r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 81713f952b51a865ad9764cde68e3fdb
278c3a9c4bb2a0ffb7375f90d89a1ba6e90a766a
c2eb0d8a24ecb51af28f1c71db4b9a95c568dcf6c94b41ee8c78787a4ebebcef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2EB0D8A24ECB51AF28F1C71DB4B9A95C568DCF6C94B41EE8C78787A4EBEBCEF"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18580
Expires: Sat, 04 Feb 2023 21:55:25 GMT
Date: Sat, 04 Feb 2023 16:45:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2250
Expires: Sat, 04 Feb 2023 17:23:15 GMT
Date: Sat, 04 Feb 2023 16:45:45 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 04 Feb 2023 16:43:38 GMT
content-type: application/json
age: 127
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9867
Expires: Sat, 04 Feb 2023 19:30:12 GMT
Date: Sat, 04 Feb 2023 16:45:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: q+8c+JqHr6vGP97p0qIIBXUhSgDGnxJEcdABI4+36/AFDZAYnl99uHoVFJkFpUOy6yMyy5uDImw=
x-amz-request-id: CJMNGG3R2WRJ78W1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 04 Feb 2023 15:52:53 GMT
age: 3172
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 04 Feb 2023 16:45:45 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
121.254.254.193/
121.254.254.193200 OK 3.2 kB IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (631)
Hash 1a1e4e6cdd83dfa89c9c14b7f5caae4d
32795ef5a4283141e889c9710b8ec855a8429192
3753a7edf2d98038a44aed9bfd0522627f21e629269b7a76dd5a11e8c987263e
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:37 GMT
Server: Apache
X-Powered-By: PHP/5.2.17
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Pragma: no-cache
Set-Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; path=/
mobile=false; path=/
user-agent=df16c081c25306654a0efb89b8761a08; path=/
Content-Encoding: gzip
Last-Modified: Sat, 04 Feb 2023 16:45:38 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Length: 3153
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 04 Feb 2023 15:49:07 GMT
age: 3398
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18743
Expires: Sat, 04 Feb 2023 21:58:08 GMT
Date: Sat, 04 Feb 2023 16:45:45 GMT
Connection: keep-alive
121.254.254.193/common/css/xe.min.css?20160401165150
121.254.254.193200 OK 5.0 kB URL HTTP/1.1 121.254.254.193/common/css/xe.min.css?20160401165150
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with very long lines (5023), with no line terminators
Hash 684a70dc625a85759475c2a3cc3d3dfe
4b8a2a2619121634257e7c023160f3d8630082ca
039526d24b4197e19f5d615d69496c361e403e9ed81d491c1589bcaa8fdb5671
Analyzer Verdict Alert quad9 Sinkholed
GET /common/css/xe.min.css?20160401165150 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:50 GMT
ETag: "1000643-13a3-52f67a6cad180"
Accept-Ranges: bytes
Content-Length: 5027
Connection: close
Content-Type: text/css
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: EvyJuxPVtzkw8P44zyjJWw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +fi3DW/9QskirzCaFzE+D4q8ng4=
121.254.254.193/modules/editor/styles/default/style.css?20160401165647
121.254.254.193200 OK 821 B URL HTTP/1.1 121.254.254.193/modules/editor/styles/default/style.css?20160401165647
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash 5991bb7839649ec17c0c7fa3f07067cd
e5e88832c6cda865a175744ce35f19495212c72f
22cb67e55f32a01cfeefd564a15db2122f051eb01d574ce1f54efade85a969b0
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/editor/styles/default/style.css?20160401165647 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:56:47 GMT
ETag: "14c0a3c-335-52f67b87eadc0"
Accept-Ranges: bytes
Content-Length: 821
Connection: close
Content-Type: text/css
121.254.254.193/widgets/login_info/skins/default/default.login.css?20160401165218
121.254.254.193200 OK 4.0 kB URL HTTP/1.1 121.254.254.193/widgets/login_info/skins/default/default.login.css?20160401165218
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (365)
Hash 51b2559dbf32890b63aa6b585b24a57c
3d18b7f688b3ef7d53e3fb3c2fdf91bf10937d5c
d616eedb636232b9f462f4f5172aa1d3933e49b145fa03bb99d66cbef0fe561a
Analyzer Verdict Alert quad9 Sinkholed
GET /widgets/login_info/skins/default/default.login.css?20160401165218 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:18 GMT
ETag: "11e0d9e-faf-52f67a8761080"
Accept-Ranges: bytes
Content-Length: 4015
Connection: close
Content-Type: text/css
121.254.254.193/common/js/x.min.js?20160401165151
121.254.254.193200 OK 13 kB URL HTTP/1.1 121.254.254.193/common/js/x.min.js?20160401165151
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (12759)
Hash 36313268759abdaa2f6d7437daa377f6
847e904249e8fe24528f34463b637f653839a18a
cef4ac367d3eb98370955c2acbc26641c59e76e46409cf815790cecfa7db06e8
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/x.min.js?20160401165151 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:51 GMT
ETag: "10428a4-31f6-52f67a6da13c0"
Accept-Ranges: bytes
Content-Length: 12790
Connection: close
Content-Type: application/javascript
121.254.254.193/modules/install/script/welcome_content/welcome.css
121.254.254.193200 OK 998 B URL HTTP/1.1 121.254.254.193/modules/install/script/welcome_content/welcome.css
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash 12293275a82a7a9ef09a29b042c62135
88c38eb7c3592e8cee8bd8d5da43ec28ca354441
e3ef824e31a55b0d637161582ab3147b563a885c8ee9400bbff72b36cb4f538d
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/install/script/welcome_content/welcome.css HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:56:48 GMT
ETag: "14c0ad5-3e6-52f67b88df000"
Accept-Ranges: bytes
Content-Length: 998
Connection: close
Content-Type: text/css
121.254.254.193/addons/autolink/autolink.js?20160401165333
121.254.254.193200 OK 2.4 kB URL HTTP/1.1 121.254.254.193/addons/autolink/autolink.js?20160401165333
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type HTML document, ASCII text
Hash 89b476807049d3b3e7f1e75b3a612b72
aa6d61475332b70d7ee7de3ee1581d21639008fe
792fbf992c1a8f14e246a2dd2d35ad7a76e5e6a4749a87cbcf263f16a44bc97d
Analyzer Verdict Alert quad9 Sinkholed
GET /addons/autolink/autolink.js?20160401165333 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:53:33 GMT
ETag: "1061011-97b-52f67acee7940"
Accept-Ranges: bytes
Content-Length: 2427
Connection: close
Content-Type: application/javascript
121.254.254.193/widgets/login_info/skins/default/default.login.js?20160401165218
121.254.254.193200 OK 1.1 kB URL HTTP/1.1 121.254.254.193/widgets/login_info/skins/default/default.login.js?20160401165218
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash 70169171b89448bf130ebaf92128e943
1f6f55c1981a966c6fe588a5132a1caf13a71ac7
c1d09d885e5d236084fd4939512118487667f1a589acb490589857186db15444
Analyzer Verdict Alert quad9 Sinkholed
GET /widgets/login_info/skins/default/default.login.js?20160401165218 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:18 GMT
ETag: "11e0d9f-460-52f67a8761080"
Accept-Ranges: bytes
Content-Length: 1120
Connection: close
Content-Type: application/javascript
121.254.254.193/common/js/plugins/ui/jquery.ui.datepicker-ko.js?20160401165152
121.254.254.193200 OK 911 B URL HTTP/1.1 121.254.254.193/common/js/plugins/ui/jquery.ui.datepicker-ko.js?20160401165152
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash 5fb849693b65beed7146624ba498b517
bbbe4628d900b4bb858693e48143883d9aefd947
0b9ee770f950e4f220deb9541b385c3f376f109e7875c311ce9ccd98f92b0233
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/plugins/ui/jquery.ui.datepicker-ko.js?20160401165152 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:52 GMT
ETag: "1080121-38f-52f67a6e95600"
Accept-Ranges: bytes
Content-Length: 911
Connection: close
Content-Type: application/javascript
121.254.254.193/addons/resize_image/js/resize_image.min.js?20160401165336
121.254.254.193200 OK 3.8 kB URL HTTP/1.1 121.254.254.193/addons/resize_image/js/resize_image.min.js?20160401165336
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (3761)
Hash de997170586fbdeef334fe0e548cf7e9
242705a802300270960794009b5e6393168ccbb3
da9f36b8ca19242c78193b0af6ac2f03b869fcb12cd699edc5dd2f98a38b59bb
Analyzer Verdict Alert quad9 Sinkholed
GET /addons/resize_image/js/resize_image.min.js?20160401165336 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:53:36 GMT
ETag: "1061095-edb-52f67ad1c4000"
Accept-Ranges: bytes
Content-Length: 3803
Connection: close
Content-Type: application/javascript
121.254.254.193/common/js/xe.min.js?20160401165151
121.254.254.193200 OK 47 kB URL HTTP/1.1 121.254.254.193/common/js/xe.min.js?20160401165151
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type Unicode text, UTF-8 text, with very long lines (32293)
Hash 018fe945dc63cf34ab835d61e2361606
82e9cb85b3929358c411ffae113afdcf8e94a41f
0782a6ae0a3c2d397a6c103245410e902abf15ee457dc2d00fbb88ed7a939808
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/xe.min.js?20160401165151 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:51 GMT
ETag: "10428a7-b89c-52f67a6da13c0"
Accept-Ranges: bytes
Content-Length: 47260
Connection: close
Content-Type: application/javascript
121.254.254.193/layouts/default/default.layout.js?20160401165206
121.254.254.193200 OK 2.6 kB URL HTTP/1.1 121.254.254.193/layouts/default/default.layout.js?20160401165206
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash af81c5531d839acf7acb17946fa35aff
4f0f22286f975cc587ab3878970055e2d936e9e9
c65facd2f3295312ae23573b4b2c62c829b181978bbb69373f83a3d6cf69ede4
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/default.layout.js?20160401165206 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619b4-a0b-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 2571
Connection: close
Content-Type: application/javascript
121.254.254.193/common/js/jquery.min.js?20160401165151
121.254.254.193200 OK 91 kB URL HTTP/1.1 121.254.254.193/common/js/jquery.min.js?20160401165151
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (32023)
Hash 864d9372b2c7b10823e4d9ba5b9490d6
c77480f029c5a5302d3a31a40b67a8a9ece64264
bf158bb7483158b064aeda002ff5ac088ae54e85002874496261e23de2d44419
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/jquery.min.js?20160401165151 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:38 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:51 GMT
ETag: "104289e-162bb-52f67a6da13c0"
Accept-Ranges: bytes
Content-Length: 90811
Connection: close
Content-Type: application/javascript
X-Pad: avoid browser bug
121.254.254.193/files/cache/js_filter_compiled/30bafb68498c64b466579e488f27113e.ko.compiled.js?20160402171801
121.254.254.193200 OK 2.2 kB URL HTTP/1.1 121.254.254.193/files/cache/js_filter_compiled/30bafb68498c64b466579e488f27113e.ko.compiled.js?20160402171801
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash a235815230aff3d25674e87324ae2a9d
02f0d7e9adda0b795674f4b26f7f69a10a7e4a77
b1c44c4a207bcb377f27b057c4ef3ced4812347470851ea3f854c833b5837a3f
Analyzer Verdict Alert quad9 Sinkholed
GET /files/cache/js_filter_compiled/30bafb68498c64b466579e488f27113e.ko.compiled.js?20160402171801 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2016 08:18:01 GMT
ETag: "108045f-86c-52f7c2245c040"
Accept-Ranges: bytes
Content-Length: 2156
Connection: close
Content-Type: application/javascript
Content-Language: ko
121.254.254.193/files/cache/ruleset/0d937ea6d7a091d742472cfb296ed570.ko.js?20160402171801
121.254.254.193200 OK 2.0 kB URL HTTP/1.1 121.254.254.193/files/cache/ruleset/0d937ea6d7a091d742472cfb296ed570.ko.js?20160402171801
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
Hash 3c2b531786387cb7e44c29a8a886a192
03ff9721d53a7a35703238fa054ffd35940992c9
c1a697a7781c8863330e187af8bb1e59a80c299fc7cfb5b285fc4cff14d83a04
Analyzer Verdict Alert quad9 Sinkholed
GET /files/cache/ruleset/0d937ea6d7a091d742472cfb296ed570.ko.js?20160402171801 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Sat, 02 Apr 2016 08:18:01 GMT
ETag: "108055e-7b2-52f7c2245c040"
Accept-Ranges: bytes
Content-Length: 1970
Connection: close
Content-Type: application/javascript
Content-Language: ko
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16765
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 16:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16765
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 16:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16765
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 16:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16765
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 16:45:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16765
Expires: Sat, 04 Feb 2023 21:25:12 GMT
Date: Sat, 04 Feb 2023 16:45:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:44 GMT
age: 67203
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f7101f6e43855cb76ce48271a847ffbd
8e674830a97d8ce3818132fda197db4f0289d316
e78a83a4024e238bcdec3b9c4d5c12a99f49aabd57e34952f6a4cc8ed4422f55
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcae6042d-d677-4e39-b4e4-858988eb847b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9141
x-amzn-requestid: ed7db574-6bca-4f3e-8879-c3e836549339
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD8zE5lIAMF1HA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8051-4480112f11d4ced0037d1ad8;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:49 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: aKr85ooofBPeKkeJIDO5W_X5Rn6xnJlRHmVrs8tgBMYe3HQhobsm3w==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 21:56:07 GMT
age: 67780
etag: "8e674830a97d8ce3818132fda197db4f0289d316"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: lsQxPtozrh2Ty1T-3d-1crDfi8HgVKRafOXb1UFl033bCx3kAzTS7w==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 06:20:04 GMT
age: 37543
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 392b61306c346508d3ac4a2f28218f9c
d2de32b52e0d3f4fc6acaf687b3521294b01dc03
018712a4d6734b84ac1777124f97dae4d93b1e5b297a5dcfe0955b52710b8a35
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F10640252-429d-4110-bf18-1908ac233402.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10253
x-amzn-requestid: a90cb6b3-8a72-4b4b-b4f5-6dafc8c6752a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7GGv5IAMFu8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-3ca59e7c52800a4e44bda8fd;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: jBxNmhfAeUgxg8w4XpQHZ1QoN9GatdUV7V7r2tHd7YePJYPHpesd2Q==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:05:21 GMT
age: 67226
etag: "d2de32b52e0d3f4fc6acaf687b3521294b01dc03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e5b4e4f15da3323c73974c3f1cdb5d74
1f14971d0cf979cc34ff191849dc43d86e8ac463
5893d7e5b2fd9de92829b303c42d0c07ff32b3f6b8705b6f5b4a784315c8808e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2ec84086-8ac2-4887-bc81-86003255ab99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5174
x-amzn-requestid: 35630c70-3bad-47b4-94bb-09c873632194
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD7EFAHIAMFQQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8046-317b1fbb3bee0f377697bf3d;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: OD5cy75AkNMwTIvIool2nKbKgr5Jpo1Plm_X_YPr3rdPbg86_V2fdA==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:00:26 GMT
age: 67521
etag: "1f14971d0cf979cc34ff191849dc43d86e8ac463"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7afd5ce8fb9ec7b62e528bf97705e49
afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3
b2d93ba6c0ed2c858d91afba1c81251afbffa41c779be2e9203994dcfb7bbc9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c030376-7935-4601-969c-86a91f4f5e85.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7249
x-amzn-requestid: 007ce521-ed5c-4074-a314-684ad0df2e22
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyD9GH5goAMF_ag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd8053-7060f02b767c90371991a190;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:44:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 5fTV_e56nzjiXo4Guu67WXDDvp3nrjB0Yfyy6ByjcDSx23J-8r0fmQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 a847181d425b7fc57e81eb3c800bfdf2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 03 Feb 2023 22:10:21 GMT
age: 66926
etag: "afbf22f5d8f54adcb00e8980a9b22f2c5b6703c3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
121.254.254.193/layouts/default/default.layout.css?20160401165206
121.254.254.193200 OK 6.7 kB URL HTTP/1.1 121.254.254.193/layouts/default/default.layout.css?20160401165206
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (543)
Hash ce85ae1f4da228885d4bd81e0aea636b
d3ee086a37d3b79fd32987a416a42096d8fb6528
a62ae76e967c1bcc21e14f4c9a91d9fda8def2a776f429ccc68ce3066c53746d
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/default.layout.css?20160401165206 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619b3-1a16-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 6678
Connection: close
Content-Type: text/css
121.254.254.193/common/js/plugins/ui/jquery-ui.min.css?20160401165152
121.254.254.193200 OK 26 kB URL HTTP/1.1 121.254.254.193/common/js/plugins/ui/jquery-ui.min.css?20160401165152
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (25188)
Hash 0c923991a9be5b4270d12d91dda7ce05
c2cfbbeb5b100e2d6b8fe2f4375aa5b2b10d5347
f233f128e2842115152229d5596c1e32c1f005c8e04d005dc11236735dd69718
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/plugins/ui/jquery-ui.min.css?20160401165152 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:52 GMT
ETag: "108011f-6408-52f67a6e95600"
Accept-Ranges: bytes
Content-Length: 25608
Connection: close
Content-Type: text/css
121.254.254.193/common/js/plugins/ui/jquery-ui.min.js?20160401165152
121.254.254.193200 OK 228 kB URL HTTP/1.1 121.254.254.193/common/js/plugins/ui/jquery-ui.min.js?20160401165152
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type ASCII text, with very long lines (32389)
Size 228 kB (228077 bytes)
Hash fd255415839568e52a48da5de5af244c
abd6f85a04584792d77e4791c441ff49e9e28c0d
9671f8be70ad94a5362e60f4656d5d53ba214d32ab70a3f9d1603d7dadf9d1c1
Analyzer Verdict Alert quad9 Sinkholed
GET /common/js/plugins/ui/jquery-ui.min.js?20160401165152 HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:39 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:51:52 GMT
ETag: "1080120-37aed-52f67a6e95600"
Accept-Ranges: bytes
Content-Length: 228077
Connection: close
Content-Type: application/javascript
X-Pad: avoid browser bug
121.254.254.193/layouts/default/visual.main.1.jpg
121.254.254.193200 OK 12 kB URL HTTP/1.1 121.254.254.193/layouts/default/visual.main.1.jpg
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 960x330, components 3\012- data
Hash c90539d10660927f18b3e831842a3883
80786f200780318d9906c2bf51350bdc59d5b9ba
8b429a547532a3a9fb66ac7a8cc55ad2069886f816fe5d9cbcd466a1e119c072
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/visual.main.1.jpg HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619ba-2e71-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 11889
Connection: close
Content-Type: image/jpeg
121.254.254.193/layouts/default/visual.main.2.jpg
121.254.254.193200 OK 8.9 kB URL HTTP/1.1 121.254.254.193/layouts/default/visual.main.2.jpg
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 960x330, components 3\012- data
Hash abfdd887b344cd0569ad1ea6dce3b118
b06fc8660f3e013ed6d45e9f1704a7085c3eaa17
db95850972bf8d404f21557378dc0c59c9e13b9b8745bcd744022d998c23897b
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/visual.main.2.jpg HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619bb-22c4-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 8900
Connection: close
Content-Type: image/jpeg
121.254.254.193/layouts/default/siteTitle.png
121.254.254.193200 OK 7.8 kB URL HTTP/1.1 121.254.254.193/layouts/default/siteTitle.png
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 79 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash ee8473a3ad32b3de0183a4ecaa2e618b
a3ea1660b21889b091bb7d707af1d06e3fd1957b
3c9d45e244ae7c8b4a06d9f0abd626b1ad16c2d00ee94908809578ec594bb73c
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/siteTitle.png HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619b7-1e53-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 7763
Connection: close
Content-Type: image/png
121.254.254.193/modules/install/script/welcome_content/welcome.gif
121.254.254.193200 OK 5.0 kB URL HTTP/1.1 121.254.254.193/modules/install/script/welcome_content/welcome.gif
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 60 x 550\012- data
Hash abafd433b64295689844b92322721ea6
570cc1f73e54ae044571f6d1ad74cd385945927b
7e7145a4a0b7b777d82513abd751073554479d118ab77d6a42c70d23bc8ac84a
Analyzer Verdict Alert quad9 Sinkholed
GET /modules/install/script/welcome_content/welcome.gif HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/modules/install/script/welcome_content/welcome.css
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:56:48 GMT
ETag: "14c0ad6-1376-52f67b88df000"
Accept-Ranges: bytes
Content-Length: 4982
Connection: close
Content-Type: image/gif
121.254.254.193/layouts/default/slideNav.png
121.254.254.193200 OK 918 B URL HTTP/1.1 121.254.254.193/layouts/default/slideNav.png
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type PNG image data, 50 x 50, 8-bit/color RGBA, non-interlaced\012- data
Hash f1e07497ca4e097de3fc5f874b3c2068
54bd239eba5c9dc861c93355407c219c30ec6486
84246b6390e17297a1d4a06653b2a9bccc1db3d85d06f8792884fdc1a4a6a433
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/slideNav.png HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/layouts/default/default.layout.css?20160401165206
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619b8-396-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 918
Connection: close
Content-Type: image/png
121.254.254.193/layouts/default/blank.gif
121.254.254.193200 OK 43 B URL HTTP/1.1 121.254.254.193/layouts/default/blank.gif
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert quad9 Sinkholed
GET /layouts/default/blank.gif HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/layouts/default/default.layout.css?20160401165206
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 200 OK
Date: Sat, 04 Feb 2023 16:45:40 GMT
Server: Apache
Last-Modified: Fri, 01 Apr 2016 07:52:06 GMT
ETag: "10619b2-2b-52f67a7bef580"
Accept-Ranges: bytes
Content-Length: 43
Connection: close
Content-Type: image/gif
121.254.254.193/favicon.ico
121.254.254.193404 Not Found 209 B URL HTTP/1.1 121.254.254.193/favicon.ico
IP 121.254.254.193:0
ASN #3786 LG DACOM Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 18ffb59b61525f781cf9251045be575d
bd7318b00b15b7a1c8a48524419fa2e5c27a5b6d
b6682cab65d3243b5b75efb7279dbf49491957484780f2ba0a87632cc0e25642
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 121.254.254.193
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://121.254.254.193/
Cookie: PHPSESSID=c51b8a524db09f18b3cd00815d3f4148; mobile=false; user-agent=df16c081c25306654a0efb89b8761a08
HTTP/1.1 404 Not Found
Date: Sat, 04 Feb 2023 16:45:42 GMT
Server: Apache
Content-Length: 209
Connection: close
Content-Type: text/html; charset=iso-8859-1