209.97.188.161/ricky
209.97.188.161200 OK 9.1 kB IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 825925f7dd6740947a20e4ddda37edb2
da4b7d99bb8f23e867b3ce7503c4ec95df291542
4f15a13289f116e61fef699629d8fd93f6beb93b1306da3594184f9c2822ba8b
Analyzer Verdict Alert quad9 Sinkholed
GET /ricky HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: text/html
Last-Modified: Sat, 07 Sep 2019 15:11:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5d73c88b-92e9"
Content-Encoding: gzip
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5eb7c9bc996a0ff420e58af45526f053
8c2614832b8efe1c9da0bbd465d6f3f172d95a9e
c085cf277dd0429fe15e4a4bce5595636e9f2204d5a8e77220f8bf88adf4068f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C085CF277DD0429FE15E4A4BCE5595636E9F2204D5A8E77220F8BF88ADF4068F"
Last-Modified: Sun, 29 Jan 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15484
Expires: Mon, 30 Jan 2023 17:03:55 GMT
Date: Mon, 30 Jan 2023 12:45:51 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 0c35c3ec659d3a26ea97e68d787bb043
d97e3672244efec5b7814f2d8a734cd1a9387854
4c946a026114ff05316d92277750facf3d5f5d162839149da0b7fb1a4cff6b5e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4C946A026114FF05316D92277750FACF3D5F5D162839149DA0B7FB1A4CFF6B5E"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19390
Expires: Mon, 30 Jan 2023 18:09:01 GMT
Date: Mon, 30 Jan 2023 12:45:51 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Alert, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 30 Jan 2023 12:43:11 GMT
content-type: application/json
age: 160
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 09ee4b0fe6cf4ca5ed31b24452338d00
7e62b6e20f0d4737f4a8d94f9818a0883027839e
56da08e18a408d7313de4e598984a251a0ecf85bbba98b421be9aebeb98835af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "56DA08E18A408D7313DE4E598984A251A0ECF85BBBA98B421BE9AEBEB98835AF"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3825
Expires: Mon, 30 Jan 2023 13:49:36 GMT
Date: Mon, 30 Jan 2023 12:45:51 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Pg8SBxabyCoBbgcpdbLZiZnal6C3qWkgdzRk8FsQ9ficMKaC5XIgAyRvIEehIjp69yhqU2XxT6I=
x-amz-request-id: ZY49XR93H3DMMJY1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 30 Jan 2023 11:50:43 GMT
age: 3308
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 30 Jan 2023 12:45:51 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
209.97.188.161/dist/css/style.css
209.97.188.161200 OK 44 kB URL HTTP/1.1 209.97.188.161/dist/css/style.css
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (43481), with no line terminators
Hash 531780e41d25dbe1448ec48fa81b8c54
bdfdbe2510793c64d1bcc1fc33a3ac9c69195258
c8975957f931df209c0f0bea093be39bab1fe193053837a10a14fe00d5046b9c
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/css/style.css HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: text/css
Content-Length: 43481
Last-Modified: Mon, 12 Aug 2019 16:29:06 GMT
Connection: keep-alive
ETag: "5d5193d2-a9d9"
Accept-Ranges: bytes
209.97.188.161/dist/js/bundle.js
209.97.188.161200 OK 24 kB URL HTTP/1.1 209.97.188.161/dist/js/bundle.js
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (20062)
Hash ab1c4586f0f5e54c95c4b5db27bdf204
cd7f4718af21e2444f5da3ae785e633ac7b4b223
93c94dd2ade43a8805610b2755a9f3c3e237583bd99575e3a4376c501c86110e
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/js/bundle.js HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: application/javascript
Content-Length: 23721
Last-Modified: Mon, 12 Aug 2019 16:29:06 GMT
Connection: keep-alive
ETag: "5d5193d2-5ca9"
Accept-Ranges: bytes
use.typekit.net/wcb1sik.css
23.36.76.122200 OK 898 B URL HTTP/2 use.typekit.net/wcb1sik.css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Unicode text, UTF-8 text, with very long lines (516)
Hash e2a0dfba8ebd06f2b15005da14049f2b
f10f3a44b52b7696db31a2fea0faae88d259d8a5
dadb3f96eef764e1dd0aa642c73d95cd51bea9fb2c66fc81f2889bb72ee99a78
GET /wcb1sik.css HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://209.97.188.161/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: text/css;charset=utf-8
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains;
cache-control: private, max-age=600, stale-while-revalidate=604800
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-encoding: gzip
content-length: 898
date: Mon, 30 Jan 2023 12:45:51 GMT
X-Firefox-Spdy: h2
209.97.188.161/dist/img/dncobl.jpg
209.97.188.161200 OK 25 kB URL HTTP/1.1 209.97.188.161/dist/img/dncobl.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x400, components 3\012- data
Hash ebed4a3d3f5a5096be0ccacfd0f4f3a1
a0de9d02ae7fd925e342104424f4741ee6e5c0fa
dcaf1070fdd2613fef6a423b2bc7140fd01fb3e60b6904ca3c147b8553124ffe
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/dncobl.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/jpeg
Content-Length: 25423
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-634f"
Accept-Ranges: bytes
209.97.188.161/dist/img/sh-logo.jpg
209.97.188.161200 OK 12 kB URL HTTP/1.1 209.97.188.161/dist/img/sh-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash cf4fed55e1f5bd7d6c8bedc7e53a8db6
ec395c519891506b9ea0b6e35cdba2fcff15008f
d6acfb4f51185786014694582e94890335ac9239f92b76d50118f797daf1fc34
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/sh-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/jpeg
Content-Length: 12532
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-30f4"
Accept-Ranges: bytes
p.typekit.net/p.css?s=1&k=wcb1sik&ht=tk&f=10294.10295.10296.10298.10299.10300.10301.10304&a=19810622&app=typekit&e=css
23.36.76.122200 OK 5 B URL HTTP/2 p.typekit.net/p.css?s=1&k=wcb1sik&ht=tk&f=10294.10295.10296.10298.10299.10300.10301.10304&a=19810622&app=typekit&e=css
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
Hash 83d24d4b43cc7eef2b61e66c95f3d158
f0cafc285ee23bb6c28c5166f305493c4331c84d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
GET /p.css?s=1&k=wcb1sik&ht=tk&f=10294.10295.10296.10298.10299.10300.10301.10304&a=19810622&app=typekit&e=css HTTP/1.1
Host: p.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/css
content-length: 5
last-modified: Thu, 28 Jul 2022 22:24:50 GMT
etag: "62e30cb2-5"
cache-control: public, max-age=604800
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
209.97.188.161/dist/img/msd-logo.jpg
209.97.188.161200 OK 12 kB URL HTTP/1.1 209.97.188.161/dist/img/msd-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash 5efc20a6c5dd285fcb56fd24422e3a9b
77bc897403d2b94e6de3c5c1098ed27dd821bec9
f33b37cc68bf9ca03a3d7c8d5d7b93d0526646923d7a0086a4b6e8ed76878080
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/msd-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/jpeg
Content-Length: 12029
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-2efd"
Accept-Ranges: bytes
209.97.188.161/dist/img/bpa-logo.jpg
209.97.188.161200 OK 20 kB URL HTTP/1.1 209.97.188.161/dist/img/bpa-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash f0ebb785142e55f49dd36f97b57e27d7
4e72fff037202ad237afaab014bf353ab1beceb1
ee8ea59112a086204a185af9dc5770fc3b3f775b6a511539275338fcff97db7b
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/bpa-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/jpeg
Content-Length: 19697
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-4cf1"
Accept-Ranges: bytes
use.typekit.net/af/2f8f3d/0000000000000000000132dd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
23.36.76.122200 OK 29 kB URL HTTP/2 use.typekit.net/af/2f8f3d/0000000000000000000132dd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 28916, version 1.0\012- data
Hash ad96437a305e8db4638e7bfe50545669
b3d2d64fc818f76bd170649493969d551efb1618
7b3f9977e4430713707bd0c59d452f27a77ecf7df9fd5bf3441d7e33eb7bac2d
GET /af/2f8f3d/0000000000000000000132dd/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://209.97.188.161
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 28916
etag: "64c9d90e55f2292243c241f35a0066529a28975c"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/8f4e31/0000000000000000000132e3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 27712, version 1.0\012- data
Hash ce87f4e0d16868acaa3a5f4d894e9c29
b0b82fa20adb7c495172f8345f0ef0a64d2f815e
fc19e2d873270cfa3ce69c2345fac36b8ab1b0fe2cd8983f0946a8c180f236b3
GET /af/8f4e31/0000000000000000000132e3/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://209.97.188.161
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27712
etag: "79f9defc7632bc87dc40a06c82c11882a3000992"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
209.97.188.161/dist/img/bl-screens.jpg
209.97.188.161200 OK 255 kB URL HTTP/1.1 209.97.188.161/dist/img/bl-screens.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x1272, components 3\012- data
Size 255 kB (254892 bytes)
Hash 89ef72a5841ae9e996ad81b40e9dbb42
e0e0e34e89221951974f793fdbf627dc1bc53598
202ea588643a2a3710d7084dde943222ddfa1fcb24186ea504e2a6bd9c97f2de
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/bl-screens.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/jpeg
Content-Length: 254892
Last-Modified: Wed, 17 Jul 2019 17:59:09 GMT
Connection: keep-alive
ETag: "5d2f61ed-3e3ac"
Accept-Ranges: bytes
209.97.188.161/dist/img/newspapers.jpg
209.97.188.161200 OK 370 kB URL HTTP/1.1 209.97.188.161/dist/img/newspapers.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=9, manufacturer=FUJIFILM, model=FinePix X100, xresolution=146, yresolution=154, resolutionunit=2, software=Adobe Photoshop Lightroom 4.2 (Macintosh), datetime=2014:06:20 15:43:02], baseline, precision 8, 2048x1365, components 3\012- data
Size 370 kB (369786 bytes)
Hash 462780e9482a9212b40fb4df6773b089
f6fd0520d1f1a6b6f798abe12b7edbf889a4925e
ea401858265f00caaa1250169486f4db9e5a6102b8c56393b6c5515f6194a263
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/newspapers.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 369786
Last-Modified: Mon, 12 Aug 2019 16:29:06 GMT
Connection: keep-alive
ETag: "5d5193d2-5a47a"
Accept-Ranges: bytes
use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
23.36.76.122200 OK 29 kB URL HTTP/2 use.typekit.net/af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 29052, version 1.0\012- data
Hash 3437e060c8710bccafd202e3da9a25dc
8e1bbee3d09332165b23156a05b43641f8d9f913
0656089e2e797a739897875d68a79ca62256a3c76ab3f4c31cb2f363cd778fee
GET /af/031bc7/0000000000000000000132e5/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n9&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://209.97.188.161
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 29052
etag: "a6e56bc1473094b110819c4cfa4169b4a97bd255"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
23.36.76.122200 OK 27 kB URL HTTP/2 use.typekit.net/af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), TrueType, length 26888, version 1.0\012- data
Hash 6c288957e1ea69636d76b434a53c65ef
b8e0e2074136f3b167567d532312cc0f838bdf5f
c763917e443b5583abccb9674edfaf82deada941ad5894d28c672c632fcd64dc
GET /af/1da05b/0000000000000000000132df/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://209.97.188.161
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 26888
etag: "49d80c15efa35e0c65ed7e265d2c0333b309aa4e"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
use.typekit.net/af/9f8c97/0000000000000000000132de/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
23.36.76.122200 OK 28 kB URL HTTP/2 use.typekit.net/af/9f8c97/0000000000000000000132de/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3
IP 23.36.76.122:0
ASN #20940 Akamai International B.V.
File type Web Open Font Format (Version 2), CFF, length 27644, version 1.0\012- data
Hash 32dea0dfe2c7a3ede6b2ae880b77ccff
2eaf084d1cebdb67195ff36095bd60963b664493
76e2f52dcea04ef19064b8b212b30edcedfc27644bc78efda194202ce003a68a
GET /af/9f8c97/0000000000000000000132de/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i3&v=3 HTTP/1.1
Host: use.typekit.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://209.97.188.161
Connection: keep-alive
Referer: https://use.typekit.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/font-woff2
content-length: 27644
etag: "2845d57b5fe9ac2edd2d998dc4d48bd3f331d4c5"
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cache-control: public, max-age=31536000
date: Mon, 30 Jan 2023 12:45:52 GMT
X-Firefox-Spdy: h2
209.97.188.161/dist/img/me-top.png
209.97.188.161200 OK 3.5 MB URL HTTP/1.1 209.97.188.161/dist/img/me-top.png
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 1400 x 1769, 8-bit/color RGBA, non-interlaced\012- data
Size 3.5 MB (3462331 bytes)
Hash 112706bc83fbc6da8be7e584f9c6906e
89f3614ad0e9f11a5da00fe990e22b30cde4869f
60e29b71b061f762add0ffdc72222661460e2c8a49ecaf201f978189d19a6e92
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/me-top.png HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:51 GMT
Content-Type: image/png
Content-Length: 3462331
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-34d4bb"
Accept-Ranges: bytes
209.97.188.161/dist/img/ibmcds-screen1.jpg
209.97.188.161200 OK 58 kB URL HTTP/1.1 209.97.188.161/dist/img/ibmcds-screen1.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 800x467, components 3\012- data
Hash 5bb7670e84d3d81fc511e352ca1e387a
0dc14676aa48ecaa464ae18ff5b39fc51fd3857f
c32c30baa8067509743559e76be64f6158fed89221d3dbaaf9aa794f7504b9c2
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/ibmcds-screen1.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 57589
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-e0f5"
Accept-Ranges: bytes
209.97.188.161/dist/img/me-small.jpg
209.97.188.161200 OK 36 kB URL HTTP/1.1 209.97.188.161/dist/img/me-small.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x400, components 3\012- data
Hash 9b5318cd104253b6251565f0316fc5f2
ee20954655e7e333117fe8c2a47e77f350963a22
f625e16db67f81f2a4363f3923e82d02ecc3617ced5e8df468fbca758536c9d7
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/me-small.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 36042
Last-Modified: Tue, 16 Jul 2019 16:12:19 GMT
Connection: keep-alive
ETag: "5d2df763-8cca"
Accept-Ranges: bytes
209.97.188.161/dist/img/mitie-logo.jpg
209.97.188.161200 OK 15 kB URL HTTP/1.1 209.97.188.161/dist/img/mitie-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash 874d261d7c65e40cb78f9f08930142b2
c43b59da85b10d55c21aa5a94d8813c954111121
556d81d5465d20c5958cca04917e7a80d426f68eb383988aec656ad2e7e01116
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/mitie-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 15071
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-3adf"
Accept-Ranges: bytes
209.97.188.161/dist/img/bl-logo.jpg
209.97.188.161200 OK 16 kB URL HTTP/1.1 209.97.188.161/dist/img/bl-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash f93eda47b43993f8094968cd0af7ed7e
176b53395d0aadac4d3b5e734fd0db1cc39f6e3c
6504a61eb828f8670e112e224ea5231be33a4a33eafcb1ec2f5f67fb5261e080
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/bl-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 15833
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-3dd9"
Accept-Ranges: bytes
209.97.188.161/dist/img/vf-logo.jpg
209.97.188.161200 OK 15 kB URL HTTP/1.1 209.97.188.161/dist/img/vf-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash 7772efcf990ff3e3a8b21fd804992cab
206147c42e6a4a7a6e90646ff73983aa43ff9452
0ddcbb7ad4f5be812a7448eb72f1f5c21adb2f2090fac01b8ae372a9dd5d5ee6
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/vf-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 15272
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-3ba8"
Accept-Ranges: bytes
209.97.188.161/dist/img/huawei-logo.jpg
209.97.188.161200 OK 20 kB URL HTTP/1.1 209.97.188.161/dist/img/huawei-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash 1b967d773c1f94a3f8e24ed67e94c7c4
5587a14f753d424f03f9377ff2be3fb966a2604a
7b3c3de9bfc7caa17050f33416478383d4b2b09e6f529fd170a8d72a0ebee2ee
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/huawei-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 20384
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-4fa0"
Accept-Ranges: bytes
209.97.188.161/dist/img/hamilton-logo.jpg
209.97.188.161200 OK 9.8 kB URL HTTP/1.1 209.97.188.161/dist/img/hamilton-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash c6a803326e8c2b03916231522e22cd7e
3691b7c755c9434379f14521aab17a85c299252f
6a6074518ca912bd2dc5d084897630d94a7c623fa9114f05c3a8c7b2daa49a7d
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/hamilton-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 9840
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-2670"
Accept-Ranges: bytes
209.97.188.161/dist/img/ibm-logo.jpg
209.97.188.161200 OK 17 kB URL HTTP/1.1 209.97.188.161/dist/img/ibm-logo.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 400x300, components 3\012- data
Hash 1f8f0bd3e08b44bd9db1b0a67da24e39
0957f5d8f8f183bfd9cf5272f51293d7aa9eca8d
16c0b4bbf4f4f61049ff99a88eb93a03353d23697486cd23c43c2c6675a9bb1c
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/ibm-logo.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 16594
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-40d2"
Accept-Ranges: bytes
209.97.188.161/dist/img/ibmcds.png
209.97.188.161200 OK 95 kB URL HTTP/1.1 209.97.188.161/dist/img/ibmcds.png
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 897 x 576, 8-bit/color RGBA, non-interlaced\012- data
Hash 956439b5ad757385d874de2a31d5a666
50ac9fb4b6eb9f596d1f58386dc6328ce5cdd2aa
37081869e76793f1dba5da13d9a2747b8e333d499372f805caa514ab06d19740
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/ibmcds.png HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/png
Content-Length: 94652
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-171bc"
Accept-Ranges: bytes
209.97.188.161/dist/img/ibm-sc.jpg
209.97.188.161200 OK 226 kB URL HTTP/1.1 209.97.188.161/dist/img/ibm-sc.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 620x438, components 3\012- data
Size 226 kB (225606 bytes)
Hash cc3608d206098cfe403cad74f6c539ff
e13573daf3cdc2f68b695c3e92428790adf74a5e
b8febe54217f72f2673f994330c829e34ad5083960ada18fbc2ced825f6ae3af
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/ibm-sc.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 225606
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-37146"
Accept-Ranges: bytes
209.97.188.161/dist/img/bl-profile-mob-768w.jpg
209.97.188.161200 OK 49 kB URL HTTP/1.1 209.97.188.161/dist/img/bl-profile-mob-768w.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 768x482, components 3\012- data
Hash bf128119aaf2399b921aa985d7992af8
d7b990b1a6c40e82401a3bdaf33915207eff16dc
74d3fbbb559b430cb5f8f6dce177b8d5d290133cae161bc934a41b9c9d48e1b1
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/bl-profile-mob-768w.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 49325
Last-Modified: Tue, 16 Jul 2019 19:18:26 GMT
Connection: keep-alive
ETag: "5d2e2302-c0ad"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 22b9916fc1fafc9bdc9bb37f9eac8a9a
86f640e134a741a0f906a8e3a0f5c6659dd0e394
a29ee843c8a39551a1507cc6ad949ad509e33aaae8b72c58ac4884bad8b0b38e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A29EE843C8A39551A1507CC6AD949AD509E33AAAE8B72C58AC4884BAD8B0B38E"
Last-Modified: Sun, 29 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14257
Expires: Mon, 30 Jan 2023 16:43:29 GMT
Date: Mon, 30 Jan 2023 12:45:52 GMT
Connection: keep-alive
209.97.188.161/dist/img/bl-profile-1000w.jpg
209.97.188.161200 OK 122 kB URL HTTP/1.1 209.97.188.161/dist/img/bl-profile-1000w.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x1250, components 3\012- data
Size 122 kB (121773 bytes)
Hash d55828d54b7c1e08f949910dcccad819
6b378b06d206eb24a238980d3bf1a91e66bd0624
bb868922c69b912d145df211de97729f85e802ba1d0f5acd54dcfd9f0790e502
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/bl-profile-1000w.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 121773
Last-Modified: Tue, 16 Jul 2019 19:18:26 GMT
Connection: keep-alive
ETag: "5d2e2302-1dbad"
Accept-Ranges: bytes
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 30 Jan 2023 11:49:04 GMT
age: 3408
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
209.97.188.161/favicon.ico
209.97.188.161200 OK 9.1 kB URL HTTP/1.1 209.97.188.161/favicon.ico
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with CRLF line terminators
Hash 825925f7dd6740947a20e4ddda37edb2
da4b7d99bb8f23e867b3ce7503c4ec95df291542
4f15a13289f116e61fef699629d8fd93f6beb93b1306da3594184f9c2822ba8b
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: text/html
Last-Modified: Sat, 07 Sep 2019 15:11:07 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"5d73c88b-92e9"
Content-Encoding: gzip
push.services.mozilla.com/
44.239.122.196101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.239.122.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: JMZ1SYEIk9/7aQvySHq5TQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Ot+9+xrkYiksZr5/Cttri+7f4A4=
209.97.188.161/dist/img/travlnavi.jpg
209.97.188.161200 OK 1.7 MB URL HTTP/1.1 209.97.188.161/dist/img/travlnavi.jpg
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=5, xresolution=74, yresolution=82, resolutionunit=2, datetime=2019:08:10 19:22:47], baseline, precision 8, 3212x2602, components 3\012- data
Size 1.7 MB (1693063 bytes)
Hash 26fab974d5406bfb5df68b483894d304
6ebae8f1d5a14e68a5f0fe98372e73e8a09e79d6
ecaaff4fa42278c3d0d180e907e62ebef4666e18df1655cd762de8eb43093ddb
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/travlnavi.jpg HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/jpeg
Content-Length: 1693063
Last-Modified: Mon, 12 Aug 2019 16:29:06 GMT
Connection: keep-alive
ETag: "5d5193d2-19d587"
Accept-Ranges: bytes
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:45:54 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 43bc5afe1d7330aa521e0efc78185a92
f53e9daa0a32e0acf7a10d9494fb383c1d039305
429d5a3a918137cae61e9dee0f05b0d5b4c799517aa6ae30e041a2a3e7f05cac
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "429D5A3A918137CAE61E9DEE0F05B0D5B4C799517AA6AE30E041A2A3E7F05CAC"
Last-Modified: Mon, 30 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7993
Expires: Mon, 30 Jan 2023 14:59:07 GMT
Date: Mon, 30 Jan 2023 12:45:54 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 53116
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 8bec493a-9c81-4cfd-b6e9-66f4f3d55cb7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fOOJQEZSoAMFb1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf2a3b-5f0c9f3e4cac1ba26c802050;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 00:45:47 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3uybP14DBtrEK8ieNWHaQfz3Zl_JMl0_L9CGZgcusTjVCFIIaTpwIQ==
via: 1.1 030fe0607711293dda988e571617a9f2.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Mon, 30 Jan 2023 00:23:18 GMT
age: 44556
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash fe31ee140c2fd62e616c8a1edc9e78bb
7aa5fbdc8156514770ae620e81f1afef1c77890f
799af4bf9fa07ed27ebdc9d1a3344ee8a2b6529f076c263495b93290c47a1cc4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52796f60-dafe-46ba-9c7a-a08ce5e16c34.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8464
x-amzn-requestid: bf2cf356-ebb1-469b-ba35-a79bb009cad6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj3qGeboAMFzNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e697-7c96841f52b6a96d1b0eaf34;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UNub7Gd4S0ogn5EJhtJVu8q1qML5_4eL2lIPQXiAuXy_q-XiR4s-5w==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:21 GMT
etag: "7aa5fbdc8156514770ae620e81f1afef1c77890f"
content-type: image/jpeg
age: 53433
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3e04b9eaf7449828136ad59e4c9d69f1
b820be4ed885dcf288eb6460c57e1fa7b1c7c476
df75cf7183d401a19655aab025d08ad2c498573c88b32e9b258d951d2993b936
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3bb7921c-8aaf-40cd-bf87-43903c3f1a74.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7679
x-amzn-requestid: 0c7983d5-6040-44e9-b394-21c3784702a2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkEtEfHoAMFaNA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6ea-54c55dbd09ca642048af8916;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Wx-qjsrMLYpLmE-8QmpR46BeRySbUGL2Rrr6LqhEQ8jaEEj_6Aj0qg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 53625
etag: "b820be4ed885dcf288eb6460c57e1fa7b1c7c476"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 01f406ed5d9b17a7aa00015301bddf94
d78e18830fc6cf231f66f95cc0e01520cfeebddf
33245ea764fb634a01ee9657e529a30567588ecbb10fc0e6499aac14cd21fe81
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9169e1aa-278a-45ac-a3cb-92421681099d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7333
x-amzn-requestid: 7563c72f-e40d-4e96-a73f-8aa404ae0b25
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhklyFK8IAMFzMQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7be-7eb009311701187873f05b20;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TtG9ZgGc6f034YegsSHOZcZw8Cp-rQwbd03IoB6rCBgAp-boKj_X4w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:52:09 GMT
age: 53625
etag: "d78e18830fc6cf231f66f95cc0e01520cfeebddf"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6d200552d23c85c199558b79cc24348f
8cc20b9ce98eeacd5b826268da24955a82e78a01
09b05ae6f75b5141401ddc49014e0eb2eac0856ba3b5020bc85f4a9a64d3d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc895bb6-fa1f-4972-a2f8-5ce71b0c72c0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9700
x-amzn-requestid: 9f944a46-7e39-44c3-a640-3c7e9b778bca
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkoEEkJIAMFs0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7cd-4b29196f5bd1b2fb04e6363f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:29 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Jdh2u-xrCjqq1SKWL7hCTqrlGRjbytuxecJS-cwiXb5FQypGKYbFzg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:55:35 GMT
age: 53419
etag: "8cc20b9ce98eeacd5b826268da24955a82e78a01"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
209.97.188.161/dist/img/anim.gif
209.97.188.161200 OK 17 MB URL HTTP/1.1 209.97.188.161/dist/img/anim.gif
IP 209.97.188.161:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 800 x 467\012- data
Size 17 MB (16581584 bytes)
Hash d1c1f9b895c434dd0113c8594af1bfe4
eb2be797e1e1c80d91d8b41fd497687efa440f67
92fec6a46f560e8f92aab1f33720dc3b896534f4cc35bcc4b60ea80518a7ea72
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/img/anim.gif HTTP/1.1
Host: 209.97.188.161
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://209.97.188.161/ricky
HTTP/1.1 200 OK
Server: nginx/1.14.0 (Ubuntu)
Date: Mon, 30 Jan 2023 12:45:52 GMT
Content-Type: image/gif
Content-Length: 16581584
Last-Modified: Mon, 15 Jul 2019 15:18:05 GMT
Connection: keep-alive
ETag: "5d2c992d-fd03d0"
Accept-Ranges: bytes