| r3.o.lencr.org/ |  95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hashcfec3d7283a9b66d2be426ce54d210f3 808c1feb1ba918951d1928c1f6bfc0c253262774 1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9868
Expires: Mon, 05 Dec 2022 00:59:15 GMT
Date: Sun, 04 Dec 2022 22:14:47 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ |  93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hashfb2c0697c6d9a96a5411dd2952947458 79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4 3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 772
Cache-Control: max-age=131362
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:14:47 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:44:09 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| 69.167.186.102/ |  69.167.186.102 | 200 OK | 7.9 kB |
IP69.167.186.102:0
File typeHTML document text\012- assembler source, ASCII text, with very long lines (730), with CRLF, LF line terminators Hashef60a8581c23d86fbef549f0e81dea5b 096db6ccc7a23f3587a0bb6b196fe8e68443e1c3 a998be3f036df445b544dfc2e1afdbe246d2f71d4961c411864950d92d23baa1
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET / HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:47 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: PHPSESSID=e9247634f0601fc01716661a1fdf47f2; path=/;HttpOnly;Secure
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 7873
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash1ea206ac3c440825741687351f8c6e4e 2f38dafd8c43dcce2411a0590bc5c02cd6286735 7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10876
Expires: Mon, 05 Dec 2022 01:16:03 GMT
Date: Sun, 04 Dec 2022 22:14:47 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash14cd9a0afb6ba9a763651d5112760d1e 75d7b104ab9ab11fbb73c3f348b43b0119b5adfa 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 21:20:09 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3278
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: nDGNjqzSP47A3vsOoa84vD2cBsu+bpzFevxx/VAciBfV8ziJcTDmdvQlbLojY56zn5G6eMC4G9w=
x-amz-request-id: KEV89HDX6VG07XD1
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 21:47:43 GMT
age: 1624
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:14:47 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash3c4319f54a5675ee9acda96c58f97ac6 210ea86db1836d430b321d59b4bd1b016c914f22 cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:14:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| www.googletagmanager.com/gtag/js?id=UA-123257323-1 | 142.250.74.40 | 200 OK | 44 kB |
URL HTTP/2www.googletagmanager.com/gtag/js?id=UA-123257323-1 IP142.250.74.40:0
File typeASCII text, with very long lines (1921) Hash203ee471a35b3f07731e224373928653 a7f68d6fa294e0b16f187f7087b43978a708bdfd b8fd7d32d5b7fe5de9547ebd2998c45dfa962d624ba99c7140338b075e50a3c6
GET /gtag/js?id=UA-123257323-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 22:14:47 GMT
expires: Sun, 04 Dec 2022 22:14:47 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43636
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| 69.167.186.102/style.css | 69.167.186.102 | 404 Not Found | 959 B |
IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /style.css HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:47 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: text/html
|
|
| 69.167.186.102/includes/showstyle.php | 69.167.186.102 | 404 Not Found | 959 B |
URL HTTP/1.169.167.186.102/includes/showstyle.php IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /includes/showstyle.php HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:47 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html
|
|
| ocsp.pki.goog/gts1c3 | 142.250.74.131 | 200 OK | 472 B |
IP142.250.74.131:0
Hash3c4319f54a5675ee9acda96c58f97ac6 210ea86db1836d430b321d59b4bd1b016c914f22 cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:14:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 22:08:58 GMT
cache-control: public,max-age=3600
age: 350
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| members.mmaoffice.org/ez/includes/menu.js | 69.167.186.102 | 200 OK | 2.7 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/menu.js IP69.167.186.102:0
Hash33b8646249982add6d420c2df6f9edbf 3b09ccfe6e35c83384bb1a49a853b8a1a04ba6ae 58195d3113f5a906b10fbe80057252bdd66eb9bd7604872615d621ac01ef324d
GET /ez/includes/menu.js HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 28 Mar 2014 06:04:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 03 Jan 2023 22:14:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2687
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| members.mmaoffice.org/ez/includes/reset.css | 69.167.186.102 | 200 OK | 201 B |
URL HTTP/1.1members.mmaoffice.org/ez/includes/reset.css IP69.167.186.102:0
Hashfac5a147af3f97b734f2762690cb86a8 c5e68d3b2462e1b213e2b8f0c36f3615ea9142f0 0ad94ee852b0d4ff0de9d15ad01b07691a8260ebd38b71e904d250594eb05bb7
GET /ez/includes/reset.css HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 28 Mar 2014 06:05:49 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 03 Jan 2023 22:14:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 201
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/css
|
|
| members.mmaoffice.org/ez/includes/jquery.min.js | 69.167.186.102 | 200 OK | 20 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/jquery.min.js IP69.167.186.102:0
File typeASCII text, with very long lines (39660) Hash3ebe80c7555ee7221f5f7318268106c5 e2e8919769def134537ccda0d98666e3e9a9cc60 59fbef40a1a4f8c11fffbb6fb5703d00aede378b14040854b6c0858b60a04301
GET /ez/includes/jquery.min.js HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 28 Mar 2014 06:04:40 GMT
Accept-Ranges: bytes
Cache-Control: max-age=2592000
Expires: Tue, 03 Jan 2023 22:14:48 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 19740
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash31b129c94a90b1e695b21395cb54e378 a3cae46b48d469cc61ab0581303bcd5f5b654db9 fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 756
Cache-Control: max-age=126279
Content-Type: application/ocsp-response
Date: Sun, 04 Dec 2022 22:14:48 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:19:27 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| 69.167.186.102/ez/images/more-button.png | 69.167.186.102 | 200 OK | 5.4 kB |
URL HTTP/1.169.167.186.102/ez/images/more-button.png IP69.167.186.102:0
File typePNG image data, 36 x 110, 8-bit/color RGBA, non-interlaced\012- data Hash4851a5c6c0e9706a2d9175a50db8875d a656976b0dd401936a071955d2e10dbe55565e5b 837170142675e70867ad95a6e2a292d5ad293fb80120bad66396252ac0d450b8
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/images/more-button.png HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Wed, 02 Apr 2014 10:38:50 GMT
Accept-Ranges: bytes
Content-Length: 5419
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/png
|
|
| 69.167.186.102/style.css | 69.167.186.102 | 404 Not Found | 959 B |
IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /style.css HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=498
Connection: Keep-Alive
Content-Type: text/html
|
|
| push.services.mozilla.com/ | 52.38.227.80 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP52.38.227.80:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 7fc7EbaJdIL8Rclfqc947Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IYtQoR4VZ/oq8MnvzrzYxDEggus=
|
|
| 69.167.186.102/janda/images/contentsTopBg.png | 69.167.186.102 | 404 Not Found | 959 B |
URL HTTP/1.169.167.186.102/janda/images/contentsTopBg.png IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /janda/images/contentsTopBg.png HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html
|
|
| 69.167.186.102/janda/images/eventsTopBg.jpg | 69.167.186.102 | 404 Not Found | 959 B |
URL HTTP/1.169.167.186.102/janda/images/eventsTopBg.jpg IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /janda/images/eventsTopBg.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=497
Connection: Keep-Alive
Content-Type: text/html
|
|
| 69.167.186.102/ez/files/home/1446825654_section-2.jpg | 69.167.186.102 | 200 OK | 1.5 kB |
URL HTTP/1.169.167.186.102/ez/files/home/1446825654_section-2.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 327x139, components 3\012- data Hashfa0a9e1fb3648543b61b44d9d05a28b1 afc7229f7a420d283ee055c660e8da769e178082 24bbdf328bc200e75bdc5461ebea16a600ac4973b2ed12723d1ba5915df6d95d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446825654_section-2.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 16:00:54 GMT
Accept-Ranges: bytes
Content-Length: 1484
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/janda/images/contentsCenterBg.png | 69.167.186.102 | 404 Not Found | 959 B |
URL HTTP/1.169.167.186.102/janda/images/contentsCenterBg.png IP69.167.186.102:0
File typeHTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text Hashcac39027d5bb722961f42e55bd9d071c dae06743918462054d69332b9a1c76252fb58bc8 fafe07999e3b4e3e26f2278df49c30f4dae9be4610150e11f7b291fc65805a1c
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /janda/images/contentsCenterBg.png HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 404 Not Found
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Accept-Ranges: bytes
Vary: User-Agent
Content-Length: 959
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: text/html
|
|
| 69.167.186.102/ez/files/home/1446825096_section-1.jpg | 69.167.186.102 | 200 OK | 1.6 kB |
URL HTTP/1.169.167.186.102/ez/files/home/1446825096_section-1.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 319x139, components 3\012- data Hash596c19e9e27cc91c201ee9c8cb0df26e adebb092af8dbf191a6a9e60e1538535d773d7ce 678c40dcb457439dd76f5bf224d29c122570a4799fb15e44c382e0fd8999bfdf
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446825096_section-1.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 15:51:36 GMT
Accept-Ranges: bytes
Content-Length: 1570
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/ez/files/home/1446825664_section-3.jpg | 69.167.186.102 | 200 OK | 1.6 kB |
URL HTTP/1.169.167.186.102/ez/files/home/1446825664_section-3.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 317x139, components 3\012- data Hash8902bb9748b2e470aa73618fc4c6745a 362593319d84fd1c6b1574743102e981cefa4cd3 57903b4bf68e2a95cc7c315b1bda9d742578926919c2dd5b66b4f83ee28f7d9d
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446825664_section-3.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 16:01:04 GMT
Accept-Ranges: bytes
Content-Length: 1609
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/ez/files/home/1446823736_body-bg2.jpg | 69.167.186.102 | 200 OK | 1.4 kB |
URL HTTP/1.169.167.186.102/ez/files/home/1446823736_body-bg2.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 6x894, components 3\012- data Hash1615c4be46511f490ad86f6bb9da3972 498378b31da5b47f0383d3f169d6c126a606963f 868c9c424349629fb7a1792b22b653f3f5e5e7850112af52cec90b26f5c62992
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446823736_body-bg2.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 15:28:56 GMT
Accept-Ranges: bytes
Content-Length: 1354
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=496
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/ez/files/home/1446824230_toprightBg.jpg | 69.167.186.102 | 200 OK | 978 B |
URL HTTP/1.169.167.186.102/ez/files/home/1446824230_toprightBg.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 228x24, components 3\012- data Hash2f0d5f703286f97df3446728059c5c24 baa52a112d98bc104d8483584f34ceb83ca002f5 f884e292893d4aef371f4cade38c59a5b054647a914d799fe99dc3f705643d1f
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446824230_toprightBg.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 15:37:10 GMT
Accept-Ranges: bytes
Content-Length: 978
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/ez/files/home/1446826559_footerBg.jpg | 69.167.186.102 | 200 OK | 733 B |
URL HTTP/1.169.167.186.102/ez/files/home/1446826559_footerBg.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 6x160, components 3\012- data Hash5bda404db7495f6c195ba53b38d82e3b e5e54a69022cdced58a5886dbbcbfc8ce13f1d05 8ba4e8d30629f05596cecbaa7e0c87aed27bfdf36efeab77923825ef70c91190
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/home/1446826559_footerBg.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 06 Nov 2015 16:15:59 GMT
Accept-Ranges: bytes
Content-Length: 733
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| servedbyadbutler.com/adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER |  116.202.46.88 | 200 OK | 773 B |
URL HTTP/1.1servedbyadbutler.com/adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
File typeHTML document, ASCII text, with very long lines (1506) Hash5f503af3d6e355bfcb672694c0fd342e d7d0e3678827b1df1826b0fb192603b04ee8da8f 39caa3f4be50ab34e8b8c5f002fbf2a6d85a2e44a8e62219f5fdd825830bf139
GET /adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:49 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| members.mmaoffice.org/ez/includes/source/renew%20now%20for%20website%20(2).jpg | 69.167.186.102 | 200 OK | 83 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/renew%20now%20for%20website%20(2).jpg IP69.167.186.102:0
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2], baseline, precision 8, 1200x628, components 3\012- data Hash2c377a34383f31436452be8e597bd864 b6935c239e61878a25eb856f322a694a81ce3f6f c8c2986fa9239db50ceaaa6a35c30dd5dff1cc8e6e85f2db03e3b4f36258a792
GET /ez/includes/source/renew%20now%20for%20website%20(2).jpg HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 20:53:05 GMT
Accept-Ranges: bytes
Content-Length: 82575
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 69.167.186.102/ez/files/banner/1486571523_1414172171_HomePage_Small2.jpg | 69.167.186.102 | 200 OK | 151 kB |
URL HTTP/1.169.167.186.102/ez/files/banner/1486571523_1414172171_HomePage_Small2.jpg IP69.167.186.102:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=188, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=979], baseline, precision 8, 979x188, components 3\012- data Size151 kB (150604 bytes) Hashc1651481dcc73f816954844a81eb8bb1 37876ed6e2a3b62458ae0c951e2bd84bdee3f991 9bb72a276ad8edd13196736f92ed935e9f1010012c4ee9cc93d5763c1b126011
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /ez/files/banner/1486571523_1414172171_HomePage_Small2.jpg HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Wed, 08 Feb 2017 16:32:03 GMT
Accept-Ranges: bytes
Content-Length: 150604
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=498
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| servedbyadbutler.com/adserve/;MID=165731;type=e959fb862;placementID=1944131;setID=226724;channelID=0;CID=713004;BID=520841699;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192089033993;hc=d82d80431559000694e2e8aebeb2e8fb1f4f1387 | 116.202.46.88 | 200 OK | 20 B |
URL HTTP/1.1servedbyadbutler.com/adserve/;MID=165731;type=e959fb862;placementID=1944131;setID=226724;channelID=0;CID=713004;BID=520841699;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192089033993;hc=d82d80431559000694e2e8aebeb2e8fb1f4f1387 IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /adserve/;MID=165731;type=e959fb862;placementID=1944131;setID=226724;channelID=0;CID=713004;BID=520841699;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192089033993;hc=d82d80431559000694e2e8aebeb2e8fb1f4f1387 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://69.167.186.102
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:49 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://69.167.186.102
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| members.mmaoffice.org/ez/includes/source/MMA_CIRCLE_GRAPHIC%20(004)_1.png | 69.167.186.102 | 200 OK | 256 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/MMA_CIRCLE_GRAPHIC%20(004)_1.png IP69.167.186.102:0
File typePNG image data, 2478 x 2474, 8-bit/color RGBA, interlaced\012- data Size256 kB (255751 bytes) Hashfa7316ac88207f7bc97923f6ad0b7a6f d25417c8d0c9c89004e883fc18b27beb124ec21d e94ebb22db889b1b99f757ce068000957b5fb08c43060b3fbaac0b1489a12761
GET /ez/includes/source/MMA_CIRCLE_GRAPHIC%20(004)_1.png HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Mon, 24 Jan 2022 18:44:30 GMT
Accept-Ranges: bytes
Content-Length: 255751
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/png
|
|
| servedbyadbutler.com/getad.img/;libID=3664189 | 116.202.46.88 | 200 OK | 66 kB |
URL HTTP/1.1servedbyadbutler.com/getad.img/;libID=3664189 IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 675x100, components 3\012- data Hashed2cee12a8d3537316ada212d215d450 ebdec24826e3d9ac1db94192447fce5a9bb4bf30 5e1c001ccf6bfb5ebe3a423d225c2285a83f793f60aca01abce4e653303b199f
GET /getad.img/;libID=3664189 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:49 GMT
Content-Type: image/jpeg
Content-Length: 65555
Last-Modified: Sun, 04 Dec 2022 22:14:49 GMT
Connection: keep-alive
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 14:14:49 PST
Content-Disposition: inline; filename="BMO-Harris-Bank_675x100.jpg"
ETag: "638d1bd9-10013"
Access-Control-Allow-Origin: http://69.167.186.102
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
|
|
| members.mmaoffice.org/ez/includes/source/SMS-COVID-Outpatient-Header.jpg | 69.167.186.102 | 200 OK | 433 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/SMS-COVID-Outpatient-Header.jpg IP69.167.186.102:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=14, height=628, bps=0, compression=LZW, PhotometricIntepretation=RGB, orientation=upper-left, width=2276], baseline, precision 8, 1200x600, components 3\012- data Size433 kB (433273 bytes) Hash985a76a4d4ef1e76c6ce921a6b29c3e4 6bdcbd9a00933914aecaa3981f11a4a5aec62bc0 7080ae65505d29caeab825583d0d20e2e62b1597c55943c26dcb7163a3324e97
GET /ez/includes/source/SMS-COVID-Outpatient-Header.jpg HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Tue, 29 Jun 2021 22:24:47 GMT
Accept-Ranges: bytes
Content-Length: 433273
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| members.mmaoffice.org/ez/includes/source/home%20page%20icons/v2_Web_Ad_5.21.2020_AssociationAd-FB1_1200x628_BLANK.png | 69.167.186.102 | 200 OK | 368 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/home%20page%20icons/v2_Web_Ad_5.21.2020_AssociationAd-FB1_1200x628_BLANK.png IP69.167.186.102:0
File typePNG image data, 1119 x 628, 8-bit/color RGB, non-interlaced\012- data Size368 kB (367520 bytes) Hashda13e282fcbd66e416b77a4bc1bc6018 524306e887332da5055ae58b682ba5c35524d3c4 6140e2aa968c221f33e470afd67139bc588e2f51df8131e4f0a83a4bfa32749b
GET /ez/includes/source/home%20page%20icons/v2_Web_Ad_5.21.2020_AssociationAd-FB1_1200x628_BLANK.png HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Fri, 22 May 2020 21:17:37 GMT
Accept-Ranges: bytes
Content-Length: 367520
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=499
Connection: Keep-Alive
Content-Type: image/png
|
|
| members.mmaoffice.org/ez/includes/source/final_BSCC-Logo-Color-CMYK.jpg | 69.167.186.102 | 200 OK | 654 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/final_BSCC-Logo-Color-CMYK.jpg IP69.167.186.102:0
File typeJPEG image data, baseline, precision 8, 1501x421, components 4\012- data Size654 kB (653805 bytes) Hash3f2cd01116d6aa68c9ea762565a632fb 0323963f2e817c51bd53ad9f73b2537319948c0b 013282886128decfdb0b1310ba31fd62245eeb951d157666126f9bb60b636970
GET /ez/includes/source/final_BSCC-Logo-Color-CMYK.jpg HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Mon, 23 Aug 2021 15:49:00 GMT
Accept-Ranges: bytes
Content-Length: 653805
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| members.mmaoffice.org/ez/includes/source/Rx%20Drug%20Documents/MMA%20-%20Button-Square.jpg | 69.167.186.102 | 200 OK | 445 kB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/Rx%20Drug%20Documents/MMA%20-%20Button-Square.jpg IP69.167.186.102:0
File typeJPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, baseline, precision 8, 1042x938, components 3\012- data Size445 kB (444670 bytes) Hash7604cad47875f45ffad8c9467ee9e8e3 10a6b589d60c3b55aff551339b466699e508db24 f7de5adc62f970d9ddaf3c617a92cd10103329eb461d2025e0b9616e4aad4f06
GET /ez/includes/source/Rx%20Drug%20Documents/MMA%20-%20Button-Square.jpg HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:49 GMT
Server: Apache
Last-Modified: Thu, 20 Feb 2020 22:51:33 GMT
Accept-Ranges: bytes
Content-Length: 444670
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:49 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=498
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6525
Expires: Mon, 05 Dec 2022 00:03:35 GMT
Date: Sun, 04 Dec 2022 22:14:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6525
Expires: Mon, 05 Dec 2022 00:03:35 GMT
Date: Sun, 04 Dec 2022 22:14:50 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6525
Expires: Mon, 05 Dec 2022 00:03:35 GMT
Date: Sun, 04 Dec 2022 22:14:50 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp | 34.120.237.76 | 200 OK | 5.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash43309032a892c486f9985ef520df696e 36f4682ca6a33ff80ee02129c77e6f27e996ede0 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:41 GMT
age: 1329
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg | 34.120.237.76 | 200 OK | 9.0 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha6e7b32ac999cf3c899a234c621fa91a fc5d4f3163ebb9faf85968cbb1d194e8e68418be f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: emlp1xilsRT2P1bLbS63ImV7rpoIInC-6mQhu7eGProt148Gj-f1zg==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 559326ad73233233a9e52cb9e8601ede.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:50:01 GMT
age: 1489
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| r3.o.lencr.org/ | 95.101.11.115 | 200 OK | 503 B |
IP95.101.11.115:0 ASN#20940 Akamai International B.V.
Hash83e0936435ad95a15c9ec5ff9520f4fe a8225ee0d8ae117f977f7ff817c342c62e91b5a9 ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6525
Expires: Mon, 05 Dec 2022 00:03:35 GMT
Date: Sun, 04 Dec 2022 22:14:50 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png | 34.120.237.76 | 200 OK | 16 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash14dcca2a9c4792d835ee709bcd947402 1d702df3a64258628f4124eafd580695f2d350af da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 53289
etag: "1d702df3a64258628f4124eafd580695f2d350af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash2636f91bb8fa4d9bb7bef114c248a9ae 8637105f41058bc0d2b259d462b560881928adb6 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: S6Xknz1l6TuuYButc4p3tl4nIZi9YzV9IP6Bag4HNFC_hfbDeWXVCA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:47:06 GMT
age: 1664
etag: "8637105f41058bc0d2b259d462b560881928adb6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg | 34.120.237.76 | 200 OK | 4.7 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashc01fe1cccdb3b672bbade6d98217ffe9 a9a529dc9894827f6243a1bf57f81caa4fe88fc2 c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kmki-SBINSx1kbiIkaSGebdCLrnDeHVhYeotAWzE__CevkNDdfzRGg==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:44:01 GMT
age: 1849
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg | 34.120.237.76 | 200 OK | 8.3 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hashdb1701b7b9d161a0c935bb6e10b17893 22a8c4bd58c729c1abcf794466e8f3231dfb034b b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 8ugcixaNsXG-AIHYCfoyOWa5zowv2lb4qwWc8o5_7SQc_0w5HW4mBw==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 21:52:48 GMT
age: 1322
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| members.mmaoffice.org/ez/files/home/MMA%20logo%20CMYK%20wTag.jpg | 69.167.186.102 | 200 OK | 1.3 MB |
URL HTTP/1.1members.mmaoffice.org/ez/files/home/MMA%20logo%20CMYK%20wTag.jpg IP69.167.186.102:0
File typeJPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2015 (Macintosh), datetime=2015:08:06 10:28:51], baseline, precision 8, 2288x1463, components 4\012- data Size1.3 MB (1259359 bytes) Hash88c4c698575a9de084634063d65d2ec8 b78c7fdb71fc334b5346eaccced6b1fd5fd4e01b 942de52984297892ad07c8e4ec0ea4de11bb1d9d277d7763c3fb7e6d6ff857f2
GET /ez/files/home/MMA%20logo%20CMYK%20wTag.jpg HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:48 GMT
Server: Apache
Last-Modified: Thu, 05 Nov 2015 21:30:28 GMT
Accept-Ranges: bytes
Content-Length: 1259359
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:48 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=500
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| servedbyadbutler.com/app.js | 116.202.46.88 | 200 OK | 13 kB |
URL HTTP/2servedbyadbutler.com/app.js IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
Hasheb9daac81cfe08871033fe0dcfaeef43 85940e2b0874fab9227baa599d899eb43f4c730c e0b072961917ac5b1a727dc01629cffbacbf7d643f9762d4e0d96da3ea35aa0c
GET /app.js HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 04 Dec 2022 22:14:48 GMT
content-type: application/javascript
last-modified: Fri, 09 Sep 2022 15:50:13 GMT
vary: Accept-Encoding
etag: W/"631b60b5-10987"
expires: Sun, 04 Dec 2022 22:44:48 GMT
cache-control: max-age=1800
content-encoding: gzip
X-Firefox-Spdy: h2
|
|
| www.google-analytics.com/analytics.js | 216.239.36.178 | 200 OK | 20 kB |
URL HTTP/2www.google-analytics.com/analytics.js IP216.239.36.178:0
File typeASCII text, with very long lines (1325) Hash47e6f374ca946fddd5b59871b325736c baa9282efc8785e84d247c3bff518eaa45f101c4 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 20:41:08 GMT
expires: Sun, 04 Dec 2022 22:41:08 GMT
cache-control: public, max-age=7200
age: 5622
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| members.mmaoffice.org/ez/includes/source/Covid19/HB86%20Website%20teaser.PNG | 69.167.186.102 | 200 OK | 1.1 MB |
URL HTTP/1.1members.mmaoffice.org/ez/includes/source/Covid19/HB86%20Website%20teaser.PNG IP69.167.186.102:0
File typePNG image data, 1135 x 819, 8-bit/color RGBA, non-interlaced\012- data Size1.1 MB (1080656 bytes) Hashd3fd692129e7e21c9d4da23b73cdb85d 9ce7376afee156e2e3d7e95e6ecc2600ca5fefa5 2c77396d74a7dff405f936143c1bda9038ad674beb205d46610583989cf57c42
GET /ez/includes/source/Covid19/HB86%20Website%20teaser.PNG HTTP/1.1
Host: members.mmaoffice.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:49 GMT
Server: Apache
Last-Modified: Tue, 12 May 2020 17:42:14 GMT
Accept-Ranges: bytes
Content-Length: 1080656
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:49 GMT
Vary: User-Agent
Keep-Alive: timeout=2, max=498
Connection: Keep-Alive
Content-Type: image/png
|
|
| 69.167.186.102/favicon.ico | 69.167.186.102 | 200 OK | 109 B |
URL HTTP/1.169.167.186.102/favicon.ico IP69.167.186.102:0
File typeMS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data Hash46ad15314f6a33ba0163d52b191a8a16 1c98195b28cd321060000968c95f498511612c86 1aaa47b5fd78e3ca722689812499dff863d7271e7bcca8d42148134f5dce3e28
| Analyzer | Verdict | Alert |
|---|
| quad9 | Sinkholed | |
GET /favicon.ico HTTP/1.1
Host: 69.167.186.102
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Date: Sun, 04 Dec 2022 22:14:50 GMT
Server: Apache
Last-Modified: Sat, 11 Aug 2012 01:17:58 GMT
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 22:14:50 GMT
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 109
Keep-Alive: timeout=2, max=495
Connection: Keep-Alive
Content-Type: image/x-icon
|
|
| www.google-analytics.com/j/collect?v=1&_v=j98&a=1640886154&t=pageview&_s=1&dl=http%3A%2F%2F69.167.186.102%2F&ul=en-us&de=UTF-8&dt=Montana%20Medical%20Association&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=291026967&gjid=1773862320&cid=505311101.1670192088&tid=UA-123257323-1&_gid=796585028.1670192088&_r=1>m=2oubu0&z=162845608 | 216.239.36.178 | 200 OK | 1 B |
URL HTTP/2www.google-analytics.com/j/collect?v=1&_v=j98&a=1640886154&t=pageview&_s=1&dl=http%3A%2F%2F69.167.186.102%2F&ul=en-us&de=UTF-8&dt=Montana%20Medical%20Association&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=291026967&gjid=1773862320&cid=505311101.1670192088&tid=UA-123257323-1&_gid=796585028.1670192088&_r=1>m=2oubu0&z=162845608 IP216.239.36.178:0
File typevery short file (no magic) Hashc4ca4238a0b923820dcc509a6f75849b 356a192b7913b04c54574d18c28d46e6395428ab 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?v=1&_v=j98&a=1640886154&t=pageview&_s=1&dl=http%3A%2F%2F69.167.186.102%2F&ul=en-us&de=UTF-8&dt=Montana%20Medical%20Association&sd=24-bit&sr=1280x1024&vp=1268x939&je=0&_u=YEBAAUABAAAAACAAI~&jid=291026967&gjid=1773862320&cid=505311101.1670192088&tid=UA-123257323-1&_gid=796585028.1670192088&_r=1>m=2oubu0&z=162845608 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://69.167.186.102
Connection: keep-alive
Referer: http://69.167.186.102/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: http://69.167.186.102
date: Sun, 04 Dec 2022 22:14:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
|
|
| servedbyadbutler.com/adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;rct=1;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER | 116.202.46.88 | 200 OK | 801 B |
URL HTTP/1.1servedbyadbutler.com/adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;rct=1;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
File typeHTML document, ASCII text, with very long lines (1574) Hash04310ad4cdb6ba6ad1fb6943f354fc28 e960b86f0fe9ad9dc0e99bd0e7f6bf756515c743 d42c5e37502e652175f63341cad799060aeeb3491b91aa33c2295689a942de40
GET /adserve/;ID=165731;size=675x100;setID=226724;type=async;domid=placement_226724_0;place=0;pid=2059410;sw=1280;sh=1024;spr=1;rnd=2059410;rct=1;referrer=http%3A%2F%2F69.167.186.102%2F;atf=1;click=CLICK_MACRO_PLACEHOLDER HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:54 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| servedbyadbutler.com/adserve/;MID=165731;type=e959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089710;hc=1df5fe21fb943687223f974b8ef32678ba20104e | 116.202.46.88 | 200 OK | 20 B |
URL HTTP/1.1servedbyadbutler.com/adserve/;MID=165731;type=e959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089710;hc=1df5fe21fb943687223f974b8ef32678ba20104e IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /adserve/;MID=165731;type=e959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089710;hc=1df5fe21fb943687223f974b8ef32678ba20104e HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://69.167.186.102
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:54 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://69.167.186.102
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|
| servedbyadbutler.com/getad.img/;libID=2406183 | 116.202.46.88 | 200 OK | 49 kB |
URL HTTP/1.1servedbyadbutler.com/getad.img/;libID=2406183 IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
File typeJPEG image data, baseline, precision 8, 675x100, components 3\012- data Hashde45d7e2e9ecb8bdd6314d4a946b71e6 65955de9140e28947744c9d58f79effdc0e84d77 bff6d2065d1f0600c278cc677b99c2bb85d4c32e21f83e6897ad5f42d7db8bc6
GET /getad.img/;libID=2406183 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:54 GMT
Content-Type: image/jpeg
Content-Length: 49396
Last-Modified: Wed, 21 Apr 2021 11:26:21 GMT
Connection: keep-alive
Cache-Control: max-age=31536000
Expires: Mon, 04 Dec 2023 14:14:54 PST
Content-Disposition: inline; filename="UMIA - Ad 675x100.jpg"
ETag: "60800bdd-c0f4"
Access-Control-Allow-Origin: http://69.167.186.102
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
|
|
| servedbyadbutler.com/adserve/;MID=165731;type=v959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089695;hc=a4480c0153c9e3dd2bca09474aa5b41dfb8a7ba8 | 116.202.46.88 | 200 OK | 20 B |
URL HTTP/1.1servedbyadbutler.com/adserve/;MID=165731;type=v959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089695;hc=a4480c0153c9e3dd2bca09474aa5b41dfb8a7ba8 IP116.202.46.88:0 ASN#24940 Hetzner Online GmbH
Hash7029066c27ac6f5ef18d660d5741979a 46c6643f07aa7f6bfe7118de926b86defc5087c4 59869db34853933b239f1e2219cf7d431da006aa919635478511fabbfc8849d2
GET /adserve/;MID=165731;type=v959fb862;placementID=1773503;setID=226724;channelID=0;CID=651306;BID=520656182;TAID=0;place=0;referrer=http%3A%2F%2F69.167.186.102%2F;mt=1670192094089695;hc=a4480c0153c9e3dd2bca09474aa5b41dfb8a7ba8 HTTP/1.1
Host: servedbyadbutler.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://69.167.186.102
Connection: keep-alive
Referer: http://69.167.186.102/
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 04 Dec 2022 22:14:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="ALL DSP COR CUR ADMi DEVi CONi TELi OUR BUS UNI PRE"
Expires: Mon, 26 Jul 1997 05:00:00 GMT
Cache-Control: post-check=0, pre-check=0
Pragma: no-cache
X-Content-Type-Options: nosniff
Access-Control-Allow-Origin: http://69.167.186.102
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
|
|