49.12.243.70200 OK 12 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/glo-footer-logo.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (656)
Hash d1b0e043744fd642282117a03d308b17
d8abe7a0887b804e516c45a344c542e291a1a84b
5162de2ee844a80d76b7d7514c02ab7d5de72a5966113323d80eb56bf6ded038
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/glo-footer-logo.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 11968
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-2ec0"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/facebook-new.svg
49.12.243.70200 OK 1.4 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/facebook-new.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (963)
Hash 259d8928a7fd5329b3d7fd80eca2ea2f
a6337de5ff5761b39a319cd7ec3f8b10f201d066
43027752f5a04142e6518a4fd8ef54e7e73cfba7820da9c03c1ad38835f04fe2
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/facebook-new.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 1406
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-57e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/instagram-new.svg
49.12.243.70200 OK 4.4 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/instagram-new.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (4063)
Hash 6bacee3de5538dd4a1bb6394ddb18ca3
c055e3d12ccb7676fe47ab1895380177551918b7
2b7033274e2d189caaebe5e75931b4a5a2e9e1d1ca297e56a99e5e5ef987adba
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/instagram-new.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 4361
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-1109"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/linkedIn-new.svg
49.12.243.70200 OK 1.6 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/linkedIn-new.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1204)
Hash 43efff953a2a3baf6a2ef0528f55dc07
b510bc0512da7d96cdf29a0f1e343319095776de
c32f1a0f5b093b6b2c8f5df0bf93856359769ee6bbab40975043cd133711d528
Analyzer Verdict Alert fortinet Phishing
GET /web1/images/linkedIn-new.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/svg+xml
content-length: 1647
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-66f"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
49.12.243.70200 OK 41 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-274a65bae9742377aaf010bb1a7de971.woff
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41084, version 1.66\012- data
Hash 03f859bf58e4d37841070de34be7d978
3436d4fa17e7ee470c3d62b08787cfa7de408408
5af5c3746b03792640b9cafdabddfb2c5407f72988e128541a88fa439607d940
Analyzer Verdict Alert fortinet Phishing
GET /web1/css/fonts/default-274a65bae9742377aaf010bb1a7de971.woff HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/font-woff
content-length: 41084
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-a07c"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
49.12.243.70200 OK 9.3 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 9316, version 1.0\012- data
Hash 9355df62a665ef9249036bbccad8c54c
6b7779a10187a1a7473f604fbe3db96350868c6a
6d051536af97fbd33fae0683a1b6ce3749757ab43c8ee8c89295755fd4595807
Analyzer Verdict Alert urlquery Phishing - DHL
fortinet Phishing
GET /web1/css/fonts/iconfont-e7bece496cd0e6d60e456bc2b48c9446.woff HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/font-woff
content-length: 9316
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-2464"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-3e828e80f6e985c352eba4474518978d.woff
49.12.243.70200 OK 44 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-3e828e80f6e985c352eba4474518978d.woff
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 44260, version 1.66\012- data
Hash 4a350e02a03ac62e72e9ea575b31ce84
d47b03b96b6e7034a1473a293bb594e597a41dc2
87c40e3961e21f759770615ae67568a3de3ec6e0735f1238a6aae062f4ea15d5
Analyzer Verdict Alert fortinet Phishing
GET /web1/css/fonts/default-3e828e80f6e985c352eba4474518978d.woff HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/font-woff
content-length: 44260
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-ace4"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
49.12.243.70200 OK 41 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-815fcbb4d2c57901701125d768f09d67.woff
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41328, version 1.66\012- data
Hash e39bd2e2657ce5dd6f9c33df18529233
6db81ebb91bfa67cef8f2f870f03046150568799
19d0bda83ecbc986620468801adf000c77c3c38398650903c63fac8dcbac4383
Analyzer Verdict Alert fortinet Phishing
GET /web1/css/fonts/default-815fcbb4d2c57901701125d768f09d67.woff HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/font-woff
content-length: 41328
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-a170"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/images/favicon.ico
49.12.243.70200 OK 1.2 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/images/favicon.ico
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash d8106bf3a1d00ab43b01e6e3c92500eb
202b5e8654ab1b28351378293bca3b9d844cc29b
9ada5709e264c31b04a05bd85448a9bd5e91925e8d83df5cef0762ec97cc283e
GET /web1/images/favicon.ico HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: image/vnd.microsoft.icon
content-length: 1150
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-47e"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Thu, 08 Sep 2022 23:47:34 GMT
Date: Thu, 08 Sep 2022 22:00:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Thu, 08 Sep 2022 23:47:34 GMT
Date: Thu, 08 Sep 2022 22:00:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Thu, 08 Sep 2022 23:47:34 GMT
Date: Thu, 08 Sep 2022 22:00:32 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e0fbe5627b19e9ad7ad4d40c96514ae9
d9d361271987c5947d96ddacc67efb3f3a32bbd3
48b4321f3bda8fd67c5bc75f98b0dfe6df2bfda8dcf5e708aecd47270ae03217
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "48B4321F3BDA8FD67C5BC75F98B0DFE6DF2BFDA8DCF5E708AECD47270AE03217"
Last-Modified: Wed, 07 Sep 2022 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6422
Expires: Thu, 08 Sep 2022 23:47:34 GMT
Date: Thu, 08 Sep 2022 22:00:32 GMT
Connection: keep-alive
jolly-lovelace.49-12-243-70.plesk.page/web1/js/app.4564064e.js
49.12.243.70200 OK 17 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/js/app.4564064e.js
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Unicode text, UTF-8 text, with very long lines (44781)
Hash 75e8f356498fe24c34caa7cfa3f31698
c4bd5455ef1d5d546161b0357338b665374d8047
70dfadb80b0ad4237a2683ef038ecd2cac530040c55acb46c30a1f22f6808ea2
Analyzer Verdict Alert fortinet Phishing
GET /web1/js/app.4564064e.js HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: W/"628c20e4-af91"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f922505178de0cea92eedcfda85a9f67
50f1459de01174e594e03e7df4dfaa8eb1798672
981cd58768d6ad841673add855ddcc7106fbc85de05db9a1bd2d6bc8928b4c2c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3ef55d7-b6c2-4550-aff3-c9052f7d4816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6214
x-amzn-requestid: 46a44af0-e547-49e8-bc39-f6c49d94e375
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Xj_0HFKbIAMFRbg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630b134d-0297c83c305422fa51b86dcf;Sampled=0
x-amzn-remapped-date: Sun, 28 Aug 2022 07:03:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _ZKcuRO8Z6wBMdm79iDZj5uRYk4YYpYJqOoG8hZqY81O0R7hfbe5bQ==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 05:34:36 GMT
age: 59156
etag: "50f1459de01174e594e03e7df4dfaa8eb1798672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 09267c271a56ba4c2d4197543f264fac
67ae4acd88571da51b81fa7ed963b7f2a71845b4
906163f9e1bb8908ae7fcfbf4debc2a42fd14a3f90c8814536025a57ee851dbe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffca3b7c7-528e-421a-8910-451f0b9b667f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8162
x-amzn-requestid: decb1d93-bcc9-4a71-a054-c537ad7d1add
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YJvndF1fIAMFv7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-631a2c95-27cef2465fd0e6c849da81af;Sampled=0
x-amzn-remapped-date: Thu, 08 Sep 2022 17:55:33 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: C_J0m9xfkCb5qsoO934KB2Ldk1-yMaMXkgiv9gWus7JqjN3M_HCpdg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Sep 2022 17:56:29 GMT
age: 14643
etag: "67ae4acd88571da51b81fa7ed963b7f2a71845b4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f73ee4e91b38eaa36cadd4c437785f8
6ceea057f5ae50b9cef505da0a358e3d3b7d6a38
778d28e14b28c154843403470136d0efdcdd5e93e4b5aab784c12d4344e7af6f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F822fb287-f1f6-45a1-be54-4fa7385bb163.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11365
x-amzn-requestid: d50039cd-381c-4221-997e-9231d40ecfbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9V0EHEoAMFeag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f58-11cab61904bd14462cd13d0d;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:38:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: z7RyNwWgq5r9B2WMa5ibpo3d8DXFSFCCrEHpMvc0Q5SqE2x1ovaV-g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 020978022b22df6352245f09cfbc410c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:41:33 GMT
age: 83939
etag: "6ceea057f5ae50b9cef505da0a358e3d3b7d6a38"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/js/chunk-vendors.524d9220.js
49.12.243.70200 OK 76 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/js/chunk-vendors.524d9220.js
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (48255)
Hash b4dc016b6ee1af9ec12d5d206bd60f08
ab8d29f4b6256889dd733f2058b35e64c97f20b4
0407630b043e3fbf42f874a937e09ab4813fa64e2b4097553e2828d24d4e5604
Analyzer Verdict Alert fortinet Phishing
GET /web1/js/chunk-vendors.524d9220.js HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: application/javascript
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: W/"628c20e4-369fc"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1cd778a615e9a4ca3a25119790398434
d6daca74fc85d39274b3c7536f34528bef93ae97
e6b5a7a525e314e09c30985b22da7c34806df09cbe98ad52b00dcbf93a0dc054
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ba17b3c-58f5-4458-8dc2-8e4a7cf8d782.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7251
x-amzn-requestid: 26b2021a-4440-47ce-8dba-d971cae60cc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YG9bmHcmoAMF3Fw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63190f7d-5471edce7de2374c3b8af888;Sampled=0
x-amzn-remapped-date: Wed, 07 Sep 2022 21:39:09 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: d3MrDEyDFDylQKyfxONQ12_7IBvRAg8o0rSZ64WNRGNvDHqQyDmqJA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Sep 2022 22:16:27 GMT
age: 85445
etag: "d6daca74fc85d39274b3c7536f34528bef93ae97"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
49.12.243.70200 OK 41 kB URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
File type Web Open Font Format, TrueType, length 41352, version 1.66\012- data
Hash 4e23ecf085132857bdb54b4da7373151
a50215c22a591536b21e509100d1707c6886ffd6
b033eff45e6e8ecd5c5bccd8ef9a96c4dc37325adc64c5aed8b1d909b24c4eb4
Analyzer Verdict Alert fortinet Phishing
GET /web1/css/fonts/default-5a6dd86f272b304a8b83f7df61f11c2f.woff HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:34 GMT
content-type: application/font-woff
content-length: 41352
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: "628c20e4-a188"
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
49.12.243.70200 OK 0 B URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
GET /web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:31 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: W/"628c20e4-76949"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/app.4d897de7.css
49.12.243.70200 OK 0 B URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/app.4d897de7.css
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
GET /web1/css/app.4d897de7.css HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: text/css
x-accel-version: 0.01
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: W/"37c-5dfb6b0df0100"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/img/c21352eccd8a788365ab6333944e7899.svg
49.12.243.70404 Not Found 0 B URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/img/c21352eccd8a788365ab6333944e7899.svg
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
Analyzer Verdict Alert fortinet Phishing
GET /web1/css/img/c21352eccd8a788365ab6333944e7899.svg HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/css/bundle.35490f91e69e1ed0924450bfedb9e79d.css
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 404 Not Found
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: text/html
last-modified: Tue, 06 Sep 2022 13:56:58 GMT
etag: W/"328-5e80291dbedc3"
content-encoding: br
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/?null
49.12.243.70200 OK 0 B URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/?null
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
GET /web1/?null HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:31 GMT
content-type: text/html; charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
set-cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9; path=/
x-powered-by: PHP/7.4.30, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
jolly-lovelace.49-12-243-70.plesk.page/web1/css/one_trust.css
49.12.243.70200 OK 0 B URL HTTP/2 jolly-lovelace.49-12-243-70.plesk.page/web1/css/one_trust.css
IP 49.12.243.70:0
ASN #24940 Hetzner Online GmbH
GET /web1/css/one_trust.css HTTP/1.1
Host: jolly-lovelace.49-12-243-70.plesk.page
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://jolly-lovelace.49-12-243-70.plesk.page/web1/?null
Cookie: PHPSESSID=fu66hu5ru5bjkvvffm142j6at9
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 08 Sep 2022 22:00:32 GMT
content-type: text/css
last-modified: Tue, 24 May 2022 00:03:48 GMT
etag: W/"628c20e4-1af6b"
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2