Report - sadevafric.com/msin/fcifaciuom

Report Overview

Submitted URL
sadevafric.com/msin/fcifaciuom
IP
66.29.145.237
ASN
#22612 NAMECHEAP-NET
Submitted
2022-10-13 15:41:26
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
112

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.7 kB	54.230.111.65
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.8 kB	34.160.144.191
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	476 B	32 kB	216.58.207.195
www.applitech.ci	unknown	2020-01-21T12:51:31Z	2023-02-15T13:03:39Z	382 B	7.3 kB	66.29.145.237
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	2.6 kB	7.1 kB	23.36.76.226
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	329 B	797 B	93.184.220.29
sadevafric.com	unknown	2021-08-18T18:16:23Z	2023-02-13T12:46:33Z	19 kB	1.7 MB	66.29.145.237
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	54.187.71.185
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.3 kB	4.9 kB	142.250.74.3
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.7 kB	62 kB	34.120.237.76
aws-wwcloud.net	unknown	2022-09-30T18:50:35Z	2023-03-09T04:16:51Z	408 B	434 B	146.0.77.131
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	510 B	746 B	142.250.74.10

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-13	medium	sadevafric.com/msin/fcifaciuom	Malware
2022-10-13	medium	sadevafric.com/	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/isotope.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/scroll-magic.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/jquery.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/fancybox.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/overscroll.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/tween-max.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/canvas.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/parsley.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/js/main.js	Malware
2022-10-13	medium	aws-wwcloud.net/async/?id=k76hb335572azihei1b96f67diykbd2f	Phishing
2022-10-13	medium	sadevafric.com/assets/js/plugins/swiper.min.js	Malware
2022-10-13	medium	sadevafric.com/assets/img/light/logo.svg	Malware
2022-10-13	medium	sadevafric.com/assets/css/webfonts/fa-brands-400.woff2	Malware
2022-10-13	medium	sadevafric.com/assets/js/plugins/mapbox.min.js	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	aws-wwcloud.net	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed
2022-10-13	medium	sadevafric.com	Sinkholed

JavaScript (15)

	URL	Size	First Seen	Last Seen
	sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js	12 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash ecbe014904b8aaa5e4336793980ca9c3 fe34a50baae55c47f84a6ec0625595824193cb46 aa55a5e4cad0d5e30ea188528dd7048e9f9d8330d0afa0388f613ce1f986909a Loading...

	sadevafric.com/assets/js/plugins/swiper.min.js	125 kB	2023-03-08	2024-01-29
Pretty URL sadevafric.com/assets/js/plugins/swiper.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2024-01-29 01:47:31 Times Seen38 Hash 9465f56a021a999a2d639b309b070091 b8dd1ae6654c77e2cc57687913eb372259a9751e 6e41a9c586f5be5572d9799170564f81f39375beb872593f0281adf5910fa58b Loading...

	sadevafric.com/	215 B	2023-03-08	2023-03-14
Pretty URL sadevafric.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 5b9c7ab1a33b2314822fc0bfc7d2303b 3272465024f2a02f5c5cf8fbce6b2553560b68a8 ef26165c7142a0a86d53bf8309c18b6e0ca84dac0bf90e5014cef833e9016c3c Loading...

	sadevafric.com/assets/js/plugins/fancybox.min.js	68 kB	2023-03-07	2024-04-12
Pretty URL sadevafric.com/assets/js/plugins/fancybox.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:22:43 Last Seen2024-04-12 19:41:24 Times Seen26 Hash 91fb41047568601ee69cb7cb1fbdef76 ac0fcc6838b5bda8ab83c74761f9e4272c03cfe1 2c554d6e95ad090bd1a03cb4d3ae715de0ba090a2623ca0da8cf0a466efbdcff Loading...

	sadevafric.com/assets/js/plugins/tween-max.min.js	117 kB	2023-03-08	2023-03-12
Pretty URL sadevafric.com/assets/js/plugins/tween-max.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 09:47:51 Last Seen2023-03-12 06:06:29 Times Seen1 Hash 4adadb165b179b0d975b530afccb34f7 adffd08edebd63774591338c854dce561bc4d50f dd680d45d35be124d34a4fbe0798d5cea7d318a3b64f3579684c31c93c1183f0 Loading...

	sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js	48 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash c5f00f3ba21fafcdcd7241e72ad0cdf2 987f39aaa21e26dcfa3a22af66f464d7ff6d1f10 04551aa5d66ed693e4550e39fc397eb5a09791ee2533f1518d45ff5d2fadb479 Loading...

	sadevafric.com/assets/js/plugins/parsley.min.js	43 kB	2023-03-08	2024-01-27
Pretty URL sadevafric.com/assets/js/plugins/parsley.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2024-01-27 22:50:30 Times Seen3 Hash 24b587b059bd2a5e9d5d2c51f4778809 d82130847b9787961d4545b51384406326688429 e88040fa76877e65b9857806d463c25b8632e9c6f48cda6acce7fe43fcdbe14c Loading...

	sadevafric.com/assets/js/main.js	17 kB	2023-03-08	2023-03-14
Pretty URL sadevafric.com/assets/js/main.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 7e123e1b87bf10d013756c73ff3973aa a382afe364dee9c2ce6dd381879adee1f819bf64 573c8198e3ef657eaf23b20e1954ba816f2a2189f13ff2f56e9ab69de89acf1b Loading...

	sadevafric.com/assets/js/plugins/mapbox.min.js	764 kB	2023-03-07	2024-02-16
Pretty URL sadevafric.com/assets/js/plugins/mapbox.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:28:13 Last Seen2024-02-16 03:38:26 Times Seen11 Hash cb9a45679f72ac94056cff79895cca8c d40a57e44b32bd2d411caf1a03237648ff21b6c6 cf3bc0e13f563dd7a6cbf03988ec3f551ccf95ffdb4e2b08765a800eba09cdc9 Loading...

	sadevafric.com/assets/js/plugins/isotope.min.js	35 kB	2023-03-07	2024-03-07
Pretty URL sadevafric.com/assets/js/plugins/isotope.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:03:09 Last Seen2024-03-07 08:50:39 Times Seen135 Hash 429037b5aee16c10d7b2493b8cb50a4a 45a3c2332637a167d80edc6185c06d7a95e38f75 7d2412504fb72ab7f6c7f96d0afbfd909791c293a9b10e15d629b7b7f6ebc829 Loading...

	sadevafric.com/assets/js/plugins/scroll-magic.js	104 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/scroll-magic.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash 28c87d4b7bdf45d6f9d006aba1f044d5 83c7d34f5bda56c230fc8ccf3be2d21d0c234657 63feea8fa405b51d30c822556b66b1dcdc64f64b97818e6281af05ce28e64aa4 Loading...

	sadevafric.com/assets/js/plugins/jquery.min.js	90 kB	2023-03-07	2024-04-27
Pretty URL sadevafric.com/assets/js/plugins/jquery.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:01 Last Seen2024-04-27 07:18:43 Times Seen139528 Hash dc5e7f18c8d36ac1d3d4753a87c98d0a c8e1c8b386dc5b7a9184c763c88d19a346eb3342 f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d Loading...

	sadevafric.com/assets/js/plugins/overscroll.min.js	12 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/overscroll.min.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash 19fab2285d528bfb2632b8fec03b20cf c05a9f819bd99db1e8a06b3fa522744df8053d0a 58a7a89e1dc034dbadf9156b9c0af713b84e1c8421f5734ea2a59a3e591c7e0c Loading...

	sadevafric.com/	5.3 kB	2023-03-08	2023-03-14
Pretty URL sadevafric.com/ IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-03-14 00:03:57 Times Seen1 Hash 31efc48a7f2cd2aaf36946b5a9627c8a 147242d7e81f057dcaf4ce9dd8304d20a775bd7b 832faadf287e6a9376f2537d46fd06fd5d792750a0f4929dc9ba65ddfa99bff7 Loading...

	sadevafric.com/assets/js/plugins/canvas.js	3.7 kB	2023-03-08	2023-05-24
Pretty URL sadevafric.com/assets/js/plugins/canvas.js IP 66.29.145.237 ASN #22612 NAMECHEAP-NET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 06:12:58 Last Seen2023-05-24 09:22:34 Times Seen3 Hash ee883a8ad292d8ba091423ac8861537d 164049563bd1dca5959cc3425f884660e20c9b42 027c5cfae6b6f1b8f56be74f83143f0cbffa65ce2b01d136329350d8693079f6 Loading...

HTTP Transactions (69)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

54.230.111.65

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Thu, 13 Oct 2022 15:08:53 GMT
Expires: Thu, 13 Oct 2022 15:23:51 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: gNQ4cUnJYV2CfVbI66pfHvbfiG9mSCGUZF0IGAjqktzczmVvcuAidA==
Age: 1942

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e0602913f3d432ffbfaa654440972ee1
e5aaf31749e65875fd840091f9a3bba641de413d
5495ad212166703dcd1d17d7aa6ff4d1c40e73dfad703d24f00f60f35bc7d56c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5495AD212166703DCD1D17D7AA6FF4D1C40E73DFAD703D24F00F60F35BC7D56C"
Last-Modified: Tue, 11 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15292
Expires: Thu, 13 Oct 2022 19:56:07 GMT
Date: Thu, 13 Oct 2022 15:41:15 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10748
Expires: Thu, 13 Oct 2022 18:40:23 GMT
Date: Thu, 13 Oct 2022 15:41:15 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: OjKdlIx7bftiV7Itt59tWu61DnoMt1w5/1K0aIwIG1uvSugIrTtQPCjz3eg6LEq+ITvyDU0xSzI=
x-amz-request-id: C00XE3QPV0MPG6BP
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 13 Oct 2022 15:01:46 GMT
age: 2369
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Thu, 13 Oct 2022 15:41:15 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

54.230.111.65

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Thu, 13 Oct 2022 15:07:43 GMT
Expires: Thu, 13 Oct 2022 15:23:45 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SqP8NmUj0pkn-Es-y433b3p5e_XoiQYS8sYtmuCXRj2kfGdooahF2A==
Age: 2012

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
3583e23195fad53de085f55b7ae476b8
1e1ee824f8b5706b0a32b269af82769bb44f5d0f
0c3d6dbcec45e2d28fe0b43d2ae2eaf8cbb05d435b981edc1da311ce356fe30d

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1812
Cache-Control: max-age=147346
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:16 GMT
Etag: "6347c71a-1d7"
Expires: Sat, 15 Oct 2022 08:37:02 GMT
Last-Modified: Thu, 13 Oct 2022 08:06:50 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471

sadevafric.com/msin/fcifaciuom

66.29.145.237

307 Temporary Redirect

0 B

URL HTTP/1.1
sadevafric.com/msin/fcifaciuom
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /msin/fcifaciuom HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 307 Temporary Redirect
Date: Thu, 13 Oct 2022 15:41:16 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; expires=Thu, 13-Oct-2022 17:41:16 GMT; Max-Age=7200; path=/
ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be; expires=Sat, 15-Oct-2022 15:41:16 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://sadevafric.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

push.services.mozilla.com/

54.187.71.185

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
54.187.71.185:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Y5Dupukj+HDJF+ej4CgbXw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SS4PFvm8s8QNlx/Z7u2AWe3F3BQ=

sadevafric.com/

66.29.145.237

200 OK

6.2 kB

URL HTTP/1.1
sadevafric.com/
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Size
6.2 kB (6177 bytes)
Hash
cb9db9e2df56ac35f3aa484daebd2ae3
d1c0708912bb7db0bad714c05956f41a1ab0cc39
63aac0b30f85e1a9de749028386aef86ae83378e91e26e041936ade6b800a3c6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:16 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; expires=Thu, 13-Oct-2022 17:41:16 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6177
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
24b79ec946ea2f46c118f1d32753fab7
9e3a5b712f6f1aea7bf30cad622a113428736c02
2444b6ba10658bc23690a3065438df55ac52b240bde9c29a5226a3588924e65a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
24b79ec946ea2f46c118f1d32753fab7
9e3a5b712f6f1aea7bf30cad622a113428736c02
2444b6ba10658bc23690a3065438df55ac52b240bde9c29a5226a3588924e65a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sadevafric.com/assets/css/plugins/bootstrap.min.css

66.29.145.237

200 OK

21 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/bootstrap.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65324)
Size
21 kB (21007 bytes)
Hash
733571679e9957e2653ecce1c235ae28
71eff8d605c8346f6e413589a8aa69b217e4d923
cbc30aca6e7eb5990a7282fbd4d1b76ed492b31a4c46bb587f4ebd1b48c2fdd4

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/plugins/bootstrap.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:16 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21007
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/font-awesome.min.css

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/font-awesome.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (54456)
Size
12 kB (11817 bytes)
Hash
a17b2209512865d8e882880dd8c403e0
35b7d11062831c849a213c6752136e276c56bb56
c29734bf3b21a5ce948cf29d765d596ecf0495c2a61f67d0e3e23a4f815693e2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/plugins/font-awesome.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:16 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11817
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/swiper.min.css

66.29.145.237

200 OK

3.1 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/swiper.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (1470)
Size
3.1 kB (3063 bytes)
Hash
5d028d301366f480ddc61b88f7d66dd8
344e33b68472c09ad3c7a38ae11b11e24298a0b3
c29f68dbc0da7d5449d4865a430552efb937b04bd647eabe980332ad75a07e52

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/plugins/swiper.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/fancybox.min.css

66.29.145.237

200 OK

3.3 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/fancybox.min.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
3.3 kB (3264 bytes)
Hash
48f7cd6ea25e7a870144d0b7999cf3fb
8eecf63f78b0e5679c8f2d5c82a3d2e8d4eccdde
61aa1b688bbd00d28a2b76006c005f2181a8cd00055c74d4a5255dbacab4aeb3

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/plugins/fancybox.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 18:22:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/plugins/mapbox-style.css

66.29.145.237

200 OK

4.6 kB

URL HTTP/1.1
sadevafric.com/assets/css/plugins/mapbox-style.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (34832)
Size
4.6 kB (4579 bytes)
Hash
e92d94d527112eccad9eff37daf5d414
3e9548d816fe420a093320151595601e6865d236
9bb0b50fba17ae136f2124c4d62a64541ea3a1db70126cf28f51d63f5e7bc893

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/plugins/mapbox-style.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2021 18:11:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

sadevafric.com/assets/css/style-light.css

66.29.145.237

200 OK

6.8 kB

URL HTTP/1.1
sadevafric.com/assets/css/style-light.css
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
6.8 kB (6750 bytes)
Hash
ce636cfe8004cd4ed470b185643cf79b
0aa633e506e709405f89d64e7d848f7ea00e5338
fc91747aa1140b0b9a3781a9a83077b912957bd13d5b685aa0facc4763d01019

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/css/style-light.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:08:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6750
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11580
Expires: Thu, 13 Oct 2022 18:54:17 GMT
Date: Thu, 13 Oct 2022 15:41:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11580
Expires: Thu, 13 Oct 2022 18:54:17 GMT
Date: Thu, 13 Oct 2022 15:41:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11580
Expires: Thu, 13 Oct 2022 18:54:17 GMT
Date: Thu, 13 Oct 2022 15:41:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11580
Expires: Thu, 13 Oct 2022 18:54:17 GMT
Date: Thu, 13 Oct 2022 15:41:17 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
73b0059a5671ff189dccdeb345c3dfb6
89a89effe4d8e12b478b3abb9ae5e94a861d957d
673eaa034fe322874455a7ea38197c02819882d0176d9ae3773eea63dd53e3b0

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "673EAA034FE322874455A7EA38197C02819882D0176D9AE3773EEA63DD53E3B0"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11580
Expires: Thu, 13 Oct 2022 18:54:17 GMT
Date: Thu, 13 Oct 2022 15:41:17 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12475 bytes)
Hash
c1c9c993c5a82d5a146afa74f3455c24
34d415f33034c3f825c7adaf35c29fb0f597ed5b
212acaf34f23c1b351320600adb1f467986f7a9c24f6e573384eb513317c78d9

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F792c747c-98f4-41ff-82f8-4c4c6b53cdd9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12475
x-amzn-requestid: 66e8a01a-ba8e-4142-9f26-16cd153e98cc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZtpojFH5IAMFfbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63422303-048d921853ef351357c45b36;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 01:25:23 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: shlClI--CZDLhubG0uAFTKcTaHVr6QhiRE2KXdnOjibRZXBVdixrpw==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 20:16:23 GMT
age: 69894
etag: "34d415f33034c3f825c7adaf35c29fb0f597ed5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (5994 bytes)
Hash
7411df7da53e98c4988663b3338ac449
cd5518eff668619efbf3b821306d651fcb30a712
b87d92eef134e1378d51aac8503545949596c982b53fbda75ccbec71dbff6d7b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd38e46c-1252-4a62-b18c-fa49d9d76841.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5994
x-amzn-requestid: b2681b02-7095-4fe5-83cd-aac9f08ba8ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z4erJFq1IAMFtNg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634677e0-4a000af8739bd4115d01835c;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 08:16:32 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: ZTUx0jGqhpb1rXzb_JXDWdubqddPiU5IeTjnxpmMjcOJoiIwU_p7ZQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 707e733794d52100fde0ab21bf0b1462.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:59:14 GMT
age: 63723
etag: "cd5518eff668619efbf3b821306d651fcb30a712"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7580 bytes)
Hash
4428a41f1c63e0c32664bc1b7d6b65a0
325484ea6c2653483019d85d690b4a697f8dde9f
7a8e1afc1f987dbd6275617db2655d7f92f2ead75ce6cbe924bf572e1b2567d0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F87c3b83e-ab1b-415f-87e8-75fbe6a8804e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7580
x-amzn-requestid: 6a320517-254f-40f6-b7cd-b87317d2177d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tq9HkqoAMFVcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63473312-13af2ea55b9d524d37b1dd46;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: WaYmkULE2Gb48Ep1NuF98M6D9nbo54L1-tyAqzbSWKUQ0S4jQeiORA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:45:44 GMT
age: 64533
etag: "325484ea6c2653483019d85d690b4a697f8dde9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.4 kB (7434 bytes)
Hash
a5a9abfaf8360f2b6527800ad1944f44
66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49
02d4d5b7ffb815544ee8cc67b38d885173214918f4522dcfe452b9f1ef252843

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6f4ddcd0-37eb-41bb-b930-ef4cec44401e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7434
x-amzn-requestid: d2ca5388-80cd-4082-a01c-54d701494d20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6TqfERSIAMF8-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347330f-340bae193e3547840bd0d45d;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 02jwYGldxH-OiwHR5fFT9V5PrbU2xMx8dPMeGRA3byKZZ7wPAuMVLg==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 21:57:57 GMT
age: 63800
etag: "66ae1ad987d78fc76dd7cdc4f30a8e903ff47d49"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.5 kB (3460 bytes)
Hash
8a5b340fa22bc00565ee580506185ee6
82a9e94edf6c32a825c7ab17032ec1e12f3b8f64
a1a6c75338c0a27765c510d3b417ab452eade7dea7e59db1aa4ddf1e52cfbc41

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0b3ba405-5ddf-47b4-a3a4-c8bbbb892ae1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3460
x-amzn-requestid: abd25fa2-3dcf-4766-bb96-aad040aadbb8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z0fH6EQ4oAMFtJQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6344deff-6e85d59a3bf1f1a14b4b91a5;Sampled=0
x-amzn-remapped-date: Tue, 11 Oct 2022 03:11:59 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VRidWgn-x_6ns12m0tjazQ7OtPIWOeE2lG4gqzivtPdywLbgpJqBsA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 03:39:05 GMT
age: 43332
etag: "82a9e94edf6c32a825c7ab17032ec1e12f3b8f64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.6 kB (3621 bytes)
Hash
d7c910df57ddbb4c965a2368ecd0b7c0
3c43ed5bf8ebd3e103a6b8f4736ccb414353937e
bfe79d8edb1e729797ca5a044b425a50e17402a8e02f7aa46d196c4717940995

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5fc8e71c-ad38-40c0-aa1c-62d0543b412e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3621
x-amzn-requestid: 331206f5-c205-42f7-b4ec-33cda2fb63b4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZxutmHYYoAMFW9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6343c4bd-40c2f12833e077be52ca770c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 07:07:41 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: m0UA1qs-Ea9UjOtLqAwh7WEhU3OJAwvBKEuyn7iUUweXAHdFDYpjMQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 10:42:14 GMT
age: 17943
etag: "3c43ed5bf8ebd3e103a6b8f4736ccb414353937e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

216.58.207.195

200 OK

31 kB

URL HTTP/2
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Size
31 kB (30928 bytes)
Hash
ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780

HTTP Headers

GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 16:40:18 GMT
expires: Fri, 06 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 601259
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js

66.29.145.237

200 OK

4.3 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
4.3 kB (4272 bytes)
Hash
daaa793446a620a7c1c001be03f6168c
297c81b4711979a2334f60f246eaf9e9317f40b4
cfe9a96cd8d659a71f887a3291a8b1f94c96d171e5bb152b6e0c0007efee18f7

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/scroll-magic-gsap-plugin.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4272
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
4a7c955d46e803f09524911fe5a34259
4adbbd7a049b7b450193b253fa7f1fb7cd4bb77e
c1072a4938a4aea6d25ea19540790b57fd0118765511cbbb963b41d1cd7ad642

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 13 Oct 2022 15:41:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

sadevafric.com/assets/js/plugins/isotope.min.js

66.29.145.237

200 OK

9.8 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/isotope.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32019)
Size
9.8 kB (9847 bytes)
Hash
f23be9b893032a9a3beeb61008b659d6
0ae8ca6e11fa6299c409f7155c39a6fbefa3dd0b
c343a4923a7dfc3451f05434f6061f4f46f14774867a9dfbd7d0965ff54236c4

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/isotope.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9847
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/scroll-magic.js

66.29.145.237

200 OK

25 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/scroll-magic.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (330)
Size
25 kB (25095 bytes)
Hash
0654c5b5bb66d21e526ca3288043b184
444823af815fe2375a6bfd6a169e5ee3fe41b4b0
b2694723acb5522a0a47644c2dd08333d34a2a177a44ef10f3ceb4424048a4d6

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/scroll-magic.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:14:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 25095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/jquery.min.js

66.29.145.237

200 OK

31 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/jquery.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65451)
Size
31 kB (30910 bytes)
Hash
888c5fa4504182a0224b264a1fda0e73
65f058a7dead59a8063362241865526eb0148f16
7d757e510b1f0c4d44fd98cc0121da8ca4f44793f8583debdef300fb1dbd3715

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/jquery.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Tue, 24 Nov 2020 22:10:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

www.applitech.ci/assets/images/logo.png

66.29.145.237

200 OK

7.1 kB

URL HTTP/1.1
www.applitech.ci/assets/images/logo.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 350 x 78, 8-bit/color RGBA, non-interlaced\012- data
Size
7.1 kB (7050 bytes)
Hash
b8eb88106d1545ea12a6185215e99a33
d82138cf5c47a60538898d5de1374b92572dd6de
143e08dbbb3247dd1bbaa00e73b9da6b696e25262045796f4b9f197f18f8d316

HTTP Headers

GET /assets/images/logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 7050
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png

sadevafric.com/assets/js/plugins/fancybox.min.js

66.29.145.237

200 OK

22 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/fancybox.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
HTML document, ASCII text, with very long lines (31972)
Size
22 kB (22014 bytes)
Hash
f8b62df0805382748074af7be8c55fc3
954cce85dd07378f6161bf292e42c53da428ff62
90d139e51b28f09110a6653ac7ce12f6b603bed42be80bccc9876130e6eaf61a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/fancybox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/overscroll.min.js

66.29.145.237

200 OK

4.4 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/overscroll.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (9511)
Size
4.4 kB (4438 bytes)
Hash
53dbd66e5044c88004c425f2295c4810
149469dc3b55d08aefe2d8a01ae97a27b5d4fa8d
b91283f8d27573de404bf3d8d95e9f1e952be27d89d3d3fbcd8850bded8ae84a

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/overscroll.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4438
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/tween-max.min.js

66.29.145.237

200 OK

39 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/tween-max.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32028)
Size
39 kB (39300 bytes)
Hash
a6a64f068c32e61e418134cc830d9a7d
e64f360d949f75331a89146c7707ddb4d42fcb0a
f82f0e56bcd25e05c88f43b184d846a166458b4fcf8533a3adc7481a0f410b08

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/tween-max.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:20:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js

66.29.145.237

200 OK

16 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Unicode text, UTF-8 text, with very long lines (23101)
Size
16 kB (16293 bytes)
Hash
204f770d6eb3a63ca1e0fa2aadf6c69c
ec57850045162173caee2370a81d47f2d1a938ad
a741cd031a689e23d3901a3defcfb8603f404d38bd5a5f662c1fb1517d482c7d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/smooth-scrollbar.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16293
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/canvas.js

66.29.145.237

200 OK

1.2 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/canvas.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text
Size
1.2 kB (1202 bytes)
Hash
2f9f9599c326666430e240bd2040229e
97c3e0885adae1da5658fc57b036ccd1c3bf1fd8
087eaf86761d05a8fc0acf6e754b2d3fbbc3ecc41e8c5795576a8b18638d61ad

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/canvas.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Tue, 06 Apr 2021 17:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1202
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/plugins/parsley.min.js

66.29.145.237

200 OK

12 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/parsley.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (32005), with CRLF line terminators
Size
12 kB (12347 bytes)
Hash
d0d7a0f3ca1af46edd464738404d704b
07acb5664b72237d6803d79e04f357bae456b52d
f2e8a1ed3fcb50a9a3412859f34677cada1cc2d8617367edcefb80939f2f7f5d

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/parsley.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Wed, 10 Jun 2020 19:30:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12347
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/js/main.js

66.29.145.237

200 OK

3.6 kB

URL HTTP/1.1
sadevafric.com/assets/js/main.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
C++ source, ASCII text
Size
3.6 kB (3626 bytes)
Hash
13dffac744d12e9a004a0fd2af0c3a77
3612a0b04888d05ef4d7f98a57f334cde2fa8437
166c8d0a025d55aa663d8b511e94347e98383501c818824adf44ca662b0cd91f

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/main.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 22:03:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3626
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
dcef3c06c9a771634ac607bc95ddda2a
a4b45e5a44a15878f6e9976d3fd241a8956ab1e4
d58b6858e36ffc3e222f5f5d119bcc617f43fb69bbd2b1f83c049fd209fa8514

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D58B6858E36FFC3E222F5F5D119BCC617F43FB69BBD2B1F83C049FD209FA8514"
Last-Modified: Thu, 13 Oct 2022 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19754
Expires: Thu, 13 Oct 2022 21:10:32 GMT
Date: Thu, 13 Oct 2022 15:41:18 GMT
Connection: keep-alive

aws-wwcloud.net/async/?id=k76hb335572azihei1b96f67diykbd2f

146.0.77.131

200 OK

177 B

URL HTTP/1.1
aws-wwcloud.net/async/?id=k76hb335572azihei1b96f67diykbd2f
IP
146.0.77.131:0
ASN
#57043 Hostkey B.v.

File type
PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Size
177 B (177 bytes)
Hash
a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /async/?id=k76hb335572azihei1b96f67diykbd2f HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Thu, 13 Oct 2022 15:41:18 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000;

sadevafric.com/assets/js/plugins/swiper.min.js

66.29.145.237

200 OK

33 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/swiper.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (65271)
Size
33 kB (32552 bytes)
Hash
a9dbdc85dfcc3a7f9e40019b5530ef83
3819e7edd68a2712bed8956d742cafff37c4ed77
8f9ff6eb4d271afd73674c1ba5f1c1ae82e68984098d94bc6fdee31fa5aaed5c

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/swiper.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:55:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 32552
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript

sadevafric.com/assets/img/light/logo.svg

66.29.145.237

200 OK

5.9 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/logo.svg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (14829), with no line terminators
Size
5.9 kB (5908 bytes)
Hash
5d71acf1ba704203c83505c454c71a7d
5ba3860609d1efd27b5197a01221e6a2d3c275dc
f4953d5cb08b703d9410426321b286a83d15d7877f035e948cd34a3f50375b42

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/logo.svg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 21:54:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5908
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml

sadevafric.com/assets/img/light/projects/prjct-3/1.jpg

66.29.145.237

200 OK

56 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
56 kB (56354 bytes)
Hash
b47b994c0a66534e7d34aeda5ed59bfc
bf22f9c59bfb45cfb25d7ac5942b7ae4e89c418b
6028f0d5e49a93ed75c589ee1f6207305b456ced1a13a8e59e3929346401208b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:35:46 GMT
Accept-Ranges: bytes
Content-Length: 56354
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/css/webfonts/fa-brands-400.woff2

66.29.145.237

200 OK

72 kB

URL HTTP/1.1
sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Size
72 kB (72112 bytes)
Hash
4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sadevafric.com/assets/css/plugins/font-awesome.min.css
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2020 18:24:30 GMT
Accept-Ranges: bytes
Content-Length: 72112
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: font/woff2

sadevafric.com/assets/js/plugins/mapbox.min.js

66.29.145.237

200 OK

195 kB

URL HTTP/1.1
sadevafric.com/assets/js/plugins/mapbox.min.js
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
ASCII text, with very long lines (64450)
Size
195 kB (195389 bytes)
Hash
01db876058ff9998316589ae375c5eaa
62d02a663b9c62df16d810721d9a921b0c9e39a8
969d77541d90a4bcee5cb7cf16256c3b0479fbfed7fd853cf9a17ef6aa07359b

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /assets/js/plugins/mapbox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:17 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

sadevafric.com/assets/img/light/projects/prjct-3/2.jpg

66.29.145.237

200 OK

80 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
80 kB (79874 bytes)
Hash
3705e146ab0f6bb39a47073594f3af64
2769eb25cc3a4b1ad2683c17be5d1614928d9e33
72df5d2cdd184bf7316b97fc2c946e219a872acd953ef7b0a8cb05a0e9ddd9f8

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:19 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:36:24 GMT
Accept-Ranges: bytes
Content-Length: 79874
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-5/1.jpg

66.29.145.237

200 OK

168 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 525x350, components 3\012- data
Size
168 kB (168178 bytes)
Hash
028857dbead357da2bac5b2f6291df9f
4c102a542b0f33188029bd2440079b7608cf915d
9b6c9b8f1c2717a4d4c7ab47ffa5f3367584b0724c8db1e1dd458cfdc595d8d0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-5/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 21:18:00 GMT
Accept-Ranges: bytes
Content-Length: 168178
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/4.jpg

66.29.145.237

200 OK

71 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
71 kB (71233 bytes)
Hash
1293bdd489072870ce5379f12975700b
975f5ccb33687f1b211f44d850238f2731af55a3
f11ff0997fcf8ab152a595ea8077ca73647283c3e37ebc01747d107a360d7183

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/4.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:19 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:48 GMT
Accept-Ranges: bytes
Content-Length: 71233
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/3.jpg

66.29.145.237

200 OK

69 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
69 kB (69435 bytes)
Hash
dfe8e0ee27d28a653a85ff0c4c825d40
f138f2799f9c0acc075d13bf4ec4feb579eab458
c54e96adff4d4f4a7589e9422884cdab0bade020c3237dd6b591d29f29e1c5ae

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:19 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:06 GMT
Accept-Ranges: bytes
Content-Length: 69435
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/6.jpg

66.29.145.237

200 OK

81 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
81 kB (81339 bytes)
Hash
627098bf83cf944e9e5bfdbd80b18521
56357d4091e550362537589a5c6f0dfe4856269e
f54366ec758c9e2e0799b318ff37bc131021c40c9db773f98577dd7c650ad946

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/6.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:20 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:39:52 GMT
Accept-Ranges: bytes
Content-Length: 81339
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-3/5.jpg

66.29.145.237

200 OK

78 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Size
78 kB (77738 bytes)
Hash
6b278691e2c4dd737c27276cda08f914
8233d5ddae68550a0455dd87e3e10ef3d6ed8f41
97c83f05952458d6ad49ea9f5436abb5152f3ad17d67d3347c56e339d20f35c9

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-3/5.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:20 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:38:54 GMT
Accept-Ranges: bytes
Content-Length: 77738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg

66.29.145.237

200 OK

266 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size
266 kB (265847 bytes)
Hash
26dc75e955c7ca26a0cd11aa6df6d797
aec1976b12c97b99ae54e893dc348d38fbca7169
624a503da93148052e817c78cbad18aa7de6eca175866a29c6164044b41e6961

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-1/fs/7.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 18:00:56 GMT
Accept-Ranges: bytes
Content-Length: 265847
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-2/1.jpg

66.29.145.237

200 OK

88 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
88 kB (88296 bytes)
Hash
7370c173fea66f848ced70915e1d3320
738039bf40e0bfe13342ed2ce2434eaeb93620d9
246911ef2605d9ed13772a09a524093239de160a91292aec7add41101b01f6a6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-2/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:21 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:16:58 GMT
Accept-Ranges: bytes
Content-Length: 88296
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/favicon.png

66.29.145.237

200 OK

2.0 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/favicon.png
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size
2.0 kB (1993 bytes)
Hash
511e7d91b99af1430ae66c2190769370
790a4d5a98c90d36ec8e2b1f9782099c77964688
9d6ae67eb2f11755ad511ca5db8f3c5b8041f84ef9901662758900be7662448a

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/favicon.png HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:22 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:13:16 GMT
Accept-Ranges: bytes
Content-Length: 1993
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/png

sadevafric.com/assets/img/light/projects/prjct-2/2.jpg

66.29.145.237

200 OK

90 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
90 kB (89785 bytes)
Hash
c1f1ea75fc81d18169038aeda9057f74
193cb6f6fd7bd30c4406948a1359f6dd0bd31aca
bda2eb9c12de07dd821e20bec754680c50debb7ec4f4b040826e65aa16cb5370

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-2/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:21 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:34:24 GMT
Accept-Ranges: bytes
Content-Length: 89785
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

34.120.237.76

200 OK

14 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5c76a23-8abd-4e3e-a093-75e8dfb1dbfb.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
14 kB (14262 bytes)
Hash
56217b4ec776d52347ca781dd826b1fc
8f1261feb1d5ed02e3ffcdc1bdfd299f03108d96
1efffa3f5ce3690da3215b7ec98bf6b6c80888fa99fc130b87e5aa11cf2c8f43

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa5c76a23-8abd-4e3e-a093-75e8dfb1dbfb.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 14262
x-amzn-requestid: d52e5bb3-1c81-4691-989c-18f4f9884aad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZhQUBFshIAMFvzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633d2db3-10be4b386c99044a771581dc;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 07:09:39 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: _qVRL8MKJ3-mdJ-q9LNbqMu_c3y0AlhGpVom7570zvnPM4WIw_KFCQ==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Wed, 12 Oct 2022 20:16:23 GMT
age: 69901
etag: "8f1261feb1d5ed02e3ffcdc1bdfd299f03108d96"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

sadevafric.com/assets/img/light/projects/prjct-2/3.jpg

66.29.145.237

200 OK

126 kB

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size
126 kB (125788 bytes)
Hash
40be0bb2600417e62fd4c6e585fe0767
a2ed1a0e3ccf4068d509e1b35ad5254283521ef8
15ec434815b7c476b13ca1cd52abbc297f7d5d8c19ce8e63b6f68ce4ad7863d6

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-2/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:21 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:38:30 GMT
Accept-Ranges: bytes
Content-Length: 125788
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg

fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

142.250.74.10

200 OK

0 B

URL HTTP/2
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 13 Oct 2022 15:41:16 GMT
date: Thu, 13 Oct 2022 15:41:16 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

sadevafric.com/assets/img/light/projects/prjct-4/1.jpg

66.29.145.237

200 OK

0 B

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-4/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:22 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 17:15:36 GMT
Accept-Ranges: bytes
Content-Length: 340751
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg

sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg

66.29.145.237

200 OK

0 B

URL HTTP/1.1
sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
IP
66.29.145.237:0
ASN
#22612 NAMECHEAP-NET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /assets/img/light/projects/prjct-1/fs/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=2d35afb8e1f010c74595395a59b75400; ci_session=481b10b3e4559fbcc8820b64f67e72e3a7c844be
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Date: Thu, 13 Oct 2022 15:41:18 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 15:51:34 GMT
Accept-Ranges: bytes
Content-Length: 647484
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (15)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations