r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5ceaca9fd4ad000cb435820812fc69c8
8168397aaf7b572c89a9c83f46c0b65e4ac509f2
9c4e52e7e17158307d752db0bc3d1fbedae4f305cc301fd73b260f73ab796492
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9C4E52E7E17158307D752DB0BC3D1FBEDAE4F305CC301FD73B260F73AB796492"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2895
Expires: Wed, 07 Dec 2022 14:15:42 GMT
Date: Wed, 07 Dec 2022 13:27:27 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash aaee4cb7873d6f1effbadf269482e100
bd55730ac8414fb6861b03c2a97319b4063e2cb9
d724fd9c5704fb8948d575357cad0032e89cf275d57ddb86f013fa97e033487c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3924
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:27:27 GMT
Last-Modified: Wed, 07 Dec 2022 12:22:03 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash a0abf10fb7e96c1c98dacf2f013a68b4
acdd839bce85eadc78a8e821e32e00a958d5c0c8
b85d98f8df05431777d96c767ce4c152302ec3f653cdf6e61c8c3fa9574f3255
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B85D98F8DF05431777D96C767CE4C152302EC3F653CDF6E61C8C3FA9574F3255"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12335
Expires: Wed, 07 Dec 2022 16:53:02 GMT
Date: Wed, 07 Dec 2022 13:27:27 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VALn+LW39hhp+YTrpy3TzWf1sVU9nASaa4Tdeg2hvnGjLxVWArHIZ+Rp4/Czs+104pFFfmOnGSs=
x-amz-request-id: 915804JYQ7WVQ13P
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 07 Dec 2022 12:47:30 GMT
age: 2397
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
82.102.147.36/
82.102.147.36200 OK 1.6 kB IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash eeddef9b7d839d5eb7aa6fde79fe48d8
07495660322dd593115824fc762ae0c7ae353c3d
4335eff199f3741d51382b5cdbd6c652352c5be085935a9fbdd197bfc7bb9e50
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Sun, 07 Oct 2018 07:33:12 GMT
Accept-Ranges: bytes
ETag: "0ac690105ed41:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 1562
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 07 Dec 2022 13:27:27 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
82.102.147.36/css/ui.jqgrid.css
82.102.147.36200 OK 18 kB URL HTTP/1.1 82.102.147.36/css/ui.jqgrid.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (310), with CRLF line terminators
Hash 596faafaabea894df9cb104a58568d47
c76f2230e9a77d3022e1f3b56956f21c86fa6cbe
3c23b591665c9f843f05856364790853b61000f1bdea00e39b6f6af71f5a56f8
Analyzer Verdict Alert quad9 Sinkholed
GET /css/ui.jqgrid.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 17693
82.102.147.36/fancybox/jquery.fancybox.css
82.102.147.36200 OK 5.2 kB URL HTTP/1.1 82.102.147.36/fancybox/jquery.fancybox.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with CRLF line terminators
Hash 50bb6c47c621b7493410c3ec9fb9fbb1
82f33ad0842aa9c154d029e0dada2497d4eb1d57
4db7cea580d713cbf55a968c66266734d5b859e362827aa3c6b3925641f40f84
Analyzer Verdict Alert quad9 Sinkholed
GET /fancybox/jquery.fancybox.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 5168
82.102.147.36/css/jquery.timepicker.css
82.102.147.36200 OK 1.7 kB URL HTTP/1.1 82.102.147.36/css/jquery.timepicker.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with CRLF line terminators
Hash 19620fd89231594215d2a6a9d3821caa
adb89a50d97a6fa76f67f3eb26f837433eacb418
3b7319f6b0022058fd7748b9e75018ea1399f4267a01396627f70956a95f642b
Analyzer Verdict Alert quad9 Sinkholed
GET /css/jquery.timepicker.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 1656
82.102.147.36/css/basscss.min.css
82.102.147.36200 OK 9.8 kB URL HTTP/1.1 82.102.147.36/css/basscss.min.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (9848), with no line terminators
Hash 2647367ad7587cfc6dc326e96160e9ef
eceab88b749008b82c0a458cf091f04829941e2c
37728db88a6fb86ebe8f3f1e209d934d8dbdf5fa832d7fde43bf064066dae25a
Analyzer Verdict Alert quad9 Sinkholed
GET /css/basscss.min.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 9848
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 053aff7451e55d4269dd9610ab070f3f
b3376256d11d159b0c7280ba1515b78d7d9e12ca
24114ca560fe70d03185bd66985603fd5a03dc310aa9a8ea7a7b3723ed46ce3e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3909
Cache-Control: max-age=161071
Content-Type: application/ocsp-response
Date: Wed, 07 Dec 2022 13:27:28 GMT
Etag: "639057aa-1d7"
Expires: Fri, 09 Dec 2022 10:11:59 GMT
Last-Modified: Wed, 07 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
82.102.147.36/css/jquery-ui.css
82.102.147.36200 OK 37 kB URL HTTP/1.1 82.102.147.36/css/jquery-ui.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (2363), with CRLF line terminators
Hash b73d3396443c7f649213a09bfe1f1db6
1db7c95cfef020c084e8e883f9a55424e976460f
2313513e1c46af3986818f821cd2d456386844be3fc961697e5080cb99acd382
Analyzer Verdict Alert quad9 Sinkholed
GET /css/jquery-ui.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 36765
82.102.147.36/js/i18n/grid.locale-he.js
82.102.147.36200 OK 6.2 kB URL HTTP/1.1 82.102.147.36/js/i18n/grid.locale-he.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type Unicode text, UTF-8 text, with very long lines (513), with CRLF line terminators
Hash 47ce44a1e280a118bfc535b3bfce4a65
507ec2450c57368a5debeab0edddd06cd15de5f2
f550fee5de870930e5385141d4792728a029f6e00ab967b0b6396ebcca52efef
Analyzer Verdict Alert quad9 Sinkholed
GET /js/i18n/grid.locale-he.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 6239
82.102.147.36/css/application.css
82.102.147.36200 OK 18 kB URL HTTP/1.1 82.102.147.36/css/application.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (1358), with CRLF line terminators
Hash f3c45930ecdffef51ac1c2d284698878
3b87476b2fd3b831cf72abe12e9bc41d78e3e2b0
3b8b2fda8179927f9c1a4ffd005ef38d507c3697c6872cc2207ffc42fa0da4c7
Analyzer Verdict Alert quad9 Sinkholed
GET /css/application.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Thu, 15 Aug 2019 12:21:26 GMT
Accept-Ranges: bytes
ETag: "0a752f56353d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 18263
82.102.147.36/js/config.js
82.102.147.36200 OK 287 B URL HTTP/1.1 82.102.147.36/js/config.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with CRLF line terminators
Hash 475b1e1892f172f27d7c6d2bcd9856ee
2ec8058a32304ffa6183f5f57d33a5209b391306
72533812e99eddfff740c991063fc9d53c2f1b1ff57f88a62b50c697c169778c
Analyzer Verdict Alert quad9 Sinkholed
GET /js/config.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Tue, 05 Nov 2019 07:29:20 GMT
Accept-Ranges: bytes
ETag: "0c8e2bcaa93d51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:30 GMT
Content-Length: 287
push.services.mozilla.com/
52.38.139.17101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.38.139.17:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iiMYjsMRkj3SZsCTpSV9wQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: dLA+RCPpxC8ffLjiO4L3w1r/73s=
82.102.147.36/js/jquery.timepicker.min.js
82.102.147.36200 OK 15 kB URL HTTP/1.1 82.102.147.36/js/jquery.timepicker.min.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (15051), with CRLF line terminators
Hash fd7bedf7d2aaf98a7f544577fdcee5e7
825795e72d26ccb72ddbe72f7546aa713a2f4928
b26d5fd0bd551ba29050fcd492526ee3346e6e3d9f904cd0665be319ca6174ab
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.timepicker.min.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:30 GMT
Content-Length: 15303
82.102.147.36/fancybox/jquery.fancybox.pack.js
82.102.147.36200 OK 23 kB URL HTTP/1.1 82.102.147.36/fancybox/jquery.fancybox.pack.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (645), with CRLF line terminators
Hash 0ca8cd384931d74c4b6a9f592e987f69
ae6318aeb62ad4ce7a7e9a4cdacd93ffb004f0fb
2be721560b8cae178785531dc523d2f7b9b173bb6571536fed94a85c0d31c525
Analyzer Verdict Alert quad9 Sinkholed
GET /fancybox/jquery.fancybox.pack.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:30 GMT
Content-Length: 23180
82.102.147.36/js/jquery-1.11.0.min.js
82.102.147.36200 OK 96 kB URL HTTP/1.1 82.102.147.36/js/jquery-1.11.0.min.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (32341), with CRLF line terminators
Hash eaec1712551cd2792f4607f39fab12e7
2439711705752fac5dd1a6a8d6b1be63ffcbc76d
746e54e89161118a67bd59103c4ab55e3060735cc85c1d047c2cf04d4b12043d
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery-1.11.0.min.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 96385
82.102.147.36/js/appInfraFuncs.js
82.102.147.36200 OK 1.4 kB URL HTTP/1.1 82.102.147.36/js/appInfraFuncs.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type Unicode text, UTF-8 text, with CRLF line terminators
Hash 09aefad99f08757371b6cf7ea6fbba56
e76483632ff99cd69f465b48c7dcb9b7599c68ca
bb23b1eddcbc157cc2be7cb0b6cad4daf9f44f0ed2f86366822b1650d2e4f3bd
Analyzer Verdict Alert quad9 Sinkholed
GET /js/appInfraFuncs.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:30 GMT
Content-Length: 1423
82.102.147.36/js/app.js
82.102.147.36200 OK 18 kB IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 1ac5b0cd910b9070f35770a848a73cd9
69c7d88848cac46f0beb333989764861c2a143a3
dc35236cd811c53ce994fe906540f5722526ba373c46847defb8e09bcf1a303d
Analyzer Verdict Alert quad9 Sinkholed
GET /js/app.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Sun, 17 Nov 2019 08:39:58 GMT
Accept-Ranges: bytes
ETag: "043e397229dd51:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:30 GMT
Content-Length: 18085
82.102.147.36/js/jquery-ui.min.js
82.102.147.36200 OK 240 kB URL HTTP/1.1 82.102.147.36/js/jquery-ui.min.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (32035), with CRLF line terminators
Size 240 kB (240439 bytes)
Hash 6a8d2ad2b8a68c521fa71d81dfea6142
73f6a5f546e8ec56ec6cbbf4a37749d165d04b66
c4d069befff8b641042baf92c240f4915d376e80f70a5d1b24d1f3182a6cb443
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery-ui.min.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 240439
82.102.147.36/js/jquery.jqGrid.min.js
82.102.147.36200 OK 332 kB URL HTTP/1.1 82.102.147.36/js/jquery.jqGrid.min.js
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type ASCII text, with very long lines (6642), with CRLF line terminators
Size 332 kB (331752 bytes)
Hash c94ed3a5bc5264cb71830878d1f7f874
4153c57f5dc7970c1267c636a48f218becd78bbe
15ecde61cbc68db697822484e3c8a7e187b3e0aa1ae8138c85747ca3938405b6
Analyzer Verdict Alert quad9 Sinkholed
GET /js/jquery.jqGrid.min.js HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
HTTP/1.1 200 OK
Content-Type: application/javascript
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:29 GMT
Content-Length: 331752
82.102.147.36/login.html
82.102.147.36200 OK 3.7 kB IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 67769a54cfcc180692d9c21673263b9d
f323f2bbfd1cb7516a43e4ac7da73e290f729aca
62aa7262311fef655b991b23b1396bc609837dc0abf22aba452a976172f0b01c
Analyzer Verdict Alert quad9 Sinkholed
GET /login.html HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Content-Type: text/html
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:31 GMT
Content-Length: 3683
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:27:29 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 1ab1615b2c8cc26b12fc0cf41734ff07
a7d54b3709ce75a20210e20013e6f06b0aa88e2d
22b22118173565879d7c4a2d54a3546aeab6a4a30e69268b294a98019fbd6ba1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "22B22118173565879D7C4A2D54A3546AEAB6A4A30E69268B294A98019FBD6BA1"
Last-Modified: Tue, 06 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3485
Expires: Wed, 07 Dec 2022 14:25:34 GMT
Date: Wed, 07 Dec 2022 13:27:29 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8055d0db573ab34924db3b60ed788bb2
a4aae05e7a929fc7f652f56748d2a2da9c44ac45
f6a9555f112882d4ac284c6dc26ae0f02f6ccf8ee312615e01ebec8242bade1f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d62ac4e-2ac8-4e49-a61b-a48cff80ffd2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9987
x-amzn-requestid: 3d4d7dd0-2be0-46c1-a9c0-aa3cce2e8c81
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csSvUHhJIAMFZYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e64c8-63a6960043564aa762caaabe;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:38:16 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XuCC11WgzRMNmSeJIacnkPnv1FU_H6_MHMwXYHDoiuXbAWXT7zjDQw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:28:34 GMT
age: 53935
etag: "a4aae05e7a929fc7f652f56748d2a2da9c44ac45"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210b27f5f6310d8fad640acce3d9ae0e
08d241e56622cb900754d95bc5d58ed8826d9f32
64410e13759cdfa24976dcba0c64aca27edc3ee56358f344e55f60793422e3ea
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fffe93cbd-4506-4ab1-b0ea-94eabecae7b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6557
x-amzn-requestid: 0232ddcd-8274-431e-a55e-8298fbfd6dfc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cmcuMG6bIAMFUng=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638c0e5a-3cc17121425f87321ce7ae7e;Sampled=0
x-amzn-remapped-date: Sun, 04 Dec 2022 03:04:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: va_vly0iX6rzm_aTWrryPRjoTWlI-_0m6rpS6VrTx-nsd71dk1cSZw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 06:11:41 GMT
age: 26148
etag: "08d241e56622cb900754d95bc5d58ed8826d9f32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b15136d60fd0a5e0f657a4f5c75d540f
36082b7329d473829178f280cb71a83b1531e486
79478269b1f5dcfd1e45ccd4264fa44805b37c5c8fec820bcbd2fa1689dfbbd8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F962c65f4-b402-46b4-83ba-50f3159341f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11224
x-amzn-requestid: 938de0b8-1055-4416-9ad7-162ab5f4db9f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: csUINEwdoAMFuOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638e6701-38b079ef341bb17e567de773;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 21:47:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ViuPsZBEVJ-aGOcsfrl3nXu244mzMUMQVhpPeNlO7W3sBrrfuUfXpA==
via: 1.1 f0ac467993db44dbfc36b778dfcaf73c.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 22:32:04 GMT
age: 53725
etag: "36082b7329d473829178f280cb71a83b1531e486"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e95ebce9d79ba46cb96af9a45af1762f
985c6761675e6bcc0186f64d55f94cf09352f05c
5837d6bf31e57f955ba2577f112281cc33a5502b358c83192f4e396b57042ac0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F22142ca2-85b4-47d4-8eaa-fcf2823b2c28.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8438
x-amzn-requestid: 0f5d1b0e-1193-4006-8a54-555681d9f62e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlqVGMjoAMFS6w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb641-6366ea6464122d857407cdff;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:38:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2j9gqNvWYRFM-li9Nj4nLAWe_eKWMSwagPgU3eAtk0pjcJUX4Q8XEA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:55:40 GMT
etag: "985c6761675e6bcc0186f64d55f94cf09352f05c"
content-type: image/jpeg
age: 55909
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0f0782df385287698881f1c19e79b96
5a25f245b594f6cbf2fdaeed2463ac5fbc08068a
4f795cd2286e194cd96751e6a4e3bd0da09c6db5344182e51986b65149e75cd7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe3a455f5-9c19-4e6f-ab7a-1fe9c399118f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8579
x-amzn-requestid: 0efa303a-364e-488d-beac-24836c7c1e4f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cvlirE2KoAMFX9g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638fb610-5564a0c0264ed36f0497e17e;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 21:37:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: xpzGji_JAWkUjhXLouXWlin6rV-44shz6Z_STqo7uK7ZUV2PWs7Zpg==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 06 Dec 2022 21:54:15 GMT
age: 55994
etag: "5a25f245b594f6cbf2fdaeed2463ac5fbc08068a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c9257f2e3b9bd1b3aa262b0f4bf57968
4bcdd6ecd63834aa1010faf19457a97f37ae99fa
9afd592279c51b533b3bf72a860cf4a8f2bc6cf01b07d1ab6f11f0ff302e0ef6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feeb81330-af0b-4cc3-bd0e-591ba064667a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7392
x-amzn-requestid: f4b6890a-7a8f-48f8-b2af-365cb5f681e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cpwREFiXoAMFSMw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638d60d3-009e524f30c72d0629c877bb;Sampled=0
x-amzn-remapped-date: Mon, 05 Dec 2022 03:09:07 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C0-H0LUbxaxMEXoDf6PXEFAvVTj2D9K2M7eshRo39QzAAWSk2ubepA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:27:19 GMT
age: 36010
etag: "4bcdd6ecd63834aa1010faf19457a97f37ae99fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
82.102.147.36/css/app.css
82.102.147.36200 OK 12 kB URL HTTP/1.1 82.102.147.36/css/app.css
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type Unicode text, UTF-8 (with BOM) text, with very long lines (1358), with CRLF line terminators
Hash d7323f6b5ace2898391e7f555c656348
3d765243ae5da4d39e3f987a79838ed9662292ff
530f67ef866a7e81c06277860d6afdb0a63408da2d77cc1d7c3484146c6126bc
Analyzer Verdict Alert quad9 Sinkholed
GET /css/app.css HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/login.html
HTTP/1.1 200 OK
Content-Type: text/css
Last-Modified: Wed, 20 Jun 2018 09:03:00 GMT
Accept-Ranges: bytes
ETag: "07ae27c758d41:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:31 GMT
Content-Length: 12408
82.102.147.36/assets/images/logo.png
82.102.147.36200 OK 23 kB URL HTTP/1.1 82.102.147.36/assets/images/logo.png
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type PNG image data, 331 x 105, 8-bit/color RGBA, non-interlaced\012- data
Hash 8c06d065458f7076092efc594d07ef85
cdbbdd0c8cdf85084b4672f27a52aaa575e5e075
ecf39c09756521e654c281b7e556ff81107e52a22427087e49a252c5a0c13f92
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/logo.png HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/login.html
HTTP/1.1 200 OK
Content-Type: image/png
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:31 GMT
Content-Length: 22946
82.102.147.36/assets/images/favicon.ico
82.102.147.36200 OK 5.4 kB URL HTTP/1.1 82.102.147.36/assets/images/favicon.ico
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type MS Windows icon resource - 2 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash 15e5353c264012add7b4ae8e725178ba
10f0811c5c7fcd4161e64f7923931a7a77dae211
2f5f35af656f9ffad288b98e67dde6c745320225e328e7cad6206c69ab78da38
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/favicon.ico HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/login.html
HTTP/1.1 200 OK
Content-Type: image/x-icon
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:32 GMT
Content-Length: 5430
82.102.147.36/assets/fonts/Alef.ttf
82.102.147.36200 OK 91 kB URL HTTP/1.1 82.102.147.36/assets/fonts/Alef.ttf
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type TrueType Font data, 19 tables, 1st "FFTM", 11 names, Microsoft, language 0x409, Copyright (c) 2012 by Hagilda. All rights reserved.AlefRegular1.001;UKWN;Alef-RegularAlef Regula\012- data
Hash fce9cab75f7d497781d7df9a8d91c316
ade252fecc66e709bd659b12089a7356d042f8f7
d424d553c4b1ab0473ca7198a980d767c1e697f2d74a1d95705c9855c02f41de
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/fonts/Alef.ttf HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/css/app.css
HTTP/1.1 200 OK
Content-Type: application/octet-stream
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:31 GMT
Content-Length: 91360
82.102.147.36/assets/images/background.jpg
82.102.147.36200 OK 1.0 MB URL HTTP/1.1 82.102.147.36/assets/images/background.jpg
IP 82.102.147.36:0
ASN #12400 Partner Communications Ltd.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=14, height=1987, bps=182, PhotometricIntepretation=RGB, manufacturer=NIKON CORPORATION, model=NIKON D5100, orientation=upper-left, width=3000], baseline, precision 8, 3000x1987, components 3\012- data
Size 1.0 MB (1031164 bytes)
Hash 21499d05a1b3a5b73f8f299438cc9315
7e183bf2ab13a1a756341b94b35e1211e2d096c6
df6465deee7480faa2e7e8d0ffccadc27e057f391b2df6aabac92c17d1941368
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/images/background.jpg HTTP/1.1
Host: 82.102.147.36
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://82.102.147.36/css/app.css
HTTP/1.1 200 OK
Content-Type: image/jpeg
Last-Modified: Fri, 20 Apr 2018 14:07:38 GMT
Accept-Ranges: bytes
ETag: "03139f0b0d8d31:0"
Server: Microsoft-IIS/10.0
X-Powered-By: ASP.NET
Date: Wed, 07 Dec 2022 13:27:31 GMT
Content-Length: 1031164
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b6f4dd03deb6114fec01808b034a711c
c74d29bba44dbb09158da4b9e1b490112c7db915
ddc6721d8a42821c458cf6d5c64ebd10ca0002c95a275be1732cd9ade7bf1b6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc8e8fa64-7cd3-460d-9040-af3ca0e2a5f5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10567
x-amzn-requestid: b9b16cdf-bfa2-4e3c-b00f-1704dd3473d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cgIC6EgLoAMF3hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638986df-3945eea57676d3f91f8f2b3c;Sampled=0
x-amzn-remapped-date: Fri, 02 Dec 2022 05:02:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jq1EHQBqVeb9KBozcSUpieXUDHhouxr6YkJrhiqqZ4VP1ZwPV6LHEA==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 07 Dec 2022 03:57:34 GMT
age: 34202
etag: "c74d29bba44dbb09158da4b9e1b490112c7db915"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2