| webmail.amanetnonstopdrumultaberei.ro/ | 89.40.19.92 | 301 Moved Permanently | 162 B |
URL HTTP/1.1webmail.amanetnonstopdrumultaberei.ro/ IP89.40.19.92:0
File typeHTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators Hash4f8e702cc244ec5d4de32740c0ecbd97 3adb1f02d5b6054de0046e367c1d687b6cdf7aff 9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Thu, 17 Nov 2022 23:41:59 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://webmail.amanetnonstopdrumultaberei.ro/
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Surrogate-Control: public, max-age=300
Cache-Control: public, max-age=300
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hashd27590a1d3cbe1e9632b8ae92aaae3f4 202b34e8a0c3b88c8826fd56c6227b34f2cd6f46 6bcfa518476658128c1fb4ea2435c4e58531454cf97138dce7ece9def589aead
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6BCFA518476658128C1FB4EA2435C4E58531454CF97138DCE7ECE9DEF589AEAD"
Last-Modified: Wed, 16 Nov 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7189
Expires: Fri, 18 Nov 2022 01:41:47 GMT
Date: Thu, 17 Nov 2022 23:41:58 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashbe1be806b5dca7facbb45a6c3db44652 7ae9380a2f3eca959fe6ff6b3832a17cffd12cf4 1f3338058f8e9cae5c9fdd733c74564312726b01c6efdcd628d851d0c99876b0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5530
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:41:59 GMT
Last-Modified: Thu, 17 Nov 2022 22:09:49 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash4d7e4eed097b9c4e5d509419f1cfc85a 290bb3d428a7c6330e2e3d73a952b16f820896c8 0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 17 Nov 2022 22:44:57 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3422
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash3a38b6dd8a4cc335c026aebf2ed348b6 8a386e0ccb0ca4dc502746c45b2ebc3aa3f83cf8 8b4040a645cec1841a00a22765eb3a74978559daf15c54bd4b41b6b48aab7f95
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8B4040A645CEC1841A00A22765EB3A74978559DAF15C54BD4B41B6B48AAB7F95"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2972
Expires: Fri, 18 Nov 2022 00:31:31 GMT
Date: Thu, 17 Nov 2022 23:41:59 GMT
Connection: keep-alive
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash67d5a988edcda47bc3b3b3f65d32b4b6 d4f0e0da8b3690cc7da925026d3414b68c7d954f 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: vI1VBsY3hBEZJZxCWhjbuTO8xkWxwG69QEkFBmj0m5CK3ge/zW9am7uBQVIOkBUTr1msEVFzthk=
x-amz-request-id: 9GFY0Q0DKEEC7FH6
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 17 Nov 2022 22:52:39 GMT
age: 2960
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:41:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.comodoca.com/ | 104.18.32.68 | 200 OK | 472 B |
IP104.18.32.68:0
Hashc87a67438c76a2477c10859df75103fc 30202de9d04bfb0f176a44d6a2beda29ca54e345 5039264f5ba06eac3bc85a308497afce983d9ae670b9b89da8377bb77051842c
POST / HTTP/1.1
Host: ocsp.comodoca.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 17 Nov 2022 23:41:59 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Tue, 15 Nov 2022 05:46:29 GMT
Expires: Tue, 22 Nov 2022 05:46:28 GMT
Etag: "30202de9d04bfb0f176a44d6a2beda29ca54e345"
Cache-Control: max-age=366868,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: MISS
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 76bc51fcc9210b55-OSL
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Content-Type, Content-Length, Last-Modified, Alert, Backoff, Pragma, Expires, Retry-After, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 17 Nov 2022 23:25:01 GMT
cache-control: public,max-age=3600
age: 1018
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashc10055ce87434f700ff8b20e3be1f919 477b3c9f1da0c464282bb54572737e76b6e346da 4d78eb296876122e5ff40fcd7667adf1bf8a4b1ee4c8203c88a63ce8d7910a57
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5279
Cache-Control: max-age=125575
Content-Type: application/ocsp-response
Date: Thu, 17 Nov 2022 23:41:59 GMT
Etag: "6375f9af-1d7"
Expires: Sat, 19 Nov 2022 10:34:54 GMT
Last-Modified: Thu, 17 Nov 2022 09:06:55 GMT
Server: ECS (ska/F6FE)
X-Cache: HIT
Content-Length: 471
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg | 89.40.19.92 | 200 OK | 3.4 kB |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg IP89.40.19.92:0
Hash5cfa6c62434d24f5a292a2cc40d7fe46 a34587f09d4941c0818ea7fadf0971a2508631e5 c478fd43918041d2a68b18e1207f811ce621d80a727c34441beb2ebe08a76ae2
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/webmail-logo.svg HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/svg+xml
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png | 89.40.19.92 | 200 OK | 320 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png IP89.40.19.92:0
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data Hash07ff84f8c855e5fe9d510ff5c9a4b1e4 11c262053e2b9be57d1dba7cb3d916ef041a0e50 05ce0f813e6236158fa1d115faba62cd2041aab1878cac0960a0f45575cece1e
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-username.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 320
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png | 89.40.19.92 | 200 OK | 450 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png IP89.40.19.92:0
File typePNG image data, 20 x 20, 8-bit/color RGBA, non-interlaced\012- data Hash7ac1cefcb7eab93c6d6981ecde6c1635 1523f8cb80ab19108549d0b7db31a58b71c05d39 a02998df88a6efb0baa526796b2b682ce9fdd6471ceb19170b326320f22f7053
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/icon-password.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 450
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css | 89.40.19.92 | 200 OK | 54 kB |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css IP89.40.19.92:0
Hasha4172dee8cc02ef6ba6c3af267f7c755 8e90fa3fdc40d4e022835580b116f6c4184c64ee 7802663271289f275d6a56cd1270bf8a751ef34b77507adf672e25377c669e5c
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/css
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Wed, 08 Sep 2021 01:49:37 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff | 89.40.19.92 | 200 OK | 23 kB |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff IP89.40.19.92:0
File typeWeb Open Font Format, TrueType, length 22908, version 1.0\012- data Hash697574b47bcfdd2c45e3e63c7380dd67 4590722b795938e0b6ff1b99701d1abe37aeabef 26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Semibold-webfont.woff HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: application/font-woff
content-length: 22908
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff | 89.40.19.92 | 200 OK | 22 kB |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff IP89.40.19.92:0
File typeWeb Open Font Format, TrueType, length 22432, version 1.0\012- data Hash2e90d5152ce92858b62ba053c7b9d2cb 8cf65f42a2a8c349ccd6ab63b6cbd17c96fd665c a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/OpenSans-Bold-webfont.woff HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: application/font-woff
content-length: 22432
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png | 89.40.19.92 | 200 OK | 962 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png IP89.40.19.92:0
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data Hash0a0ec2a6468d4d1aa3fc2baa70271ac8 a31fb01790aca8dc1976450e4234cb6ccc328956 cafbe3036533fe094931f5745f8cb9962a34409522e93d63ac8427acb9a02c79
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-success.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 962
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png | 89.40.19.92 | 200 OK | 976 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png IP89.40.19.92:0
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data Hash14146cf832470d9beca95a708a1d6f8d d4b506f92876baea69409f3a78c4718757a53b33 95f8a142dd96c310afeb75329ef504f162ab3102a81fc07f20b268361990f526
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/notice-info.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 976
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png | 89.40.19.92 | 200 OK | 1.1 kB |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png IP89.40.19.92:0
File typePNG image data, 28 x 28, 8-bit/color RGBA, non-interlaced\012- data Hasha64b8c7407bf94cc4448cb210bb882e7 a526cf52b2c5b6c2d0409b886de4aa968000fcd8 7ecb82019606d891c5197d2f8ba24ec323d9b10a089facc82d089ff1ec3d399b
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1516392945/unprotected/cpanel/images/warning.png HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1631065777/unprotected/cpanel/style_v2_optimized.css
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled; timezone=Etc/UTC
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: image/png
content-length: 1060
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Fri, 19 Jan 2018 20:15:45 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
X-Firefox-Spdy: h2
|
|
| push.services.mozilla.com/ | 54.149.219.22 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP54.149.219.22:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7JbaUw9ib6BqbbK3PPqqxQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ED8+oPqQDZzpJ4qYiPjqOVoVAYc=
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash17af07b019100dc8adb529ce85f827bd 602adaa722e9a3ee89600ebe40cea7033c435483 aec801578f867078e0a82d90e78290f0a3ef4f1f4936eb763801b869e0fae747
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "AEC801578F867078E0A82D90E78290F0A3EF4F1F4936EB763801B869E0FAE747"
Last-Modified: Wed, 16 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5719
Expires: Fri, 18 Nov 2022 01:17:20 GMT
Date: Thu, 17 Nov 2022 23:42:01 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg | 34.120.237.76 | 200 OK | 4.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash292dc2edef978e128f70b96ee4b2b3e2 1530f860e2b54b7b382f59654db63eaed59c5f95 f74b08f1bdd35ea7ebb6e2887fc6c02abc76f9e276cd30d1d7d6475e667b5624
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57ba71d8-c0f3-4d43-a49a-3576bdcfb322.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4310
x-amzn-requestid: 6452483a-f96e-4f27-a18e-55e9206e7be6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-78FiToAMFQag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7f-4e366d3612f39c5c421e864e;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 0biXrpW2TGcLKgAOqLdsgFkZ5lKewM0VFGeNTTrmHX7QEcuNzuwnvQ==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 22:14:32 GMT
age: 5249
etag: "1530f860e2b54b7b382f59654db63eaed59c5f95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg | 34.120.237.76 | 200 OK | 8.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash676b1603008690786aa36dc3113b7581 cbdc425467a5d41aba5e8e5c54354b4f03cd194a 7e5e7bf695ff31df6c97e502a44f4fa9197c6579b0c7a7c590457ea067d1cf1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F84053cb2-edec-465e-8700-6af61bae8236.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8155
x-amzn-requestid: 5650af50-eb93-47d9-8322-8a2e263e12ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-7vFU5IAMFYGw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab7e-759bbd5b5a22e07c1c181c0a;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:45:34 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: VikBDm5_Bqbs0gLFkhbT6H3i6t57bnC0Xq-gkiJBILQ8Ynw_7RqWNA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 5954c6394458ffb44c970b3819d7ff2a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:43 GMT
etag: "cbdc425467a5d41aba5e8e5c54354b4f03cd194a"
content-type: image/jpeg
age: 6378
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp | 34.120.237.76 | 200 OK | 8.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14649d486602810c1b218b96b27b2cc4 96c6cbfe31e7247c64dfa8c3759967627f8c6286 80f5d7573fd2bf4e6a6038ebf1335d159ad37c391ee539918455963d6ee88654
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F484ffe7b-1073-4220-bf53-ccbfc7e9654e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8884
x-amzn-requestid: 3739b8f5-bb0c-4798-a931-e955dd6df81d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-MiGFxoAMFlxA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa50-74c24a2f737634b655a5b47c;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:32 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: d_bLYyZzi1phYwQ2e5uvUmzO0GuvNu9Ubi2PQ0ChilQJegKr3uUiRw==
via: 1.1 79880188a81becf1687ba18c0e064230.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:53 GMT
etag: "96c6cbfe31e7247c64dfa8c3759967627f8c6286"
content-type: image/jpeg
age: 6368
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash032386e5c9dffff1ba1ee5e8a322d438 dd4fd6c803a9b333bace9a541c6bd183d0c56bb9 0e9f559a0aa7e114c5810a27ba243c0da7b44dc0bf7aec2b7ab32b8f0e2b536c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F92501a28-163f-4c6e-aed7-d31c29354d1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11667
x-amzn-requestid: ae092a0a-1709-4497-9f07-0348a28d2491
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bqZOIEN7oAMFlaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637408c0-5ac595df302a8f1d3703ad8d;Sampled=0
x-amzn-remapped-date: Tue, 15 Nov 2022 21:46:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: c_SJMaV3uYSUysTSOFV--jQqDUxw-fBp8cXWWUZw9vUjt0d6PsOpxA==
via: 1.1 0bb842bd5868b86440983b936bb0adee.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 02:49:36 GMT
age: 75145
etag: "dd4fd6c803a9b333bace9a541c6bd183d0c56bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg | 34.120.237.76 | 200 OK | 12 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash05289172c1455c4134e496c6f4606efd ce1bb33256b0754f9acc01e7e9f3e5dc85f89244 a8b4411a0310cc376efe2aec7c0830b8d3b63b8827631b0ff43ec092f1f80f82
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9672fb80-baaa-4ab8-b080-dc8c1ce94400.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12065
x-amzn-requestid: 45c97153-71c7-4985-a1ad-fc21a509d153
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-K5FyVIAMFtDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376aa45-0f9d22dd544a4580570f3089;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:40:21 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: dxT2WJB7m5tUhgBn2PwTIN4Zskzm3X7CW-29hl1nCyNPbKt5j6q5iA==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:55:27 GMT
age: 6394
etag: "ce1bb33256b0754f9acc01e7e9f3e5dc85f89244"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg | 34.120.237.76 | 200 OK | 7.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashb2b393e36ee2c9649d90db136aa49542 e88c5832ff0c49bab181d948c3a510d88343bb6f 8b524701df43bff56ac52a021ff0fbd964e06f00e84b4861aa557ec6ae6b4ffd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3007b4f3-f5db-4eb7-b71a-f9f854ae287e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: b47e545d-1fb6-4a62-ab45-28cdb9d3f0b6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bw-vQE0XoAMFS3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6376ab2e-56365eed3d4c082c53b172b3;Sampled=0
x-amzn-remapped-date: Thu, 17 Nov 2022 21:44:14 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qpoQa1Lhe-h27dGooXDCtujesSTg7Tb0Ov-PNLnUP0288ZofwHxkhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Thu, 17 Nov 2022 21:52:40 GMT
age: 6561
etag: "e88c5832ff0c49bab181d948c3a510d88343bb6f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/ | 89.40.19.92 | 200 OK | 0 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/ IP89.40.19.92:0
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET / HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/html; charset="utf-8"
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate, private, max-age=300, no-cache, no-store, must-revalidate, private, public, max-age=300
set-cookie: webmailrelogin=no; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; HttpOnly; path=/; port=443; secure
roundcube_sessid=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
roundcube_sessauth=expired; HttpOnly; domain=webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
horde_secret_key=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/horde; port=443; secure
PPA_ID=expired; HttpOnly; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
imp_key=expired; HttpOnly; domain=webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443; secure
Horde=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
horde_secret_key=expired; HttpOnly; domain=.webmail.amanetnonstopdrumultaberei.ro; expires=Thu, 01-Jan-1970 00:00:01 GMT; path=/; port=443
roundcube_cookies=enabled; HttpOnly; expires=Fri, 17-Nov-2023 23:42:00 GMT; path=/; port=443; secure
expires: Thu, 17 Nov 2022 23:47:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css | 89.40.19.92 | 200 OK | 0 B |
URL HTTP/2webmail.amanetnonstopdrumultaberei.ro/cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css IP89.40.19.92:0
Analyzer | Verdict | Alert | mnemonic_dns | Sinkholed | | quad9 | Sinkholed | |
GET /cPanel_magic_revision_1616517441/unprotected/cpanel/fonts/open_sans/open_sans.min.css HTTP/1.1
Host: webmail.amanetnonstopdrumultaberei.ro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://webmail.amanetnonstopdrumultaberei.ro/
Cookie: webmailsession=%3aiHOMyweM_1DfFRXq%2cb63a456fa41f0810c66bee8391853778; roundcube_cookies=enabled
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 17 Nov 2022 23:42:00 GMT
content-type: text/css
x-web-hosting: NSHOST.RO - https://www.nshost.ro/servere-cloud
x-frame-options: ALLOW
last-modified: Tue, 23 Mar 2021 16:37:21 GMT
expires: Mon, 16 Jan 2023 23:42:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
surrogate-control: public, max-age=300
cache-control: max-age=5184000, public, public, max-age=300
content-encoding: gzip
X-Firefox-Spdy: h2
|
|