r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9684
Expires: Sun, 26 Mar 2023 11:36:01 GMT
Date: Sun, 26 Mar 2023 08:54:37 GMT
Connection: keep-alive
gabriellesmanicureenpedicure.nl/
200 OK 2.5 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1983), with CRLF, CR, LF line terminators
Hash 73839c7344a43223397dbc9843aec9e7
7fe65044fe4cd6751ad3591d1681ac56c5b11699
8eaa8c31ad9d01de04c4edd4ad06806a1d2954b10f253052baf0c713cc29234a
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Expires: Wed, 17 Aug 2005 00:00:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e; path=/; HttpOnly
Last-Modified: Sun, 26 Mar 2023 08:54:37 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2478
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13684
Expires: Sun, 26 Mar 2023 12:42:41 GMT
Date: Sun, 26 Mar 2023 08:54:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 08:27:50 GMT
content-type: application/json
age: 1607
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5818
Expires: Sun, 26 Mar 2023 10:31:35 GMT
Date: Sun, 26 Mar 2023 08:54:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 319gKleVEHiS5Os+Jpk3r5Ar+jQ7YTglKtRjOz9md7ez8wL8M0M1/WI7VMSB6BkUaqVg4gecFa8=
x-amz-request-id: S7K6YACZCVV7NRG0
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 07:55:14 GMT
age: 3563
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 08:54:37 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
gabriellesmanicureenpedicure.nl/media/system/js/core.js?58a95be472f7624ed499d1428d767f9b
200 OK 4.5 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/system/js/core.js?58a95be472f7624ed499d1428d767f9b
IP
File type Unicode text, UTF-8 text, with very long lines (8729)
Hash 413ac895a01741cb55cd3ad4b7c567be
463b3965e7e9a0ed5c64fbf38b2c1eb3d306a30a
7c65e0819d4c874c6865847c8dddaf52a1dc06692fd81c76d0ca58069c63bd55
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/core.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "2adc-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4519
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/media/jui/js/jquery-migrate.min.js?58a95be472f7624ed499d1428d767f9b
200 OK 5.2 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/jui/js/jquery-migrate.min.js?58a95be472f7624ed499d1428d767f9b
IP
File type ASCII text, with very long lines (12196)
Hash 48145f6c68a546f5832ffe411e812941
7c101d1e33075360421decd942338c777dec65eb
6826e843012ae4c43d656543c6045e2a3e1640dc3f937e0249187cb7c7b6ec8e
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery-migrate.min.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "3005-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5175
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/media/jui/js/jquery-noconflict.js?58a95be472f7624ed499d1428d767f9b
200 OK 1.2 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/jui/js/jquery-noconflict.js?58a95be472f7624ed499d1428d767f9b
IP
File type ASCII text, with very long lines (2237)
Hash 8129fb4c534eb6d059406facb86b11ed
91ac9a37c68f95ddf48b8925ce9c5edd3dec7ba8
ba60b7c8227cd7d1811e659da0621aaf82f324ad73197e451406f7e01a750e4d
GET /media/jui/js/jquery-noconflict.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "8d2-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1230
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/media/system/js/mootools-core.js?58a95be472f7624ed499d1428d767f9b
200 OK 28 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/system/js/mootools-core.js?58a95be472f7624ed499d1428d767f9b
IP
File type ASCII text, with very long lines (785)
Hash 0d17fb512dda24561fc273eb28dffe09
de791d242461f94898ee4d71ae1157e6b0b0f94f
bbf9e579ed94b137cc4d3002e39af3e75f1b1acc26ba327b9d50cff1d9fd12b7
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/mootools-core.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "15072-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 28094
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/media/system/js/caption.js?58a95be472f7624ed499d1428d767f9b
200 OK 1.5 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/system/js/caption.js?58a95be472f7624ed499d1428d767f9b
IP
File type ASCII text, with very long lines (2237)
Hash 4d22e309075fa140d276c9e1255b9855
1ac84d48bf67e94c12b869187464705ad8953ef6
36de1b04b7efdf4aee38a165a046610713378227facbd16a26883892574c5f53
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/caption.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "aa8-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1506
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/media/jui/js/jquery.min.js?58a95be472f7624ed499d1428d767f9b
200 OK 35 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/jui/js/jquery.min.js?58a95be472f7624ed499d1428d767f9b
IP
File type ASCII text, with very long lines (65462)
Hash a203ea7adfdc0a993b5ea867c21637c8
7d8ae14d438a248c9efb613074ddfa83e70caf4b
2a445d0b1c89570b72b0f0cc28a1eb80994a990212eaf8d07b30f6a95cfa7432
Analyzer Verdict Alert fortinet Malware
GET /media/jui/js/jquery.min.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "1862b-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 35331
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/templates/system/css/system.css
200 OK 421 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/system/css/system.css
IP
Hash a4158af24a9d1719f394ab0f43e99fc1
7aa1d3b6f72d2c872f68270eaeeaf184de6b0aba
3ac2632a0ab89052158e6af5f0ac9d84257e7d9ff87bf13c31c139e6b87ddec7
GET /templates/system/css/system.css HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "371-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 421
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
gabriellesmanicureenpedicure.nl/templates/gmp_template/css/template.responsive.css
200 OK 864 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/css/template.responsive.css
IP
File type ASCII text, with CRLF line terminators
Hash 4018ff92a18e433769fd2a3a1d56782f
8b147c1069e83a487cf5131957c285eed1c966b0
370f2cb8df97aba374cce31e12c3d60b9704c8c453b874b6e6abf0210a6c2a9a
GET /templates/gmp_template/css/template.responsive.css HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "10df-50f4f3b766080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 864
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
gabriellesmanicureenpedicure.nl/templates/gmp_template/css/template.css
200 OK 8.5 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/css/template.css
IP
File type ASCII text, with very long lines (1385), with CRLF line terminators
Hash 7b376ad5b01bbd40364e5a1ab79204e6
c2a2c89180f549e44299a2d0f4c3c47099bad939
0e55ae89c9fd5e281773b622cb24cc57076a740220c291c4d26fa162b9c07448
GET /templates/gmp_template/css/template.css HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "100ca-50f4f3b766080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8516
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
gabriellesmanicureenpedicure.nl/templates/system/css/general.css
200 OK 880 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/system/css/general.css
IP
Hash e8ddb5102c1c7ec50fcc28f9e1cade3c
a85a3f9309eea32d964edc3d07a57437bd3cef3a
d602539e7cba8c33e40d76b0ca464690a7eca3b1b1a163dcdc031e07b13ca8b1
GET /templates/system/css/general.css HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "a9d-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 880
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: text/css
gabriellesmanicureenpedicure.nl/media/system/js/mootools-more.js?58a95be472f7624ed499d1428d767f9b
200 OK 69 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/system/js/mootools-more.js?58a95be472f7624ed499d1428d767f9b
IP
File type Unicode text, UTF-8 text, with very long lines (2903)
Hash 6aa733561fa947d22c0bcf9dbc0e9eb7
2a1de576f53ec269133a7e15b353ab8cba6b3d23
5cdec0383e220fa5d59057563a7f226499e9bca6567693b2da15ad627b4c9f14
Analyzer Verdict Alert fortinet Malware
GET /media/system/js/mootools-more.js?58a95be472f7624ed499d1428d767f9b HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "3a5d6-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/templates/gmp_template/script.js
200 OK 14 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/script.js
IP
File type ASCII text, with very long lines (2237), with CRLF, LF line terminators
Hash 50b0dae58336b35ee07fa38a2f50e929
4d836a38a6ff3581338031dc8657d8a2d809fa4f
a9de4a5117b632b5655f98e040c65340ef256585f94e8782c1942b52a7a29482
Analyzer Verdict Alert fortinet Malware
GET /templates/gmp_template/script.js HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "eaf7-50f4f3b766080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 13786
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/templates/gmp_template/modules.js
200 OK 0 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/modules.js
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /templates/gmp_template/modules.js HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 26 Mar 2023 08:54:37 GMT
ETag: W/"0-5f7c9c6ac135a"
Accept-Ranges: bytes
Content-Length: 0
Vary: User-Agent
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/templates/gmp_template/script.responsive.js
200 OK 4.8 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/script.responsive.js
IP
File type ASCII text, with very long lines (2237), with CRLF line terminators
Hash 746417e06cff19d3f111f745a45024c6
5ffb14a86b22c941be784dd20998ff048357b038
32176d4bd52474e9f834192e674cda11494b8928bac0b560ab0ae6654ae738f9
Analyzer Verdict Alert fortinet Malware
GET /templates/gmp_template/script.responsive.js HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "4c40-50f4f3b766080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4825
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: application/javascript
gabriellesmanicureenpedicure.nl/images/logo_opi.gif
200 OK 623 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/images/logo_opi.gif
IP
File type GIF image data, version 89a, 75 x 24\012- data
Hash 1e9ba2ffeffd3c92390424c67beeaedd
a2d8a0a6f2ecf465bfa7357059d9f5dce43685e3
6efc3548fef3d89c6477e491219fb087c8f1c3df2800a7e6f07c094d9f122c54
GET /images/logo_opi.gif HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Fri, 13 Feb 2015 13:20:09 GMT
ETag: "26f-50ef8187bd440"
Accept-Ranges: bytes
Content-Length: 623
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/gif
gabriellesmanicureenpedicure.nl/images/Facebook_Logo-64px.png
200 OK 1.0 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/images/Facebook_Logo-64px.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 94216c0da00f2ea51d4c5a9ee4ec2828
654fb51afa1415defd65f8f7d7b22033056bf7f6
9725de2451550213144bfa3cdf59b357ed9b6acb6e7f444b584ebff9e54549d9
GET /images/Facebook_Logo-64px.png HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Fri, 29 Dec 2017 21:18:06 GMT
ETag: "3fc-561812b23df80"
Accept-Ranges: bytes
Content-Length: 1020
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: image/png
gabriellesmanicureenpedicure.nl/images/Instagram_Logo-64px.png
200 OK 9.1 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/images/Instagram_Logo-64px.png
IP
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash 17015bc3f4a8ae57d55cfb3684acddcb
11dc88cf30d289fd9b807315641b38e3d3df9776
9fbed08a6dee62f09f4a9d3ed7b0437ce5b8f52d389075f1c2770e170c09592e
GET /images/Instagram_Logo-64px.png HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Fri, 29 Dec 2017 14:17:06 GMT
ETag: "237a-5617b4986dc80"
Accept-Ranges: bytes
Content-Length: 9082
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/png
gabriellesmanicureenpedicure.nl/media/system/css/system.css
200 OK 549 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/media/system/css/system.css
IP
Hash 176a33941588090dc3d59d7e96bfb099
57739e02540147916e61c3c459e8f7e0df5756c2
02f44706d20696ca4486c892b494fbea59f7c63d37b5e1a5901ecaa82beaa234
GET /media/system/css/system.css HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/templates/system/css/system.css
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sun, 14 Aug 2022 13:21:56 GMT
ETag: "599-5e6336634a500-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 549
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: text/css
gabriellesmanicureenpedicure.nl/images/01_Welkom/Wel_01.JPG
200 OK 35 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/images/01_Welkom/Wel_01.JPG
IP
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 275x360, components 3\012- data
Hash 35e162fed0629c64d2221e86251c8a77
7bb41d5c1ed8af723f502360e32210cc83f00f47
f9b3c775c9cc9b7d7b5f09bdb588980f3b8d1359f03e4f9f3f0b8dcd048fb492
Analyzer Verdict Alert fortinet Malware
GET /images/01_Welkom/Wel_01.JPG HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sat, 21 Feb 2015 20:30:01 GMT
ETag: "87b1-50f9f08898440"
Accept-Ranges: bytes
Content-Length: 34737
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 08:14:35 GMT
age: 2402
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
gabriellesmanicureenpedicure.nl/templates/gmp_template/images/page.jpeg
200 OK 248 kB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/images/page.jpeg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 381x381, segment length 16, baseline, precision 8, 1024x1283, components 3\012- data
Size 248 kB (248319 bytes)
Hash ca7abfed346f9b81e3a8fb103af71ed0
01691db8d535e216ad473821eb9e455f331395b4
3b89a4d4a5345ca8ff7e822064d2fbdffd01931bb2b11b109c5689824f103f81
Analyzer Verdict Alert fortinet Malware
GET /templates/gmp_template/images/page.jpeg HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/templates/gmp_template/css/template.css
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "3c9ff-50f4f3b766080"
Accept-Ranges: bytes
Content-Length: 248319
Keep-Alive: timeout=2, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9697
Expires: Sun, 26 Mar 2023 11:36:14 GMT
Date: Sun, 26 Mar 2023 08:54:37 GMT
Connection: keep-alive
gabriellesmanicureenpedicure.nl/images/01_Welkom/Wel_04.jpg
200 OK 3.2 MB URL HTTP/1.1 gabriellesmanicureenpedicure.nl/images/01_Welkom/Wel_04.jpg
IP
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 3444x2531, components 3\012- data
Size 3.2 MB (3249700 bytes)
Hash def796061c6204727019d1092c94efeb
30411180f1a84e04cb6d78b48d9c9353be2ce75c
bf5531c8df577f89c64ff39b7420ff7b44c88d065f723bef58d9ed4d37beaadc
GET /images/01_Welkom/Wel_04.jpg HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Sat, 30 Dec 2017 16:05:59 GMT
ETag: "319624-56190ecc3e7c0"
Accept-Ranges: bytes
Content-Length: 3249700
Keep-Alive: timeout=2, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
gabriellesmanicureenpedicure.nl/favicon.ico
404 Not Found 645 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 441af45b4a300720265b52b98d8817a8
7c16db3a2174bcbdf74cfc604b27c8229896c216
03ea15246b70672c360eae576818023bfafffb4562e728be34d63633f886f87c
GET /favicon.ico HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 404 Not Found
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Cache-Control: no-cache
Pragma: no-cache
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 645
Keep-Alive: timeout=2, max=97
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XMfbLskEWy+/guT3ca+Vhw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: viV7yS6VSY4LgcwOMZQp9KWCzzE=
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 26 Mar 2023 11:38:00 GMT
Date: Sun, 26 Mar 2023 08:54:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 26 Mar 2023 11:38:00 GMT
Date: Sun, 26 Mar 2023 08:54:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 26 Mar 2023 11:38:00 GMT
Date: Sun, 26 Mar 2023 08:54:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 26 Mar 2023 11:38:00 GMT
Date: Sun, 26 Mar 2023 08:54:39 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9801
Expires: Sun, 26 Mar 2023 11:38:00 GMT
Date: Sun, 26 Mar 2023 08:54:39 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 05:35:57 GMT
age: 11922
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8dc799aaa2f69ef1109501a605dbdcfd
58cefa986d580ee408fbca288e3e45ba86fb97ac
54fa967d6b96b456416c62140a4eb9b6cda29b80d5083b5d1321b1fb89b3455f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F381b1b42-2394-4e4e-bb0a-986511a19bd1.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9124
x-amzn-requestid: 30a39bb7-d3cc-473a-a5f9-4921367832c5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kUESiIAMFVEQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-6c9bb97512fc3c8a3ecedc43;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: _4VxID1v_auG0Vuzp87FJoPbgJovhYYYa1fpzQZze51I6HwFKbja6w==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:20 GMT
age: 40639
etag: "58cefa986d580ee408fbca288e3e45ba86fb97ac"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 908bd7a6c220345e72fa664f871424c4
61a5d3f11e85d5fd77192701c305cb8651aa6395
9531f5b25cab1030aa579aa9f3b369ecb9daf0b929573897c6516520c06084a2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8fcbc03b-3146-4d3b-898e-c53b92f7b7a6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11100
x-amzn-requestid: 3021b51a-674d-45d7-9939-9257330c0dbc
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hQFs1oAMFb0w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-0200a29207f6a3f5074c3cf1;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: NWvCK-Z608BCGDZIvuqVJ2wBQxwRoRmfjnxeDEcvzHZ7877go8IpRw==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:22 GMT
etag: "61a5d3f11e85d5fd77192701c305cb8651aa6395"
content-type: image/jpeg
age: 40637
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 40638
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1612ee74-a49e-4591-8ef6-d0981e1c9d56.jpeg
200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1612ee74-a49e-4591-8ef6-d0981e1c9d56.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9a62b9bc5004705ab524a35333723e69
5ef3ffbfa1ffeba8ba3ef32c4467aa67bce4a1cd
cf2f57985087242a10bbaf4fb1bb1a0e76c7bacdb60ee75b2ba7086139a310b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1612ee74-a49e-4591-8ef6-d0981e1c9d56.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6932
x-amzn-requestid: 9cf60a06-c1d9-413f-9c9f-04bfb9e003e9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CU2ZbH43IAMF-gw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e9dd5-2f79970567d69dab2cd2f4b8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 07:08:05 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 4KLdaZxGSwVeN4X4ic6_dQdzFTUOKSLoqSXFT1w7n7cbEd9SOaP9Nw==
via: 1.1 8731d2a1a7d15f67b588bf58f652f9f0.cloudfront.net (CloudFront), 1.1 6ca7826fb0f4c565b1af9c7737725c48.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 07:12:51 GMT
age: 6108
etag: "5ef3ffbfa1ffeba8ba3ef32c4467aa67bce4a1cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e19767dbe464134f0ab81b0eadb98fa
007758853c1d1605db69131eb50ff433a4da5f8c
63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smH_kIAMF5oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: MOu16Tzq-SiBg8abwfGrqkmSgxnr_WMJO0wSoVcNfIW-xgIPC1MWYQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "007758853c1d1605db69131eb50ff433a4da5f8c"
content-type: image/jpeg
age: 40652
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg
200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c8a2437b3c9ab01cd0e2327d4be5c61a
33573e5a6b6c1912702040c6d880c362baf0c3db
2556646c122f89bfce8467d13bf05e68f735373c8c18a33f7258f37f602673cf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5a195fab-643a-48cc-8f4e-51e27511b474.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5424
x-amzn-requestid: b03169ca-0cc0-49f5-b785-5e29d70048cf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1kWGCnIAMFf7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f694e-679415d416cf3b666ec128be;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:36:14 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: cMFdcKw6RZYIg35YKKDuetMlSGtT-g4Kc2L-BHA5s0877l_Gg-PqUw==
via: 1.1 88a7ff956a5b49ec3a35abfc0027af12.cloudfront.net (CloudFront), 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "33573e5a6b6c1912702040c6d880c362baf0c3db"
content-type: image/jpeg
age: 40659
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
gabriellesmanicureenpedicure.nl/templates/gmp_template/jquery.js
200 OK 0 B URL HTTP/1.1 gabriellesmanicureenpedicure.nl/templates/gmp_template/jquery.js
IP
Analyzer Verdict Alert fortinet Malware
GET /templates/gmp_template/jquery.js HTTP/1.1
Host: gabriellesmanicureenpedicure.nl
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://gabriellesmanicureenpedicure.nl/
Cookie: 333e87285793d3cbe7516b8f7f5509eb=baa45c082215349bab9d370a8271cc5e
HTTP/1.1 200 OK
Date: Sun, 26 Mar 2023 08:54:37 GMT
Server: Apache/2
Last-Modified: Tue, 17 Feb 2015 21:17:38 GMT
ETag: "17292-50f4f3b766080-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33966
Keep-Alive: timeout=2, max=99
Connection: Keep-Alive
Content-Type: application/javascript
185.27.140.50
23.33.119.27
35.241.9.150