Report - emv1.tous-bear.com/

Report Overview

Visitedpublic

2024-10-10 06:41:50

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Host Summary

Host	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
fonts.gstatic.com	unknown	2008-02-11	2014-09-09 02:40:21	2024-10-09 00:15:21	1.0 kB	39 kB	216.58.207.227
r11.o.lencr.org	unknown	2020-06-29	2024-06-07 07:43:57	2024-10-08 18:12:09	981 B	2.7 kB	23.33.119.27
fonts.googleapis.com	8877	2005-01-25	2013-06-10 22:14:26	2024-10-09 11:41:45	455 B	5.3 kB	142.250.74.106
r10.o.lencr.org	unknown	2020-06-29	2024-06-06 21:45:11	2024-10-08 18:12:21	1.3 kB	3.5 kB	23.33.119.27
emv1.tous-bear.com	unknown	2024-02-20	2024-09-09 13:54:48	2024-09-23 08:09:07	736 B	24 kB	188.246.235.221
o.pki.goog	unknown	2016-06-13	2024-04-24 13:44:57	2024-10-08 18:12:07	1.6 kB	3.5 kB	142.250.74.131

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2024-10-10	medium	tous-bear.com	Sinkholed
2024-10-10	medium	tous-bear.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (0)

HTTP Transactions (17)

URL IP Response Size

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-08

Last Seen2024-10-11

Times Seen12496

Size504 B (504 bytes)

MD592a230cb5218879a64fe719acf75881c

SHA17f7635dedaaca6b4b4ecb370b51df9538d7a7d0d

SHA25614ffc94e6280a14388fda9745042b01144374fd782cf089b48025a1316ecbd24

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "14FFC94E6280A14388FDA9745042B01144374FD782CF089B48025A1316ECBD24"
Last-Modified: Tue, 08 Oct 2024 04:17:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9661
Expires: Thu, 10 Oct 2024 09:22:25 GMT
Date: Thu, 10 Oct 2024 06:41:24 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-08

Last Seen2024-10-11

Times Seen15845

Size504 B (504 bytes)

MD57338853386defad2f045b3bee05dd9c8

SHA16aaf1269eb3b9e16629c1b20652ee2dbd12c7182

SHA25650b50dc294c0c33b05390bd82ad7a823a64b8c24a0de5b92b770e8cfd4e5259f

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "50B50DC294C0C33B05390BD82AD7A823A64B8C24A0DE5B92B770E8CFD4E5259F"
Last-Modified: Tue, 08 Oct 2024 04:16:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8490
Expires: Thu, 10 Oct 2024 09:02:54 GMT
Date: Thu, 10 Oct 2024 06:41:24 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-11

Times Seen6249

Size504 B (504 bytes)

MD598bbf57a5e5f7f90fd4a8eeba951c9b8

SHA1f9825be278e9bb848fedd3fef7e0fb5852593191

SHA256b5018224e661a6e445d442958f7bf4640744ae71d1b54cb56e71d244f3a2f543

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "B5018224E661A6E445D442958F7BF4640744AE71D1B54CB56E71D244F3A2F543"
Last-Modified: Thu, 10 Oct 2024 02:39:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17873
Expires: Thu, 10 Oct 2024 11:39:17 GMT
Date: Thu, 10 Oct 2024 06:41:24 GMT
Connection: keep-alive

r10.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r10.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-11

Times Seen2503

Size504 B (504 bytes)

MD5691959fefcfad097bc3ec1a354630850

SHA19be67f0c9108246241e1539ed995907bd47bc070

SHA2568da8a9af223c237874474d06c24ea3a8a1b38c029469290e99b287d6ea71e29a

HTTP Headers

POST / HTTP/1.1
Host: r10.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "8DA8A9AF223C237874474D06C24EA3A8A1B38C029469290E99B287D6EA71E29A"
Last-Modified: Wed, 09 Oct 2024 22:50:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4531
Expires: Thu, 10 Oct 2024 07:56:55 GMT
Date: Thu, 10 Oct 2024 06:41:24 GMT
Connection: keep-alive

GET emv1.tous-bear.com/

188.246.235.221

200 OK

12 kB

URL User Request GET HTTP

emv1.tous-bear.com/

IP / ASN

188.246.235.221

#49505 OOO Network of data-centers Selectel

Requested byN/A

Resource Info

File typeHTML document, ASCII text, with very long lines (6573)

First Seen2024-09-09

Last Seen2025-08-07

Times Seen1485

Size12 kB (11694 bytes)

MD5b7759166a0f1807b202b45f510c2172e

SHA1ef160ebdf82a6cadd27197fb589a3786e58e3fa5

SHA256825eb1a627f34c3d1fad85cb5904b5ac0fded65f677c5a85fa992e42c450fd99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET / HTTP/1.1
Host: emv1.tous-bear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 10 Oct 2024 06:41:25 GMT
Content-Type: text/html
Content-Length: 11694
Last-Modified: Fri, 06 Sep 2024 12:05:04 GMT
Connection: keep-alive
ETag: "66daeff0-2dae"
Accept-Ranges: bytes

o.pki.goog/wr2

142.250.74.131

472 B

URL HTTP

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-10-09

Last Seen2024-10-11

Times Seen1054

Size472 B (472 bytes)

MD5bd3b7c08958b51e9154f9f5e1605d72e

SHA14dea39bd5bb7ff23b1e88d89a824054833cc01cc

SHA2569a45e5108005d6dc252197754dd077bfe0c7b311eaf615ac9b8dcc495f5d8c56

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Oct 2024 06:41:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET emv1.tous-bear.com/favicon.ico

188.246.235.221

200 OK

12 kB

URL GET HTTP

emv1.tous-bear.com/favicon.ico

IP / ASN

188.246.235.221

#49505 OOO Network of data-centers Selectel

Requested byhttp://emv1.tous-bear.com/

Resource Info

File typeHTML document, ASCII text, with very long lines (6573)

First Seen2024-09-09

Last Seen2025-08-07

Times Seen1485

Size12 kB (11694 bytes)

MD5b7759166a0f1807b202b45f510c2172e

SHA1ef160ebdf82a6cadd27197fb589a3786e58e3fa5

SHA256825eb1a627f34c3d1fad85cb5904b5ac0fded65f677c5a85fa992e42c450fd99

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: emv1.tous-bear.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://emv1.tous-bear.com/
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx/1.24.0
Date: Thu, 10 Oct 2024 06:41:25 GMT
Content-Type: text/html
Content-Length: 11694
Last-Modified: Fri, 06 Sep 2024 12:05:04 GMT
Connection: keep-alive
ETag: "66daeff0-2dae"
Accept-Ranges: bytes

o.pki.goog/wr2

142.250.74.131

472 B

URL HTTP

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-10-09

Last Seen2024-10-11

Times Seen1054

Size472 B (472 bytes)

MD5bd3b7c08958b51e9154f9f5e1605d72e

SHA14dea39bd5bb7ff23b1e88d89a824054833cc01cc

SHA2569a45e5108005d6dc252197754dd077bfe0c7b311eaf615ac9b8dcc495f5d8c56

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Oct 2024 06:41:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL HTTP

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-10-09

Last Seen2024-10-11

Times Seen1001

Size471 B (471 bytes)

MD5a52ced9e5e4c59c96e8144873b44ca3f

SHA15a12243c39c5c33c87a0819b475eedd1bc9b0f03

SHA2565c09ab9f16d880c9404b0c7dd5c3261d7909b0bfb6e20ee8576385b2fc3801e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Oct 2024 06:41:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

o.pki.goog/wr2

142.250.74.131

471 B

URL HTTP

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-10-09

Last Seen2024-10-11

Times Seen1001

Size471 B (471 bytes)

MD5a52ced9e5e4c59c96e8144873b44ca3f

SHA15a12243c39c5c33c87a0819b475eedd1bc9b0f03

SHA2565c09ab9f16d880c9404b0c7dd5c3261d7909b0bfb6e20ee8576385b2fc3801e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Oct 2024 06:41:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

GET fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

216.58.207.227

200 OK

19 kB

URL GET HTTPS

fonts.gstatic.com/s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttp://emv1.tous-bear.com/

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 18588, version 1.0

First Seen2024-08-01

Last Seen2025-08-06

Times Seen17385

Size19 kB (18588 bytes)

MD5115c2d84727b41da5e9b4394887a8c40

SHA144f495a7f32620e51acca2e78f7e0615cb305781

SHA256ae0e442895406e9922237108496c2cd60f4947649a826463e2da9860b5c25dd6

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B

ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

HTTP Headers

GET /s/roboto/v32/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://emv1.tous-bear.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18588
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 09:48:05 GMT
expires: Fri, 03 Oct 2025 09:48:05 GMT
cache-control: public, max-age=31536000
age: 593600
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

GET fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

216.58.207.227

200 OK

18 kB

URL GET HTTPS

fonts.gstatic.com/s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2

IP / ASN

216.58.207.227

#15169 GOOGLE

Requested byhttp://emv1.tous-bear.com/

Resource Info

File typeWeb Open Font Format (Version 2), TrueType, length 18536, version 1.0

First Seen2024-08-01

Last Seen2025-08-06

Times Seen43568

Size18 kB (18536 bytes)

MD58eff0b8045fd1959e117f85654ae7770

SHA1227fee13ceb7c410b5c0bb8000258b6643cb6255

SHA25689978e658e840b927dddb5cb3a835c7d8526ece79933bd9f3096b301fe1a8571

Certificate Info

IssuerGoogle Trust Services

Subject*.gstatic.com

Fingerprint0B:BA:7B:D2:D9:02:2E:7F:5C:C7:1F:18:F2:A7:76:44:D1:22:07:2B

ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

HTTP Headers

GET /s/roboto/v32/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://emv1.tous-bear.com
DNT: 1
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 18536
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 03 Oct 2024 11:29:57 GMT
expires: Fri, 03 Oct 2025 11:29:57 GMT
cache-control: public, max-age=31536000
age: 587488
last-modified: Thu, 01 Aug 2024 20:41:24 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

o.pki.goog/wr2

142.250.74.131

471 B

URL HTTP

o.pki.goog/wr2

IP / ASN

142.250.74.131

#15169 GOOGLE

Requested byN/A

Resource Info

File typedata

First Seen2024-10-09

Last Seen2024-10-11

Times Seen1001

Size471 B (471 bytes)

MD5a52ced9e5e4c59c96e8144873b44ca3f

SHA15a12243c39c5c33c87a0819b475eedd1bc9b0f03

SHA2565c09ab9f16d880c9404b0c7dd5c3261d7909b0bfb6e20ee8576385b2fc3801e4

HTTP Headers

POST /wr2 HTTP/1.1
Host: o.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 10 Oct 2024 06:41:25 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-12

Times Seen25658

Size504 B (504 bytes)

MD5ccb7c0a230775ffeed6f8a2d5495f2f4

SHA1b64d41f2ff0740b511f8043dd7f00db3d937bdc8

SHA256c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13482
Expires: Thu, 10 Oct 2024 10:26:09 GMT
Date: Thu, 10 Oct 2024 06:41:27 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-12

Times Seen25658

Size504 B (504 bytes)

MD5ccb7c0a230775ffeed6f8a2d5495f2f4

SHA1b64d41f2ff0740b511f8043dd7f00db3d937bdc8

SHA256c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13482
Expires: Thu, 10 Oct 2024 10:26:09 GMT
Date: Thu, 10 Oct 2024 06:41:27 GMT
Connection: keep-alive

r11.o.lencr.org/

23.33.119.27

504 B

URL HTTP

r11.o.lencr.org/

IP / ASN

23.33.119.27

#20940 Akamai International B.V.

Requested byN/A

Resource Info

File typedata

First Seen2024-10-10

Last Seen2024-10-12

Times Seen25658

Size504 B (504 bytes)

MD5ccb7c0a230775ffeed6f8a2d5495f2f4

SHA1b64d41f2ff0740b511f8043dd7f00db3d937bdc8

SHA256c1086024116cc032f78be5a4521af542f33df4c8534249eaf15c5eeccf4ec5f7

HTTP Headers

POST / HTTP/1.1
Host: r11.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 504
ETag: "C1086024116CC032F78BE5A4521AF542F33DF4C8534249EAF15C5EECCF4EC5F7"
Last-Modified: Wed, 09 Oct 2024 23:02:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13482
Expires: Thu, 10 Oct 2024 10:26:09 GMT
Date: Thu, 10 Oct 2024 06:41:27 GMT
Connection: keep-alive

GET fonts.googleapis.com/css?family=Roboto:regular,500&display=swap

142.250.74.106

200 OK

4.7 kB

URL GET HTTPS

fonts.googleapis.com/css?family=Roboto:regular,500&display=swap

IP / ASN

142.250.74.106

#15169 GOOGLE

Requested byhttp://emv1.tous-bear.com/

Resource Info

File typeASCII text, with very long lines (4786), with no line terminators

First Seen2024-08-02

Last Seen2024-10-15

Times Seen93

Size4.7 kB (4660 bytes)

MD59efaaa902c7dc507ee133e38c40106b8

SHA1d3e98c2836708e5c56f031605a328b553c261f8c

SHA25613aeaa5746a7a286ae5dc2002c43c47459004ca961d423dcd0ecdc3527d38d47

Certificate Info

IssuerGoogle Trust Services

Subjectupload.video.google.com

Fingerprint58:48:CD:9D:CD:36:2C:BF:35:F8:E0:82:73:2B:F8:79:64:BB:AE:F7

ValidityMon, 16 Sep 2024 09:34:31 GMT - Mon, 09 Dec 2024 09:34:30 GMT

HTTP Headers

GET /css?family=Roboto:regular,500&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: http://emv1.tous-bear.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 10 Oct 2024 06:41:25 GMT
date: Thu, 10 Oct 2024 06:41:25 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2