r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7af19a5145a4ee99bdf18831bad04bfd
7bdd2a4785b999ef54a2644211d2b2b7190fb8e1
3237bf0111ecdec3615c4d2d49a602f48f800335d0194f52b600bdaefbd63ed0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3237BF0111ECDEC3615C4D2D49A602F48F800335D0194F52B600BDAEFBD63ED0"
Last-Modified: Thu, 30 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12778
Expires: Thu, 30 Mar 2023 08:16:28 GMT
Date: Thu, 30 Mar 2023 04:43:30 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b93010cbf31ba3ec785b4088e5d0f529
c0f1ab8a2aae3c445a8f24959a4eea433a345caf
2cc1a5865dee7636b82a68deddd3aff8b697e846e37789a694cc3c7c47340590
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2CC1A5865DEE7636B82A68DEDDD3AFF8B697E846E37789A694CC3C7C47340590"
Last-Modified: Wed, 29 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11697
Expires: Thu, 30 Mar 2023 07:58:27 GMT
Date: Thu, 30 Mar 2023 04:43:30 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Backoff, Content-Length, Retry-After, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 30 Mar 2023 04:16:03 GMT
content-type: application/json
age: 1647
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c0d9353dc46e88bf564ed464b0b073c7
0b5ce170e7db24267a3ba5b79a48548b1acd2e5b
7c7ef189b14109b44aa96454ea1b94bcbd3d69599cc7ba429f8234f6acd88a9b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7C7EF189B14109B44AA96454EA1B94BCBD3D69599CC7BA429F8234F6ACD88A9B"
Last-Modified: Mon, 27 Mar 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10078
Expires: Thu, 30 Mar 2023 07:31:28 GMT
Date: Thu, 30 Mar 2023 04:43:30 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: hV70znr8RvVasjAmbokn2keC2LfrYK6Yn1x+HqgS09pbh/PzK+IMI92T4Oaa/lwhh5BNExpumTY=
x-amz-request-id: 0NDCTPC0Q7T6G9NN
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 30 Mar 2023 03:56:53 GMT
age: 2797
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ehb311.com/event/kyouiku/20190302
142.111.82.173200 OK 9.2 kB URL HTTP/1.1 ehb311.com/event/kyouiku/20190302
IP 142.111.82.173:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Non-ISO extended-ASCII text, with very long lines (1574), with CRLF, LF line terminators
Hash b7f8d5f34fc91c762b4af167dbd1deb5
c3e114c5da2609e0917c640d26e2ce6378c8a6df
2d794e10453f14a07c21aba326d10e1a45ee7378a2fa8201c59ab82c93ea2029
Analyzer Verdict Alert fortinet Phishing
GET /event/kyouiku/20190302 HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/html; charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Set-Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 30 Mar 2023 04:43:30 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 04:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=G-EG3DXRCC0M
142.250.74.168200 OK 84 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-EG3DXRCC0M
IP 142.250.74.168:0
File type ASCII text, with very long lines (30260)
Hash 95323a0928ba9770bc4ac60d3e20382a
3ad5d6e61805ecbfcf1f4b43822f03a6f9baa676
82264ad3a7694adf510b6f1ab264599450c61fc77f1e8ff2d42019460bb7c130
GET /gtag/js?id=G-EG3DXRCC0M HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ehb311.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 30 Mar 2023 04:43:30 GMT
expires: Thu, 30 Mar 2023 04:43:30 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83712
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash f6b3bb903e6f7394985c0ae662919208
ee3cb0fbd0017ed3a001ce195bc0cfa386979567
c6b84721f8ea52808c9884b612ffeaa16fe1e14345d9561135fbcf738a56dd2b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 30 Mar 2023 04:43:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ae064c74a3769d42109473ad05d56fb9
d48029ab8568cee6ab7416d3b476ed792d780a56
9852216f395a42f7b4792e852f9f9fa83e07d917a979237d5d7406a1d74edc4f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9852216F395A42F7B4792E852F9F9FA83E07D917A979237D5D7406A1D74EDC4F"
Last-Modified: Wed, 29 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11097
Expires: Thu, 30 Mar 2023 07:48:27 GMT
Date: Thu, 30 Mar 2023 04:43:30 GMT
Connection: keep-alive
sdk.51.la/js-sdk-pro.min.js
47.253.50.2200 OK 13 kB URL HTTP/1.1 sdk.51.la/js-sdk-pro.min.js
IP 47.253.50.2:0
ASN #45102 Alibaba US Technology Co., Ltd.
File type Unicode text, UTF-8 text, with very long lines (34110)
Hash 29243483fe441404931c046d27be80a6
92a0c68b0169eff0addb8cc05a53f6e009d41d47
4865f22b0a68c6a0a6c2d3cbedb9a190ffbea105c4f1e2a5806172919456f3b1
GET /js-sdk-pro.min.js HTTP/1.1
Host: sdk.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/
HTTP/1.1 200 OK
Server: openresty
Date: Thu, 30 Mar 2023 04:43:30 GMT
Content-Type: application/javascript; charset=utf-8
Last-Modified: Tue, 10 Jan 2023 04:34:55 GMT
Transfer-Encoding: chunked
Connection: keep-alive
ETag: W/"63bceaef-861a"
Cache-Control: max-age=1296000
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Last-Modified, Alert, Backoff, Content-Type, ETag, Cache-Control, Retry-After, Expires, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 30 Mar 2023 04:14:37 GMT
age: 1733
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ehb311.com/++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/build/colorpicker.min.css
142.111.82.173200 OK 468 B URL HTTP/1.1 ehb311.com/++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/build/colorpicker.min.css
IP 142.111.82.173:0
File type ASCII text, with very long lines (976), with no line terminators
Hash 02edb481516e0ea495d3cfb3bb080318
243f43f8d620e22eb67f08aa19174fe7fb7a9aaf
ab91c4f3dd3fb20afedb12d9b9fc9bfc2ae374dffa2270b4b76ad4018433b34b
GET /++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/build/colorpicker.min.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
push.services.mozilla.com/
34.117.65.55101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.117.65.55:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: RpnXEYyYI7OnxP5IRPNO0A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: UHaBpgzRpMnKWJ4/9JOi/eucpQI=
Date: Thu, 30 Mar 2023 04:43:31 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ehb311.com/++resource++kumadai_resource/kumadaiCustom.css
142.111.82.173200 OK 1.8 kB URL HTTP/1.1 ehb311.com/++resource++kumadai_resource/kumadaiCustom.css
IP 142.111.82.173:0
File type Non-ISO extended-ASCII text
Hash 1a14c98b03105226883d0c8141aa8400
af5fb8cad7fc1084f2a3a539df6873e1015f5b7f
d9d5512a3df45290a239202d21d7d4284af00e1412954cb734e1a553fb188db0
GET /++resource++kumadai_resource/kumadaiCustom.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/ceng.js
142.111.82.173200 OK 39 kB IP 142.111.82.173:0
File type HTML document, ASCII text, with very long lines (32077), with CRLF line terminators
Hash 50334342ebdd1a1d297afaa50cc6da94
32d5232e3113ef75654bf50aa6edd76b0ecc2a26
f9d80e906fdcc0ea09d85f93931a0e718c84b85282e521d93a21aab80bc99068
Analyzer Verdict Alert fortinet Phishing
GET /ceng.js HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: application/javascript
Last-Modified: Tue, 22 Nov 2022 12:54:21 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"637cc67d-1800c"
Content-Encoding: gzip
ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
142.111.82.173200 OK 22 kB URL HTTP/1.1 ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
IP 142.111.82.173:0
File type Unicode text, UTF-8 text, with very long lines (540)
Hash a31e6cd4a34c37e960ee5b6e23531901
39ebeed02b17b19b1494a5d22eb7a8250e50774c
c8504e1c0b1753d5b53fb9ab4c6ee365a5032603fa582367548e4616a199c022
GET /++theme++barceloneta/less/barceloneta-compiled.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/bower_components/mjolnic-bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css
142.111.82.173200 OK 1.2 kB URL HTTP/1.1 ehb311.com/++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/bower_components/mjolnic-bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css
IP 142.111.82.173:0
Hash b95433ca66dc2cb42d26912cd67f10f7
8edefa4ce77b6c43d8068486bbc89c2eed0f72f6
e058a2ee1e8dd9fb8ae30ebe0d98e1d16179de4556fcf66d584893d38f2b58c9
GET /++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/bower_components/mjolnic-bootstrap-colorpicker/dist/css/bootstrap-colorpicker.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/++plone++colorpicker.static/++unique++2018-02-15%2017%3A55%3A59.614087/build/colorpicker.min.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/++theme++kumadai_theme/html/assets/css/base.css
142.111.82.173200 OK 32 kB URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/css/base.css
IP 142.111.82.173:0
File type ISO-8859 text, with very long lines (47050)
Hash cc02529fa34221cacd10bb9d529972e7
911b9107abbd0ca7758af04a70b6ec5a5749f5c3
f6385ca2e4bf23bb3c3dc727b9c32017b0c80445351a7aae12c806aeee3f986e
GET /++theme++kumadai_theme/html/assets/css/base.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/++plone++production/++unique++2018-04-05T14:40:54.663497/default.css
142.111.82.173200 OK 157 kB URL HTTP/1.1 ehb311.com/++plone++production/++unique++2018-04-05T14:40:54.663497/default.css
IP 142.111.82.173:0
File type ASCII text, with very long lines (45809)
Size 157 kB (157002 bytes)
Hash 67e5fb7a147ee51a1e486882622b61fa
6fb50c33f622ee0007ba33d267482c1b819e1fc2
ffc3223354f82be8bd4f58226e2310b9fc779a7bfc022adeecfce66feca5181c
GET /++plone++production/++unique++2018-04-05T14:40:54.663497/default.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:20 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/event/kyouiku/kyouiku_file/mlqewg/@@images/3626de64-efff-4c13-aac2-534868b97304.png
142.111.82.173404 Not Found 162 B URL HTTP/1.1 ehb311.com/event/kyouiku/kyouiku_file/mlqewg/@@images/3626de64-efff-4c13-aac2-534868b97304.png
IP 142.111.82.173:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /event/kyouiku/kyouiku_file/mlqewg/@@images/3626de64-efff-4c13-aac2-534868b97304.png HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 404 Not Found
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
ehb311.com/++theme++kumadai_theme/html/assets/img/common/youtube.png
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/img/common/youtube.png
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /++theme++kumadai_theme/html/assets/img/common/youtube.png HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/youtube.png
ehb311.com/++theme++kumadai_theme/html/assets/img/common/h_logo_pc.svg
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/img/common/h_logo_pc.svg
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /++theme++kumadai_theme/html/assets/img/common/h_logo_pc.svg HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_pc.svg
ehb311.com/++theme++kumadai_theme/html/assets/img/common/h_logo_sp.svg
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/img/common/h_logo_sp.svg
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /++theme++kumadai_theme/html/assets/img/common/h_logo_sp.svg HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_sp.svg
ehb311.com/++theme++kumadai_theme/html/assets/img/common/twitter.png
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/img/common/twitter.png
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /++theme++kumadai_theme/html/assets/img/common/twitter.png HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter.png
ehb311.com/++theme++kumadai_theme/html/assets/img/common/twitter_white.png
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/++theme++kumadai_theme/html/assets/img/common/twitter_white.png
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /++theme++kumadai_theme/html/assets/img/common/twitter_white.png HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter_white.png
ehb311.com/++resource++kumadai_resource/print.css
142.111.82.173200 OK 202 B URL HTTP/1.1 ehb311.com/++resource++kumadai_resource/print.css
IP 142.111.82.173:0
Hash 7240be46b7de53f54e3edfff80956aa7
9bfad0e43136c82ff31d5c950b973f65666e699a
ca44571735b9e2c325d3f5adc18ec220d19cc3564f40ad0f22dd745175319d23
GET /++resource++kumadai_resource/print.css HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: text/css;charset=gbk
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Encoding: gzip
ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-mediumitalic.woff
142.111.82.173200 OK 97 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-mediumitalic.woff
IP 142.111.82.173:0
File type Web Open Font Format, TrueType, length 97152, version 1.0\012- data
Hash 79d0ac142fec4e83b34395f132de3442
fbbd20a2804f53b7c46c4d36c570cf3740a8a177
b8ff8e4921407aefe8086401f2a05045de8067859d1311c0cc38fff1cca4eead
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-mediumitalic.woff HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
push.zhanzhang.baidu.com/push.js
182.61.240.101200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.240.101:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Thu, 30 Mar 2023 04:43:32 GMT
Etag: "4078521116"
Expires: Fri, 29 Mar 2024 04:43:32 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=2A099A14EDB6306C2943D799A03BB8C4:FG=1; max-age=31536000; expires=Fri, 29-Mar-24 04:43:32 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
ehb311.com/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/iconfont/MaterialIcons-Regular.woff2
142.111.82.173200 OK 44 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/iconfont/MaterialIcons-Regular.woff2
IP 142.111.82.173:0
File type Web Open Font Format (Version 2), TrueType, length 44300, version 1.720\012- data
Hash 570eb83859dc23dd0eec423a49e147fe
09963592e8c953cc7e14e3fb0a5b05d5042e8435
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/iconfont/MaterialIcons-Regular.woff2 HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++kumadai_theme/html/assets/css/base.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: application/font-woff2
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
zerossl.ocsp.sectigo.com/
172.64.155.188200 OK 728 B URL HTTP/1.1 zerossl.ocsp.sectigo.com/
IP 172.64.155.188:0
Hash 529564482eebe2eab5c4708a5e87b142
c5a78bc6e9f3a14644a8f5139b37bce5980a998b
643d08fa9c2248826c684a867ce8607fe9078c99920f2c1d3c4e00d197aa9a60
POST / HTTP/1.1
Host: zerossl.ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:32 GMT
Content-Type: application/ocsp-response
Content-Length: 728
Connection: keep-alive
Last-Modified: Mon, 27 Mar 2023 20:55:41 GMT
Expires: Mon, 03 Apr 2023 20:55:40 GMT
Etag: "c5a78bc6e9f3a14644a8f5139b37bce5980a998b"
Cache-Control: max-age=403327,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7afdb1359c24b4fa-OSL
ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff
142.111.82.173200 OK 89 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff
IP 142.111.82.173:0
File type Web Open Font Format, TrueType, length 89376, version 1.0\012- data
Hash 5102655eb0dc241b62ff3f33107c32d6
10c864502672e02e826439f443504df3c5c6d66f
67631ff0d8286a05227fe6143fb3ad588cb3752f6237067a2ad499b1426efbdc
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-bold.woff
142.111.82.173200 OK 96 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-bold.woff
IP 142.111.82.173:0
File type Web Open Font Format, TrueType, length 95628, version 1.0\012- data
Hash 7ca7d2b0ff69cb279649e4b0554b638a
7608e62f2ed61386a07a665dd68af31b44203366
828f4c1b3de1b4352ca1a638e233ea1fc5b4c76485fc4492fe161e782f5697a9
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-bold.woff HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff
142.111.82.173200 OK 89 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff
IP 142.111.82.173:0
File type Web Open Font Format, TrueType, length 89376, version 1.0\012- data
Hash 5102655eb0dc241b62ff3f33107c32d6
10c864502672e02e826439f443504df3c5c6d66f
67631ff0d8286a05227fe6143fb3ad588cb3752f6237067a2ad499b1426efbdc
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-medium.woff HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303; _ga_EG3DXRCC0M=GS1.1.1680151436.1.0.1680151436.0.0.0; _ga=GA1.1.434663480.1680151436
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:22 GMT
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-regular.woff
142.111.82.173200 OK 95 kB URL HTTP/1.1 ehb311.com/%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-regular.woff
IP 142.111.82.173:0
File type Web Open Font Format, TrueType, length 94784, version 1.0\012- data
Hash 300b2120fb40627d21df25101c9de31b
eb625210eccf6aafa24e2bd8ff06128dc3c45b96
3f748b769d14728de3792bdf17b523c0e51bf7e4ec79c96f06b84a11ed350ba1
Analyzer Verdict Alert fortinet Phishing
GET /%2B%2Btheme%2B%2Bbarceloneta/less/roboto/roboto-regular.woff HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://ehb311.com/++theme++barceloneta/less/barceloneta-compiled.css
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303
HTTP/1.1 200 OK
Server: nginx
Date: Thu, 30 Mar 2023 12:13:21 GMT
Content-Type: application/font-woff
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
api.share.baidu.com/s.gif?l=http://ehb311.com/event/kyouiku/20190302
112.34.113.148200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://ehb311.com/event/kyouiku/20190302
IP 112.34.113.148:0
ASN #9808 China Mobile Communications Group Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://ehb311.com/event/kyouiku/20190302 HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Thu, 30 Mar 2023 04:43:32 GMT
collect-v6.51.la/v6/collect?dt=4
103.143.19.103403 0 B URL HTTP/1.1 collect-v6.51.la/v6/collect?dt=4
IP 103.143.19.103:0
ASN #4837 CHINA UNICOM China169 Backbone
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v6/collect?dt=4 HTTP/1.1
Host: collect-v6.51.la
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Length: 414
Origin: http://ehb311.com
Connection: keep-alive
Referer: http://ehb311.com/
HTTP/1.1 403
Server: CloudWAF
Date: Thu, 30 Mar 2023 04:43:32 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: HWWAFSESID=54ca6895cecb478a072; path=/
HWWAFSESTIME=1680151411021; path=/
Vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Origin: http://ehb311.com
Access-Control-Allow-Credentials: true
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17637
Expires: Thu, 30 Mar 2023 09:37:30 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17637
Expires: Thu, 30 Mar 2023 09:37:30 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17713
Expires: Thu, 30 Mar 2023 09:38:46 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 195589ff3c6c50463257f10da16de114
7119aeba010d5c5c224fa544feff6f1761739929
dbb5774621e0eee6f9641f6078a650a78d281019726ade7a52c150f0988cd12b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DBB5774621E0EEE6F9641F6078A650A78D281019726ADE7A52C150F0988CD12B"
Last-Modified: Wed, 29 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17713
Expires: Thu, 30 Mar 2023 09:38:46 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76c71571a378e261334e5acb723634ab
f1234c280364b6fe1dcf9c6c64edadc235108c4b
97544d600ab1ae204b169c3b7ba2a74df689b6c711a003d72f0934165d8a3e25
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ed4a5c5-fe11-4f30-864e-2116aae51642.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5395
x-amzn-requestid: ff3218dc-8754-4568-8e42-0885cb7e5d06
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA0BFYNoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7f-127129cf3776a60c333d205c;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:47 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: fuA8SDAQ_x_o-yVDQ8_j62FOzcHxGxc6su8QmqMl-sJFc9SImy7ucA==
via: 1.1 8dbfaf7df256a75768461d934659b6b2.cloudfront.net (CloudFront), 1.1 ef6538ee7be7b17c84d06edb0f4c0a1a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:55:44 GMT
age: 24469
etag: "f1234c280364b6fe1dcf9c6c64edadc235108c4b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
region1.google-analytics.com/g/collect?v=2&tid=G-EG3DXRCC0M>m=45je33r0&_p=1683946955&cid=434663480.1680151436&ul=en-us&sr=1280x1024&_s=1&sid=1680151436&sct=1&seg=0&dl=http%3A%2F%2Fehb311.com%2Fevent%2Fkyouiku%2F20190302&dt=2019%E3%80%80%E7%AE%97%E6%95%B0%3F%E6%95%B0%E5%AD%A6%E3%82%B5%E3%83%AD%E3%83%B3%E3%82%92%E9%96%8B%E5%82%AC%E3%81%97%E3%81%BE%E3%81%99%20%7C%20%E7%86%8A%E6%9C%AC%E5%A4%A7%E5%AD%A6_%E4%B8%AD%E5%9B%BD%E8%B6%B3%E5%BD%A9%E5%9C%A8%E7%BA%BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-EG3DXRCC0M>m=45je33r0&_p=1683946955&cid=434663480.1680151436&ul=en-us&sr=1280x1024&_s=1&sid=1680151436&sct=1&seg=0&dl=http%3A%2F%2Fehb311.com%2Fevent%2Fkyouiku%2F20190302&dt=2019%E3%80%80%E7%AE%97%E6%95%B0%3F%E6%95%B0%E5%AD%A6%E3%82%B5%E3%83%AD%E3%83%B3%E3%82%92%E9%96%8B%E5%82%AC%E3%81%97%E3%81%BE%E3%81%99%20%7C%20%E7%86%8A%E6%9C%AC%E5%A4%A7%E5%AD%A6_%E4%B8%AD%E5%9B%BD%E8%B6%B3%E5%BD%A9%E5%9C%A8%E7%BA%BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-EG3DXRCC0M>m=45je33r0&_p=1683946955&cid=434663480.1680151436&ul=en-us&sr=1280x1024&_s=1&sid=1680151436&sct=1&seg=0&dl=http%3A%2F%2Fehb311.com%2Fevent%2Fkyouiku%2F20190302&dt=2019%E3%80%80%E7%AE%97%E6%95%B0%3F%E6%95%B0%E5%AD%A6%E3%82%B5%E3%83%AD%E3%83%B3%E3%82%92%E9%96%8B%E5%82%AC%E3%81%97%E3%81%BE%E3%81%99%20%7C%20%E7%86%8A%E6%9C%AC%E5%A4%A7%E5%AD%A6_%E4%B8%AD%E5%9B%BD%E8%B6%B3%E5%BD%A9%E5%9C%A8%E7%BA%BF&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://ehb311.com
Connection: keep-alive
Referer: http://ehb311.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://ehb311.com
date: Thu, 30 Mar 2023 04:43:33 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 424b55535e5fd622b2fc96aac1246324
cf7cf08aa8969a86bf03695af2129686fd62fe86
c4bb26a7b2c431282b53b4df9999b9cc8e61369a79c606688a76499b31a65127
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8b95f765-7590-4263-b0a3-4db9c87a60df.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10271
x-amzn-requestid: db0d1fe4-060a-4e61-90f3-ec9befee1295
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkBoXGh5oAMFfzw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424afce-2e9251552b4acdcb19e02dfc;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:38:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: 1cXec9_e-KpzyTwiHaNAaf0y5i12tw7BkZTXnduS5ek7yAAZ0LXTWw==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d0387b833e3ca8cb748a1296b4b4bf2a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 24926
etag: "cf7cf08aa8969a86bf03695af2129686fd62fe86"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aa4bea27e3e3b648176b5d87c919422d
1aa537444512644c9e5ddbb732cb310e5d3f3a26
28706ef531eabf37199ce8160884b6abe9220809e6217000883a0d9f0a23e93d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F68adff46-2278-4660-8b41-0719f5eb19f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5108
x-amzn-requestid: 8d187151-2480-477a-82d9-fa5c96dd61db
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkA6THX9IAMFhrw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424aea7-5e5a11746610faac7bb883bb;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:33:28 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: RC7BCyW_QitX-xaWwVn_7qcPD_Qu2dIwr2l_rD3HvHT_812xzmU8vw==
via: 1.1 ee32c7a76e2727d565413cc6c352ef48.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:56:53 GMT
age: 24400
etag: "1aa537444512644c9e5ddbb732cb310e5d3f3a26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8e1065-070f-4a75-9c06-c56522838c4e.jpeg
34.120.237.76200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8e1065-070f-4a75-9c06-c56522838c4e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6cdab206be6e9763d51d026e0ea32b0b
d8fb15608037e2f79eb4837c82e77180b255577c
4b7447d265f270a76935147595789a125eecf85f7ed132f957be352a9d9369bf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c8e1065-070f-4a75-9c06-c56522838c4e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8070
x-amzn-requestid: 2cf4043c-6e0f-4629-8ba6-d8e1fbda6317
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CexHSEYwoAMFhFg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64229561-7533648a56c513c01dbb5eb7;Sampled=0
x-amzn-remapped-date: Tue, 28 Mar 2023 07:21:05 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: P7yvceflvC_u7o505d202vCjTutsKo26wxJhOpZLV3b_cNp39m_IBA==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 ec2a2c75c16156e4d43504606c118b90.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 08:10:34 GMT
age: 73979
etag: "d8fb15608037e2f79eb4837c82e77180b255577c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e17677df3c62e2528f78149356f707fa
ed990a670d1b5f33e42e1927266c82d1532b2c75
3f23e0cf1a3b09c3747e5ac9917793d7035b3195a085d1e34777c5f3f09ce72c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0d272e70-53f2-46d1-82a2-713d0539212f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13563
x-amzn-requestid: 61cfd396-07a1-451f-81df-868644a5e653
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAymEFOIAMFW3g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae76-7adecc212066dc3c5252eb2f;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:38 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Extt8zdIR6UvGVHhCFtOEZnFHXHvS0QdwQNgFGMclIDrMdmHO-5UUg==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:48:07 GMT
age: 24926
etag: "ed990a670d1b5f33e42e1927266c82d1532b2c75"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1e861b518e06e17ce657c5f9fc15daf
214322b88798120159ab55c7121c8775727b8fc7
3438eb2b7e18d784416c139b42c036eefff3759602e4ce553815c628e1cb5016
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F611db66e-eb19-4ce3-9ee4-93c32afc29a5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8795
x-amzn-requestid: 33d91f7c-7d04-405b-8060-33e438ed09f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CkAz2GwKoAMFW5A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6424ae7e-54ba3517206ac61c50167c3e;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Wed, 29 Mar 2023 21:32:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: UlRpbu9inpiwKEkyo7rthLcsidkdF4_CJtp4l4Q0EbXMB-75e61rBg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 1570d93226c1bbca2ebaad510cff3e0c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 29 Mar 2023 21:54:44 GMT
age: 24529
etag: "214322b88798120159ab55c7121c8775727b8fc7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter.png
54.230.111.59200 OK 6.2 kB URL HTTP/2 www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter.png
IP 54.230.111.59:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fd9b71b3e7b1d485cf9082065fa3ae5
b21140de4265b3653eafb93ed06207f10492564b
dd77a2240ed71d395e06f2ea8d75736538c39d9c7ce5bae4866112599c5c5c89
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter.png HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 6249
date: Wed, 29 Mar 2023 15:06:08 GMT
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Thu, 30 Mar 2023 15:06:08 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 87SWtOEWcSpsNX8QaoY6S4avc1CdOehqcrU6uWTjUMlk7ZzFHPRcng==
age: 49045
X-Firefox-Spdy: h2
www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter_white.png
54.230.111.59200 OK 5.7 kB URL HTTP/2 www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter_white.png
IP 54.230.111.59:0
File type PNG image data, 400 x 400, 8-bit/color RGBA, non-interlaced\012- data
Hash 3282b64144e9a751cd5d8cfd0a480b7b
0499d4b316585c178716dfe7ed68f140a10feb38
8a63774940049282432014517840b242ecf69f69608de5767790953431a36df0
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/twitter_white.png HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 5744
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Thu, 30 Mar 2023 01:22:48 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
date: Thu, 30 Mar 2023 01:37:09 GMT
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8ilWmV8EuRPugNxfBECODd2E4MvjI-Rj0aOlQyJVtpSjmIImmPMZAQ==
age: 11184
X-Firefox-Spdy: h2
www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_pc.svg
54.230.111.59200 OK 5.7 kB URL HTTP/2 www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_pc.svg
IP 54.230.111.59:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (5672), with no line terminators
Hash 193f71d844b3ab5be8526f15cdc9480b
b64942ce7a90dc3bc2af838a31ee770c19b72787
a12be4a626c48eff032888081b1bb84463b4441c671d4a0ee1360fcaab2913e7
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_pc.svg HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 5672
date: Wed, 29 Mar 2023 15:06:08 GMT
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Thu, 30 Mar 2023 15:06:08 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: byUNPTHPrVmBgIPgkGZZoOcZXLC5GA7A4xZOjlRDLc0gXmsAZ81NIg==
age: 49045
X-Firefox-Spdy: h2
www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/youtube.png
54.230.111.59200 OK 2.3 kB URL HTTP/2 www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/youtube.png
IP 54.230.111.59:0
File type PNG image data, 64 x 64, 8-bit/color RGBA, non-interlaced\012- data
Hash c2c5ecabfe6f634801f1c636431e5dc8
2f958a661a8f5dedc3e2c52ae4ad35c09c792287
6b7db0f8ed6a2c7283796cac9c287efc13125f6f1420b2d0260d88d764f72123
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/youtube.png HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 2301
server: nginx
x-cache-operation: plone.app.caching.strongCaching
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
date: Thu, 30 Mar 2023 04:43:33 GMT
expires: Thu, 30 Mar 2023 01:22:48 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rJ2dPsqe1IbT5_18OVT_u2HiNu9Gx42XEFrVylW4zofuM4PGUaLkww==
age: 11184
X-Firefox-Spdy: h2
www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_sp.svg
54.230.111.59200 OK 5.3 kB URL HTTP/2 www.kumamoto-u.ac.jp/%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_sp.svg
IP 54.230.111.59:0
File type SVG Scalable Vector Graphics image\012- HTML document text\012- HTML document, ASCII text, with very long lines (5331), with no line terminators
Hash 7de4134c0904fe07a20f5c81a03ed10d
7bd3e9961a7ece0bab8fdc737d0e33fba2359124
5c0103f67edc350c6b47575e9e553948040006e4ded2e7eb0aab9b604000f589
GET /%2B%2Btheme%2B%2Bkumadai_theme/html/assets/img/common/h_logo_sp.svg HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 5331
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Wed, 29 Mar 2023 14:31:21 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
date: Wed, 29 Mar 2023 15:06:08 GMT
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h89AIFedZAzKsuNhmaFgH3niGg63I9WlzcvhP4yp90bBpprS_6PGZw==
age: 49045
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2930a92c69c07868de40859ed0bc9855
5c78a194b2c24561809daa00f2dae8def73dc119
497af138e2004a6a5bea5fcc5acdb8e76192692a35633da2c60518409889255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "497AF138E2004A6A5BEA5FCC5ACDB8E76192692A35633DA2C60518409889255B"
Last-Modified: Tue, 28 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21527
Expires: Thu, 30 Mar 2023 10:42:20 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2930a92c69c07868de40859ed0bc9855
5c78a194b2c24561809daa00f2dae8def73dc119
497af138e2004a6a5bea5fcc5acdb8e76192692a35633da2c60518409889255b
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "497AF138E2004A6A5BEA5FCC5ACDB8E76192692A35633DA2C60518409889255B"
Last-Modified: Tue, 28 Mar 2023 13:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Thu, 30 Mar 2023 10:43:33 GMT
Date: Thu, 30 Mar 2023 04:43:33 GMT
Connection: keep-alive
www.y666.net/tu/images/241.jpg
156.234.162.78200 OK 53 kB URL HTTP/1.1 www.y666.net/tu/images/241.jpg
IP 156.234.162.78:0
ASN #136800 Sun Network Hong Kong Limited - HongKong Backbone
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=1, software=www.mmjpg.com], baseline, precision 8, 220x330, components 3\012- data
Hash 03b9f53ea08cfe1714c22723f053581f
c7c2f88bdf0f372fc79792981bc0651c56221157
a87124b9e09ae63b2a5067bddc50d20495156ae1e1bfcd3e8901797d3b398a7c
GET /tu/images/241.jpg HTTP/1.1
Host: www.y666.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ehb311.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:32 GMT
Content-Type: image/jpeg
Content-Length: 53082
Connection: keep-alive
Last-Modified: Sun, 27 May 2018 12:08:12 GMT
Accept-Ranges: bytes
ETag: "ae535962b3f5d31:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
niig7rsa.ocsp.secom-cert.jp/
113.52.156.18200 OK 1.5 kB URL HTTP/1.1 niig7rsa.ocsp.secom-cert.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 18ba0ab168a946e16650a0bc5829d840
9ff5c5989693cecbc9ce1c647788b7d468676d68
545ec0287d54f88946b0caae516a650a62fccc446308c50592dddd17b74c1a44
POST / HTTP/1.1
Host: niig7rsa.ocsp.secom-cert.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:32 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Mon, 03 Apr 2023 04:26:15 GMT
Last-Modified: Thu, 30 Mar 2023 04:26:15 GMT
ETag: "18ba0ab168a946e16650a0bc5829d840"
X-Powered-By: ASP.NET
Content-Length: 1545
Connection: close
niig7rsa.ocsp.secom-cert.jp/
113.52.156.18200 OK 1.5 kB URL HTTP/1.1 niig7rsa.ocsp.secom-cert.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 18ba0ab168a946e16650a0bc5829d840
9ff5c5989693cecbc9ce1c647788b7d468676d68
545ec0287d54f88946b0caae516a650a62fccc446308c50592dddd17b74c1a44
POST / HTTP/1.1
Host: niig7rsa.ocsp.secom-cert.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:32 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Mon, 03 Apr 2023 04:26:15 GMT
Last-Modified: Thu, 30 Mar 2023 04:26:15 GMT
ETag: "18ba0ab168a946e16650a0bc5829d840"
X-Powered-By: ASP.NET
Content-Length: 1545
Connection: close
niig7rsa.ocsp.secom-cert.jp/
113.52.156.18200 OK 1.5 kB URL HTTP/1.1 niig7rsa.ocsp.secom-cert.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 8260794843a87932d7610b0551fba21e
db54760f9a829c707a90be487654d5d06ef1ab71
08a124d474990ce2be66b18ec83f45532005eb47c0f6b89ba2f6107b9f648d1b
POST / HTTP/1.1
Host: niig7rsa.ocsp.secom-cert.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:33 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Mon, 03 Apr 2023 04:06:12 GMT
Last-Modified: Thu, 30 Mar 2023 04:06:12 GMT
ETag: "8260794843a87932d7610b0551fba21e"
X-Powered-By: ASP.NET
Content-Length: 1545
Connection: close
daf2019.com/8/02/
154.88.21.113200 OK 345 B IP 154.88.21.113:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash bc1d8d371161d6c1461e94ccac77cc93
bb8775a37b4c244152fc658fb6002a4e9e6ec013
23cc3242733089f994c1acb8c6000a1b745e3327a3c9b02b36b3e8c4890b36be
Analyzer Verdict Alert openphish Bet365
fortinet Phishing
quad9 Sinkholed
GET /8/02/ HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ehb311.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:33 GMT
Content-Type: text/html
Content-Length: 345
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Sat, 19 Jan 2019 08:42:38 GMT
Accept-Ranges: bytes
ETag: "be6d17efd2afd41:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
ehb311.com/touch_icon.png
142.111.82.173302 Moved Temporarily 0 B URL HTTP/1.1 ehb311.com/touch_icon.png
IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /touch_icon.png HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303; _ga_EG3DXRCC0M=GS1.1.1680151436.1.0.1680151436.0.0.0; _ga=GA1.1.434663480.1680151436
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:23 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/touch_icon.png
daf2019.com/8/02/bet.html
154.88.21.113200 OK 3.9 kB URL HTTP/1.1 daf2019.com/8/02/bet.html
IP 154.88.21.113:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (442), with CRLF line terminators
Hash 64040c63224448ab1f38e7d1fb291046
748031741af1c7e6e0afba5533e45960db8cdd39
f297a63c0791e3fea4361c597cf10a74f052158287fca6e06f7940b3f4777786
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /8/02/bet.html HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:33 GMT
Content-Type: text/html
Content-Length: 3902
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Mon, 13 Mar 2023 09:32:48 GMT
Accept-Ranges: bytes
ETag: "0e03c68e55d91:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
www.kumamoto-u.ac.jp/touch_icon.png
54.230.111.59200 OK 14 kB URL HTTP/2 www.kumamoto-u.ac.jp/touch_icon.png
IP 54.230.111.59:0
File type PNG image data, 157 x 157, 8-bit/color RGBA, non-interlaced\012- data
Hash f6d909dac4fd30a29fe9e175d97d2ee3
355f742c78556e9a46c85bf1eacd0a3c97c2471d
7148500538a2b226033984ecddce14613c04f1d13185200daa3aa60ae385fd05
GET /touch_icon.png HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 13452
date: Thu, 30 Mar 2023 04:43:33 GMT
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Fri, 31 Mar 2023 04:43:33 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _io_cQp-ghfVRgSBguvbgtHFguBoRk4KNZVRmWZA7yryiKvEmtuSFw==
X-Firefox-Spdy: h2
daf2019.com/8/02/css/style.css
154.88.21.113200 OK 4.6 kB URL HTTP/1.1 daf2019.com/8/02/css/style.css
IP 154.88.21.113:0
File type Unicode text, UTF-8 (with BOM) text
Hash 25ebecd047dec16103864d32e1804f58
8a3213e7867d33899e332b559aec4227528ff4bf
e9319048a87ade52ae149bee12216c5af491d960ec3721945fddc95332fd015e
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/css/style.css HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: text/css
Content-Length: 4564
Connection: keep-alive
Content-Encoding: gzip
Last-Modified: Fri, 28 Dec 2018 06:54:01 GMT
Accept-Ranges: bytes
ETag: "80afb1c7a9ed41:0"
Vary: Accept-Encoding
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
ehb311.com/favicon.ico
142.111.82.173302 Moved Temporarily 0 B IP 142.111.82.173:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: ehb311.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ehb311.com/event/kyouiku/20190302
Cookie: PHPSESSID=5hq9lr2k1g3biasq8k1hie4gc7; __vtins__JxK7qHT4djLauLDR=%7B%22sid%22%3A%20%227986fdd6-22af-5536-826d-2dffc34d17dd%22%2C%20%22vd%22%3A%201%2C%20%22stt%22%3A%200%2C%20%22dr%22%3A%200%2C%20%22expires%22%3A%201680153236298%2C%20%22ct%22%3A%201680151436298%7D; __51uvsct__JxK7qHT4djLauLDR=1; __51vcke__JxK7qHT4djLauLDR=fcd02c1e-a389-5648-a7c9-56eb070f2283; __51vuft__JxK7qHT4djLauLDR=1680151436303; _ga_EG3DXRCC0M=GS1.1.1680151436.1.0.1680151436.0.0.0; _ga=GA1.1.434663480.1680151436
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Thu, 30 Mar 2023 12:13:23 GMT
Content-Type: image/jpeg; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.6.36
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Location: https://www.kumamoto-u.ac.jp/favicon.ico
www.kumamoto-u.ac.jp/favicon.ico
54.230.111.59200 OK 4.3 kB URL HTTP/2 www.kumamoto-u.ac.jp/favicon.ico
IP 54.230.111.59:0
File type MS Windows icon resource - 1 icon, 32x32, 32 bits/pixel\012- data
Hash 9c0cdd9281e2674c060079cdedfbe520
d4e993e0edd5dd14f0931fff28b858980532e06f
0f42ef88540457acef52dd28aed9e05f71d7dc51ad9bf3536011f045ff5b293b
GET /favicon.ico HTTP/1.1
Host: www.kumamoto-u.ac.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://ehb311.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/vnd.microsoft.icon
content-length: 4286
server: nginx
x-cache-operation: plone.app.caching.strongCaching
expires: Wed, 29 Mar 2023 17:12:21 GMT
last-modified: Tue, 08 Sep 2020 09:05:18 GMT
cache-control: max-age=86400, proxy-revalidate, public
x-cache-rule: plone.resource
x-frame-options: ALLOW-FROM http://uportal.kumamoto-u.ac.jp
date: Wed, 29 Mar 2023 17:23:59 GMT
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OeKgv3NgZADWKQ7ERzd5-wyvjhnik9NKeElRnjm4VE5PLpPjmwGMMA==
age: 40775
X-Firefox-Spdy: h2
daf2019.com/8/02/images/logo.png
154.88.21.113200 OK 6.3 kB URL HTTP/1.1 daf2019.com/8/02/images/logo.png
IP 154.88.21.113:0
File type PNG image data, 178 x 82, 8-bit/color RGB, non-interlaced\012- data
Hash c948dcacd55c27a054160dcfaf80c00b
b1dee4a4f31664d4c480d81728d60c4d270cd07a
2c9d31cada5847899cbe6633a0baed12d2161ac8289e6e2fd7c1c6085864f1a9
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/logo.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 6274
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner2_03.png
154.88.21.113200 OK 37 kB URL HTTP/1.1 daf2019.com/8/02/images/banner2_03.png
IP 154.88.21.113:0
File type PNG image data, 264 x 131, 8-bit/color RGB, non-interlaced\012- data
Hash d0b43b960645c6399f1de87684c09862
e9d9d1c6181490cd353bbdecd39ea1b183067858
a71ac6384ca2fae51b19deeb438bdc00ec4654fad2961d978610ec1fd7662d15
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner2_03.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 37430
Connection: keep-alive
Last-Modified: Thu, 14 Apr 2016 09:51:14 GMT
Accept-Ranges: bytes
ETag: "0159d2e3396d11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/input.png
154.88.21.113200 OK 1.2 kB URL HTTP/1.1 daf2019.com/8/02/images/input.png
IP 154.88.21.113:0
File type PNG image data, 205 x 32, 8-bit/color RGB, non-interlaced\012- data
Hash c0811b69d8e047598779aa7c23816d60
a59791d1d6e6dbcfc962c90013908673a2998c7f
e7788f310ecbe6a34c22d259a553151fe74da4654228f9646e2fee868b169fa8
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/input.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 1215
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/button_01.png
154.88.21.113200 OK 2.2 kB URL HTTP/1.1 daf2019.com/8/02/images/button_01.png
IP 154.88.21.113:0
File type PNG image data, 166 x 36, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d16fd6e6a9b70e3e69147918021e63f
de61ed19a8ca1f85dd0c53bb67b81f421ff9b126
4d8c630562068985ac8c5faad3964d625a4d3a569009517ba94d52e29dc2d60e
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/button_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 2160
Connection: keep-alive
Last-Modified: Wed, 06 Apr 2016 04:43:24 GMT
Accept-Ranges: bytes
ETag: "0be54dabe8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner2_01.png
154.88.21.113200 OK 34 kB URL HTTP/1.1 daf2019.com/8/02/images/banner2_01.png
IP 154.88.21.113:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 264x131, components 3\012- data
Hash 446caf79bedff310ea711dfdfbea4aa2
09fd40332c837424062d3e40404f62c3f9a3bab6
aa6fed29c79c7be15b1564d64b64563d463781bae2a445cecbc1c4f027fd4697
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner2_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 33740
Connection: keep-alive
Last-Modified: Wed, 12 Jul 2017 08:06:08 GMT
Accept-Ranges: bytes
ETag: "0587cb7e5fad21:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/fg.jpg
154.88.21.113200 OK 1.2 kB URL HTTP/1.1 daf2019.com/8/02/images/fg.jpg
IP 154.88.21.113:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2x37, components 3\012- data
Hash 03681598725338040889fa4408c00b82
b022236b9d06b5d8daeeb2d6e174d85c886f0977
60dfe8e6c0980da16dec4f364e2bd60ff1643579c618e359601681c91e5a171c
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/fg.jpg HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/jpeg
Content-Length: 1228
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/log.png
154.88.21.113200 OK 2.1 kB URL HTTP/1.1 daf2019.com/8/02/images/log.png
IP 154.88.21.113:0
File type PNG image data, 80 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash ec5e716b4854809fe716f4a3054975f5
7ddd4ac24e0011fc935e08e0e670b5b2c6f30011
590085a55cd794685b4c414a1a60c0339e5beed6b75bf275820521872009a488
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/log.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 2052
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:38:38 GMT
Accept-Ranges: bytes
ETag: "013c02ae8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/reg.png
154.88.21.113200 OK 1.9 kB URL HTTP/1.1 daf2019.com/8/02/images/reg.png
IP 154.88.21.113:0
File type PNG image data, 80 x 29, 8-bit/color RGBA, non-interlaced\012- data
Hash a954e40bc0ea59e8f7d1acd314abdd3f
aa30c4dda935559aade87f84edd702a0f51c3563
5259b408fc9d81441509c35674f28101f215442b935899ecee43ed8481364225
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/reg.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 1860
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:38:38 GMT
Accept-Ranges: bytes
ETag: "013c02ae8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner2_02.png
154.88.21.113200 OK 28 kB URL HTTP/1.1 daf2019.com/8/02/images/banner2_02.png
IP 154.88.21.113:0
File type PNG image data, 264 x 131, 8-bit/color RGB, non-interlaced\012- data
Hash aca7dcae5658d8e38d6950251b677e56
e9831ccd373f2ec3315140dcf94d16d3aa215810
9bc66b5f041afac25666b5adfd0a5a7071e8efe05caf3bea11cef3efafaf6f15
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner2_02.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 27761
Connection: keep-alive
Last-Modified: Sat, 05 Aug 2017 05:17:54 GMT
Accept-Ranges: bytes
ETag: "02de830aadd31:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner2_bg.png
154.88.21.113200 OK 1.3 kB URL HTTP/1.1 daf2019.com/8/02/images/banner2_bg.png
IP 154.88.21.113:0
File type PNG image data, 67 x 193, 8-bit/color RGB, non-interlaced\012- data
Hash 3e601ed62c15b0ed6f04ae304991ed29
ccba8acfd5afe5ff3d5423ffb82bb52714d35335
bbd5acbf9447298b50d1353ef4c7cca4d3f42ca454fae55c62022f9d0aceca24
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner2_bg.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 1271
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/yes_pic.png
154.88.21.113200 OK 1.6 kB URL HTTP/1.1 daf2019.com/8/02/images/yes_pic.png
IP 154.88.21.113:0
File type PNG image data, 23 x 23, 8-bit/color RGB, non-interlaced\012- data
Hash 2ac3e8c053c17a15d59bd747544ab91d
842e76bc3a3f771ddbfec1620d37844b0921f596
ce3e0b286e1066c0938ce1198003fc7a94521eb7974ebddcfd59fddd72b65f08
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/yes_pic.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/css/style.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 1569
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_banner_02.png
154.88.21.113200 OK 9.9 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_banner_02.png
IP 154.88.21.113:0
File type PNG image data, 280 x 126, 8-bit/color RGB, interlaced\012- data
Hash dead5339f6e68d8460808651a56e7e8d
751ba364396044cc7d9a499c0ef285c56df6a2fd
1c03c5eb3eaab28cce2db315e43318990b31bf96219e4801a6d1d337a7827e9e
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_banner_02.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 9854
Connection: keep-alive
Last-Modified: Wed, 08 Jun 2016 07:49:54 GMT
Accept-Ranges: bytes
ETag: "07d1d585ac1d11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner3.png
154.88.21.113200 OK 3.7 kB URL HTTP/1.1 daf2019.com/8/02/images/banner3.png
IP 154.88.21.113:0
File type PNG image data, 938 x 57, 8-bit/color RGBA, non-interlaced\012- data
Hash 7f5a626a87651092239f720729afb760
a6fba539a716fda360614e7ee4c133575623bca5
1d5141b3d0ebf7c729d4a08c2b504873a65edb38499031a9032cdcd6691de375
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner3.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 3742
Connection: keep-alive
Last-Modified: Wed, 06 Apr 2016 04:43:24 GMT
Accept-Ranges: bytes
ETag: "0be54dabe8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
niig7rsa.ocsp.secom-cert.jp/
113.52.156.18200 OK 1.5 kB URL HTTP/1.1 niig7rsa.ocsp.secom-cert.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 18ba0ab168a946e16650a0bc5829d840
9ff5c5989693cecbc9ce1c647788b7d468676d68
545ec0287d54f88946b0caae516a650a62fccc446308c50592dddd17b74c1a44
POST / HTTP/1.1
Host: niig7rsa.ocsp.secom-cert.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:32 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Mon, 03 Apr 2023 04:26:15 GMT
Last-Modified: Thu, 30 Mar 2023 04:26:15 GMT
ETag: "18ba0ab168a946e16650a0bc5829d840"
X-Powered-By: ASP.NET
Content-Length: 1545
Connection: close
niig7rsa.ocsp.secom-cert.jp/
113.52.156.18200 OK 1.5 kB URL HTTP/1.1 niig7rsa.ocsp.secom-cert.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash 8260794843a87932d7610b0551fba21e
db54760f9a829c707a90be487654d5d06ef1ab71
08a124d474990ce2be66b18ec83f45532005eb47c0f6b89ba2f6107b9f648d1b
POST / HTTP/1.1
Host: niig7rsa.ocsp.secom-cert.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:33 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Mon, 03 Apr 2023 04:06:12 GMT
Last-Modified: Thu, 30 Mar 2023 04:06:12 GMT
ETag: "8260794843a87932d7610b0551fba21e"
X-Powered-By: ASP.NET
Content-Length: 1545
Connection: close
daf2019.com/8/02/images/js_01.png
154.88.21.113200 OK 31 kB URL HTTP/1.1 daf2019.com/8/02/images/js_01.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 99e952988b7402b2d3cede6e5a041a29
c19ccdd127d46117a4db0c0b68a8179c82a21c9b
92f7e14ca930a89a05dad803011167e556572ca8d9641f5ddfa7e168ed109da4
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 30698
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_02.png
154.88.21.113200 OK 46 kB URL HTTP/1.1 daf2019.com/8/02/images/js_02.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash b4453bccccf4c8097f4959ebcd000593
1d34d6486775c76e5859142714d991f168eff8b0
012e2ce8254a08b78923cce325e0479a6e299a20ee8b08c3ac817bf24023788e
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_02.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 45635
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/banner_01.png
154.88.21.113200 OK 157 kB URL HTTP/1.1 daf2019.com/8/02/images/banner_01.png
IP 154.88.21.113:0
File type PNG image data, 950 x 408, 8-bit colormap, non-interlaced\012- data
Size 157 kB (157247 bytes)
Hash 7703421cc54573447ffd9a269316ec01
08a30b0a261c0daa944929646674f3a1b6fe7d2f
3f3b345a33aa00046bd7d7361b3902a0ad53f6b7162ae8a1f27fcf5d3496bfb8
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/banner_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:34 GMT
Content-Type: image/png
Content-Length: 157247
Connection: keep-alive
Last-Modified: Mon, 13 May 2019 13:12:58 GMT
Accept-Ranges: bytes
ETag: "4b32ee958d9d51:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_05.png
154.88.21.113200 OK 26 kB URL HTTP/1.1 daf2019.com/8/02/images/js_05.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 8eb7add736efb5f9b662177f14e87745
6d7febd67581e572480e354e4c9e0b59cc82eb1d
00290ed661145b0c1704ebd10b9eb198820017f6558eb4fc5383067720f7223f
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_05.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 26157
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_03.png
154.88.21.113200 OK 44 kB URL HTTP/1.1 daf2019.com/8/02/images/js_03.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 73d2f1f46f066c4732bfed91acf3d0b6
78e460fccf100191ec42a3d8b8667081d0d6b33a
6aaf51c9e1f976b3aa1c2e0c8ff30605cb9a86cf472e0bcc1a4799575eaf020f
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_03.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 44074
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_06.png
154.88.21.113200 OK 24 kB URL HTTP/1.1 daf2019.com/8/02/images/js_06.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 40b33291ca7e2437e367e89dcabaa1f0
2415e251f07bdf1f8caa2162a03f772b02cf48c9
a2ddc24fcc076c753dc4bc256aba6ec9e163425b2ff5b1ad2af91d76e20d447a
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_06.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 23685
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_04.png
154.88.21.113200 OK 34 kB URL HTTP/1.1 daf2019.com/8/02/images/js_04.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash efdad97c4dffe5967e162adf5847e645
a0b8df7aa6f000e4ef849f95698f1cf4f08d837e
b781c6a2f3fce60e2e4e0a66d9ac665329b29f96dbe50a87f60fc49e63cfb0d9
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_04.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 34327
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_07.png
154.88.21.113200 OK 23 kB URL HTTP/1.1 daf2019.com/8/02/images/js_07.png
IP 154.88.21.113:0
File type PNG image data, 224 x 95, 8-bit/color RGB, non-interlaced\012- data
Hash 84b5cb2c29db1d5603a5b369373d60ef
1a5ee769b38b0fb82be2976151272ed2db6d0419
31684a7ff53c14f457505372eedc8b9bbc96084fd94e1d9b48d26f56f6f0d837
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_07.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 23022
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_08.png
154.88.21.113200 OK 3.1 kB URL HTTP/1.1 daf2019.com/8/02/images/js_08.png
IP 154.88.21.113:0
File type PNG image data, 72 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 7421f6b5bbd6b7bb933208acbbd23c33
c8e455e5c04d45614ffa5b4e8169f81954eb3ddf
351155d5fef8392629b9df22d5b07f0158d433f1bffb28b6e40c8fe3a389c164
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_08.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3082
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_09.png
154.88.21.113200 OK 3.2 kB URL HTTP/1.1 daf2019.com/8/02/images/js_09.png
IP 154.88.21.113:0
File type PNG image data, 86 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash 66196420d10ba43510c374a6699aaa31
363fc40baacae4c1f7b44150f1770c4c915a3f8d
531a9a9d6e254d38ee0304719bc07542cc2f3ff4e5960a2d6db2ea7d35f0e59b
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_09.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3184
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_banner_01.png
154.88.21.113200 OK 130 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_banner_01.png
IP 154.88.21.113:0
File type PNG image data, 662 x 126, 8-bit/color RGB, non-interlaced\012- data
Size 130 kB (129636 bytes)
Hash dafbbe51379039798b74cf58d84b66cf
7106627ecd4a27b47ac6dafa9f0cd510151fecbb
cd116803eb78b0140f8837b31a36ee6966bc51d03f006caf5bf5657e85f7a700
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_banner_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:35 GMT
Content-Type: image/png
Content-Length: 129636
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_10.png
154.88.21.113200 OK 2.8 kB URL HTTP/1.1 daf2019.com/8/02/images/js_10.png
IP 154.88.21.113:0
File type PNG image data, 66 x 28, 8-bit/color RGB, non-interlaced\012- data
Hash bc049b6940f50058758b9838c4871194
9bac505e7812b0fb442dcd77eaedaeb80e90dcb1
8d5af609771e29bbd9c042a5771ef69a97074c2730b8d23faeaec2700eea5e1d
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_10.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 2777
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:00 GMT
Accept-Ranges: bytes
ETag: "018863dd8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_11.png
154.88.21.113200 OK 4.6 kB URL HTTP/1.1 daf2019.com/8/02/images/js_11.png
IP 154.88.21.113:0
File type PNG image data, 129 x 42, 8-bit/color RGB, non-interlaced\012- data
Hash a1e6cd37bf162ee7c5773f84b8c83dd1
4a604e76c9d1799fe2a1d108484b9ceee5152f3d
26e90891a4fcd384c14aad8f679a4489977af2dbdef1818937f95368b4710b95
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_11.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 4584
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_12.png
154.88.21.113200 OK 3.6 kB URL HTTP/1.1 daf2019.com/8/02/images/js_12.png
IP 154.88.21.113:0
File type PNG image data, 95 x 42, 8-bit/color RGB, non-interlaced\012- data
Hash 18495d1c009b6048d2aba06b8e37bd5a
c733e81e91ad6411467e91887b44595883830f1b
d94af9a51ae2a3bd099f1dda3d7c1849bab1fcab133e52ef87251f08d51c8377
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_12.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3550
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_13.png
154.88.21.113200 OK 5.5 kB URL HTTP/1.1 daf2019.com/8/02/images/js_13.png
IP 154.88.21.113:0
File type PNG image data, 146 x 52, 8-bit/color RGB, non-interlaced\012- data
Hash b80492028cca45a325560d15f1d58a1e
f0bb75b6f2c45f607f3a004034219f0b29cceb76
abd4bd38d3c8258d17cf55ca747cd8b9485373087880ca5f09614b0a6a02ab4d
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_13.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 5521
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_14.png
154.88.21.113200 OK 3.7 kB URL HTTP/1.1 daf2019.com/8/02/images/js_14.png
IP 154.88.21.113:0
File type PNG image data, 78 x 52, 8-bit/color RGB, non-interlaced\012- data
Hash 3d37fcbbd41218ad3d2b5205ae305989
81622fde8411886aa938862a20c0989405cc10a2
c45f6951486b04ff8f37719926b69c2f73151837d6ea1651cd0257bba006d9bf
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_14.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3738
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_16.png
154.88.21.113200 OK 3.3 kB URL HTTP/1.1 daf2019.com/8/02/images/js_16.png
IP 154.88.21.113:0
File type PNG image data, 106 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 1cee1da81f1725ef4b171cc813e1d7fd
2d3cefd81254a670c9fcb4b14596d1220b0025d3
0a052599119125e88cd77a449b40d6c71f869972c78a89ca67d70f7b950c79eb
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_16.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3258
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_15.png
154.88.21.113200 OK 3.6 kB URL HTTP/1.1 daf2019.com/8/02/images/js_15.png
IP 154.88.21.113:0
File type PNG image data, 118 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash e84d62f6a5fb885349288cc770d42c59
6d1febb0043ef0fd2673c05adfec6e9204e95eeb
6f030a43f971fe3e7f7d1b0257ebd76855fdcdff2978649cadd93b3b07629871
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_15.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3558
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_17.png
154.88.21.113200 OK 4.7 kB URL HTTP/1.1 daf2019.com/8/02/images/js_17.png
IP 154.88.21.113:0
File type PNG image data, 118 x 41, 8-bit/color RGB, non-interlaced\012- data
Hash cc1cea2801436466429107060b08c007
33a486f7ef7ab890ffb5b2ff0e5095d274329695
ab702803e797b63a5bf47dbefa6d36a9ef10ef01c87c19f2533d2765f26979f5
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_17.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 4736
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_18.png
154.88.21.113200 OK 7.0 kB URL HTTP/1.1 daf2019.com/8/02/images/js_18.png
IP 154.88.21.113:0
File type PNG image data, 106 x 41, 8-bit/color RGB, non-interlaced\012- data
Hash 4ecccfde5839d7aeec0da110930d680c
4fd3329d26248bf49e15d4fa571534d47bbf3064
7f67bfea79c565c942b7ef8a6cc7ce53a67f09248ba0147ac2e313e456ab367d
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_18.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 6970
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_19.png
154.88.21.113200 OK 2.1 kB URL HTTP/1.1 daf2019.com/8/02/images/js_19.png
IP 154.88.21.113:0
File type PNG image data, 47 x 54, 8-bit/color RGB, non-interlaced\012- data
Hash 023b4fe1fdd477758f4fcb20e9294947
311dba3233dae6e44eccba1ae79e706385be41e4
adb0a6dff57057692f15b025c7883dbb2f84eccbf00b82adad4cc5d7cfceb17f
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_19.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 2147
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_20.png
154.88.21.113200 OK 2.2 kB URL HTTP/1.1 daf2019.com/8/02/images/js_20.png
IP 154.88.21.113:0
File type PNG image data, 56 x 54, 8-bit/color RGB, non-interlaced\012- data
Hash 3021691b5c835364238e8b432ed5684c
f8bc978caa87cdd955cc901322bd947f013b59bd
3d50f406e13ebb130ef515b2b1ee72849ff56f020005a194279543ce2c7f41d1
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_20.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 2196
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_21.png
154.88.21.113200 OK 2.2 kB URL HTTP/1.1 daf2019.com/8/02/images/js_21.png
IP 154.88.21.113:0
File type PNG image data, 48 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash 6b80ae10eba57ecf829b60e8e066f9b4
fed3bf26d126e79412e07fec2405c61998d8f21e
99a17f11bfa767440872b1c8047dfb0f7b04e813c62a46bd257f68c3b80240f7
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_21.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 2219
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_22.png
154.88.21.113200 OK 3.4 kB URL HTTP/1.1 daf2019.com/8/02/images/js_22.png
IP 154.88.21.113:0
File type PNG image data, 72 x 44, 8-bit/color RGB, non-interlaced\012- data
Hash 8c697fe2983c425c16d62c7131fe0bbe
0ee26dde915cfb54a1e638c405281b3f15ccb4d6
43e7bda097f50d7435716d5b08c0fd395c6ad99cb6f3e0fb54eb3c936673294a
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_22.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3360
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_23.png
154.88.21.113200 OK 4.1 kB URL HTTP/1.1 daf2019.com/8/02/images/js_23.png
IP 154.88.21.113:0
File type PNG image data, 109 x 27, 8-bit/color RGB, non-interlaced\012- data
Hash 1d25d087f53e4307f36911804e113aa8
8492dea224bf729defaf414b8762acd020a91c5b
3ea16883bf5c72dddc0506bd15ff3709abcd146a001b2f0c6ede43c89a1375ed
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_23.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 4098
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/js_24.png
154.88.21.113200 OK 4.0 kB URL HTTP/1.1 daf2019.com/8/02/images/js_24.png
IP 154.88.21.113:0
File type PNG image data, 114 x 42, 8-bit/color RGB, non-interlaced\012- data
Hash 503d4774cce8e6aa44744628eda6ad73
1a0a03c5a016b9662f7512b11afeb4a28398d054
989ff8eb50524fed49556fe27aba30def117a88ed267589773ded6bb6d70fac4
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/js_24.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 3991
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_01.png
154.88.21.113200 OK 2.2 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_01.png
IP 154.88.21.113:0
File type PNG image data, 101 x 25, 8-bit/color RGB, non-interlaced\012- data
Hash 87b9508993e8303ba20c518216c02f56
11222ef31a9333811e389c05e7d78cb96eee7383
974c13a6d0e4bda1fb92842a57a09e045290c9ceda97e2507279b3056ebcfb44
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_01.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:36 GMT
Content-Type: image/png
Content-Length: 2155
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_02.png
154.88.21.113200 OK 1.8 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_02.png
IP 154.88.21.113:0
File type PNG image data, 66 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 03006a3cd97c3c2606438f56acafb448
113ace455728d5d225f391a5de37e7ab29876522
7382955195592805c3142e1dd26c814d3fb1f90037d9bb6da957d76665b38cc6
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_02.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 1831
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_03.png
154.88.21.113200 OK 3.0 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_03.png
IP 154.88.21.113:0
File type PNG image data, 131 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 82252d822b19fefda763bfbef19a9e01
7f307e27e943029a2a30bdb587ce17291f7e49af
7cad314b0d98ff7c6bd944de1128d954c0f81ecd5e38dd591a2fe40f2e444445
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_03.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 3000
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_04.png
154.88.21.113200 OK 1.9 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_04.png
IP 154.88.21.113:0
File type PNG image data, 46 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 033ab1fca1ee7e6739d4981fbe64a084
71705d88ca99aad2c89a827152dd0ce4c03abde9
cb17aa8c181a5ce10624b4e3e0eb3034e98738ecccb14ae3dfd93525b0878885
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_04.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 1945
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_05.png
154.88.21.113200 OK 3.7 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_05.png
IP 154.88.21.113:0
File type PNG image data, 114 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 66ddd2c59bed52cd71ae444ef6442513
e292e5a7adf7f85763aed39fbbc27a217d55f7df
6a5b9e30f13faf252a3880d7da143b12a3ba31f5d19a0a049c7d4e4694b616f6
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_05.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 3667
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_06.png
154.88.21.113200 OK 2.6 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_06.png
IP 154.88.21.113:0
File type PNG image data, 52 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 2959bc55912c734914be76e4183fcd4f
d4687e2950f13fecde23aeabfdc7d12d5bdd28a7
b952e2f057a4d61cbe65292102b762d71df0e18aefdbff5739b2b2eb3ab7a1a9
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_06.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 2581
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS
daf2019.com/8/02/images/foot_07.png
154.88.21.113200 OK 2.3 kB URL HTTP/1.1 daf2019.com/8/02/images/foot_07.png
IP 154.88.21.113:0
File type PNG image data, 53 x 35, 8-bit/color RGB, non-interlaced\012- data
Hash 9a052cbe0fe27e01f4b9d6349c073fd8
181aef0249de9092ed2cadef3735080e40113446
a778c5869c1f602b1fdc74684e55764db162d810104dbb6d534339bdfbc33346
Analyzer Verdict Alert quad9 Sinkholed
GET /8/02/images/foot_07.png HTTP/1.1
Host: daf2019.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://daf2019.com/8/02/bet.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Thu, 30 Mar 2023 04:43:37 GMT
Content-Type: image/png
Content-Length: 2289
Connection: keep-alive
Last-Modified: Tue, 05 Apr 2016 07:32:02 GMT
Accept-Ranges: bytes
ETag: "045b73ed8fd11:0"
X-Powered-By: ASP.NET
Server: CDNFly
X-Cache-Status: MISS