Overview

URL101.132.152.76/
IP 101.132.152.76 (China)
ASN#37963 Hangzhou Alibaba Advertising Co.,Ltd.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-09 12:03:26 UTC
StatusLoading report..
IDS alerts0
Blocklist alert31
urlquery alerts No alerts detected
Tags None

Domain Summary (8)

Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
ocsp.digicert.com (1) 86 2012-05-21 07:02:23 UTC 2022-12-08 17:15:52 UTC 93.184.220.29
101.132.152.76 (31) 0 No data No data 101.132.152.76 Unknown ranking
push.services.mozilla.com (1) 2140 2014-10-24 08:27:06 UTC 2022-12-08 17:20:00 UTC 52.89.136.7
img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-12-08 15:50:00 UTC 34.120.237.76
r3.o.lencr.org (7) 344 2020-12-02 08:52:13 UTC 2022-12-08 17:12:06 UTC 95.101.11.115
firefox.settings.services.mozilla.com (2) 867 2020-05-25 20:06:39 UTC 2022-12-08 17:12:32 UTC 35.241.9.150
content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-12-08 17:21:04 UTC 34.160.144.191
contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-12-08 17:14:01 UTC 34.117.237.239

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
 No alerts detected

mnemonic secure dns
 No alerts detected

Quad9 DNS
Scan Date Severity Indicator Comment
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed
2022-12-09 2 101.132.152.76 Sinkholed


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 1 reports on IP: 101.132.152.76
Date UQ / IDS / BL URL IP
2022-12-09 12:03:26 +0000 0 - 0 - 31 101.132.152.76/ 101.132.152.76


Last 5 reports on ASN: Hangzhou Alibaba Advertising Co.,Ltd.
Date UQ / IDS / BL URL IP
2023-02-02 00:50:56 +0000 0 - 1 - 0 www.lamic.cn/apos_helper.exe 39.103.194.48
2023-02-01 21:50:54 +0000 0 - 0 - 2 files.cnblogs.com/files/soli/whole.tomato.vis (...) 47.110.20.149
2023-02-01 21:50:12 +0000 0 - 0 - 1 files.cnblogs.com/files/testware/automatedqa. (...) 47.110.20.149
2023-02-01 20:24:27 +0000 0 - 1 - 0 www.e2esoft.cn/apps/WeCam/WeCam_x64_v2.2.2.exe 101.132.24.1
2023-02-01 18:09:05 +0000 0 - 1 - 1 106.11.250.224/download/quartz_uninstall.sh 106.11.250.224


Last 1 reports on domain: 101.132.152.76
Date UQ / IDS / BL URL IP
2022-12-09 12:03:26 +0000 0 - 0 - 31 101.132.152.76/ 101.132.152.76


No other reports with similar screenshot

JavaScript

Executed Scripts (13)

Executed Evals (24)
#1 JavaScript::Eval (size: 4760) - SHA256: 635c1794e3365736f37c70b71d3f944e2803cae914d98f22cd1f6c7ce39cd066
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (inputId && !skipLabelForAttribute)
        }
    } catch (e) {}
}
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if ((v = values['beforeLabelTpl']) != null) out.push(v)
    out.push('<label id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-labelEl" data-ref="labelEl" class="')
    if ((v = values['labelCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['labelCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['labelClsExtra']) != null) out.push(v)
    out.push(' ')
    if ((v = values['childElCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['unselectableCls']) != null) out.push(v)
    out.push('" style="')
    if ((v = values['labelStyle']) != null) out.push(v)
    out.push('"')
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        out.push(' for="')
        if ((v = values['inputId']) != null) out.push(v)
        out.push('"')
    }
    out.push(' ')
    if ((v = values['labelAttrTpl']) != null) out.push(v)
    out.push('><span class="')
    if ((v = values['labelInnerCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['labelInnerCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push('" style="')
    if ((v = values['labelInnerStyle']) != null) out.push(v)
    out.push('">')
    if ((v = values['beforeLabelTextTpl']) != null) out.push(v)
    out.push('<span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-labelTextEl" data-ref="labelTextEl" class="')
    if ((v = values['labelTextCls']) != null) out.push(v)
    out.push('">')
    if (values['fieldLabel']) {
        if ((v = values['fieldLabel']) != null) out.push(v)
        if (values['labelSeparator']) {
            if ((v = values['labelSeparator']) != null) out.push(v)
        }
    }
    out.push('</span>')
    if ((v = values['afterLabelTextTpl']) != null) out.push(v)
    out.push('</span></label>')
    if ((v = values['afterLabelTpl']) != null) out.push(v)
    out.push('<div id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-bodyEl" data-ref="bodyEl" role="presentation" class="')
    if ((v = values['baseBodyCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['baseBodyCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    if (values['fieldBodyCls']) {
        out.push(' ')
        if ((v = values['fieldBodyCls']) != null) out.push(v)
        out.push(' ')
        if ((v = values['fieldBodyCls']) != null) out.push(v)
        out.push('-')
        if ((v = values['ui']) != null) out.push(v)
    }
    out.push(' ')
    if ((v = values['growCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['extraFieldBodyCls']) != null) out.push(v)
    out.push('"')
    if (values['bodyStyle']) {
        out.push(' style="')
        if ((v = values['bodyStyle']) != null) out.push(v)
        out.push('"')
    }
    out.push('>')
    if ((v = values['beforeBodyEl']) != null) out.push(v)
    if ((v = values['beforeSubTpl']) != null) out.push(v)
    if ((v = values.$comp.getSubTplMarkup(values)) != null) out.push(v)
    if ((v = values['afterSubTpl']) != null) out.push(v)
    if ((v = values['afterBodyEl']) != null) out.push(v)
    if (values['renderAriaElements']) {
        if (values['ariaHelp']) {
            out.push('<span id="')
            if ((v = values['id']) != null) out.push(v)
            out.push('-ariaHelpEl" data-ref="ariaHelpEl" class="x-hidden-offsets">')
            if ((v = values['ariaHelp']) != null) out.push(v)
            out.push('</span>')
        }
        out.push('<span id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-ariaStatusEl" data-ref="ariaStatusEl" aria-hidden="true" class="x-hidden-offsets">')
        if ((v = values['ariaStatus']) != null) out.push(v)
        out.push('</span><span id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-ariaErrorEl" data-ref="ariaErrorEl" aria-hidden="true" aria-live="assertive" class="x-hidden-clip"></span>')
    }
    out.push('</div>')
    if (values['renderError']) {
        out.push('<div id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-errorWrapEl" data-ref="errorWrapEl" class="')
        if ((v = values['errorWrapCls']) != null) out.push(v)
        out.push(' ')
        if ((v = values['errorWrapCls']) != null) out.push(v)
        out.push('-')
        if ((v = values['ui']) != null) out.push(v)
        out.push(' ')
        if ((v = values['errorWrapExtraCls']) != null) out.push(v)
        out.push('" style="')
        if ((v = values['errorWrapStyle']) != null) out.push(v)
        out.push('"><div role="presentation" id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-errorEl" data-ref="errorEl" class="')
        if ((v = values['errorMsgCls']) != null) out.push(v)
        out.push(' ')
        if ((v = values['invalidMsgCls']) != null) out.push(v)
        out.push(' ')
        if ((v = values['invalidMsgCls']) != null) out.push(v)
        out.push('-')
        if ((v = values['ui']) != null) out.push(v)
        out.push('" data-anchorTarget="')
        if ((v = values['tipAnchorTarget']) != null) out.push(v)
        out.push('"></div></div>')
    }

}
#2 JavaScript::Eval (size: 2930) - SHA256: a852cf3d8dfc57074f3d8601e0392dd16c4713e48d16c7b518a814d9ce9e393d
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (tabIdx != null)
        }
    } catch (e) {}
}

function f8(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (ariaEl == 'inputEl')
        }
    } catch (e) {}
}
var validTypes = {
    string: 1,
    number: 1,
    boolean: 1
};
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<input id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('" data-ref="inputEl" type="')
    if ((v = values['type']) != null) out.push(v)
    out.push('" ')
    if ((v = values['inputAttrTpl']) != null) out.push(v)
    out.push(' size="1"')
    if (values['name']) {
        out.push(' name="')
        if ((v = values['name']) != null) out.push(v)
        out.push('"')
    }
    if (values['value']) {
        out.push(' value="')
        if ((v = Ext.util.Format.htmlEncode(values.value)) != null) out.push(v)
        out.push('"')
    }
    if (values['placeholder']) {
        out.push(' placeholder="')
        if ((v = values['placeholder']) != null) out.push(v)
        out.push('"')
    }
    if (values.maxLength !== undefined) {
        out.push(' maxlength="')
        if ((v = values['maxLength']) != null) out.push(v)
        out.push('"')
    }
    if (values['readOnly']) {
        out.push(' readonly="readonly"')
    }
    if (values['disabled']) {
        out.push(' disabled="disabled"')
    }
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        out.push(' tabindex="')
        if ((v = values['tabIdx']) != null) out.push(v)
        out.push('"')
    }
    if (values['fieldStyle']) {
        out.push(' style="')
        if ((v = values['fieldStyle']) != null) out.push(v)
        out.push('"')
    }
    if (f8.call(this, out, values, parent, xindex, xcount, xkey)) {
        var i1 = -1,
            n1 = 0,
            c1 = values['ariaElAttributes'],
            a1 = Array.isArray(c1),
            r1 = values,
            p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        for (k1 in c1) {
            xindex = ++i1 + 1;
            xkey = k1;
            values = c1[k1];
            out.push(' ')
            if ((v = xkey) != null) out.push(v)
            out.push('="')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
            out.push('"')
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
    }
    i1 = -1, n1 = 0, c1 = values['inputElAriaAttributes'], a1 = Array.isArray(c1), r1 = values, p1, k1;
    p1 = parent = a0 ? c0[i0] : c0
    for (k1 in c1) {
        xindex = ++i1 + 1;
        xkey = k1;
        values = c1[k1];
        out.push(' ')
        if ((v = xkey) != null) out.push(v)
        out.push('="')
        if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
        out.push('"')
    }
    parent = p0;
    values = r1;
    xcount = n0;
    xindex = i0 + 1;
    xkey = k0;
    out.push(' class="')
    if ((v = values['fieldCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['typeCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['typeCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['editableCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['inputCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['fixCls']) != null) out.push(v)
    out.push('" autocomplete="off"/>')

}
#3 JavaScript::Eval (size: 52) - SHA256: f67312a0339236adf5c0b18224832f91647c556412a7c2eb6602da620f43fd20
if (Ext.Msg.isVisible()) Ext.Msg.toFront();
_ffc_(O17);
#4 JavaScript::Eval (size: 975) - SHA256: 36e76310218ca8904c39a83cdbd0fbf1f3e55784e6553eb6c1cba860bfe535a2
var dh = Ext.DomHelper;
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    var oc, l = values.$comp.layout,
        oh = l.overflowHandler;
    if (oh && oh.getPrefixConfig !== Ext.emptyFn) {
        if (oc = oh.getPrefixConfig()) dh.generateMarkup(oc, out)
    }
    out.push('<div id="')
    if ((v = values['ownerId']) != null) out.push(v)
    out.push('-innerCt" data-ref="innerCt" role="presentation" class="')
    if ((v = l.innerCls) != null) out.push(v)
    if ((v = oh ? (" " + oh.getOverflowCls(l.direction)) : "") != null) out.push(v)
    out.push('"><div id="')
    if ((v = values['ownerId']) != null) out.push(v)
    out.push('-targetEl" data-ref="targetEl" class="')
    if ((v = values['targetElCls']) != null) out.push(v)
    out.push('" role="presentation">')
    this.renderBody(out, values)
    out.push('</div></div>')
    if (oh && oh.getSuffixConfig !== Ext.emptyFn) {
        if (oc = oh.getSuffixConfig()) dh.generateMarkup(oc, out)
    }

}
#5 JavaScript::Eval (size: 59) - SHA256: 38828b79e7a8f2d76afe71aca527df4d141d949ab81d7fd25f7a7cb7d861817e
(Math.random() > 0.500 ? Math.floor(Math.random() * 500) + 0x10 : 0);
#6 JavaScript::Eval (size: 1089) - SHA256: 167c43a0c57d3b6e9bd02071ca3581afd60367d6edad1eb1b69238b665914f3f
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-btnIconEl" data-ref="btnIconEl" role="presentation" unselectable="on" class="')
    if ((v = values['baseIconCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['baseIconCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['iconCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['glyphCls']) != null) out.push(v)
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('" style="')
    if (values['iconUrl']) {
        out.push('background-image:url(')
        if ((v = values['iconUrl']) != null) out.push(v)
        out.push(');')
    }
    if (values['glyph']) {
        if (values['glyphFontFamily']) {
            out.push('font-family:')
            if ((v = values['glyphFontFamily']) != null) out.push(v)
            out.push(';')
        }
        out.push('">')
        if ((v = values['glyph']) != null) out.push(v)
    } else {
        out.push('">')
    }
    out.push('</span>')

}
#7 JavaScript::Eval (size: 0) - SHA256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
#8 JavaScript::Eval (size: 1313) - SHA256: c296d29f5413f899c309ce50d9552d9b6aa3b260b780ca9fc7662fb58c9b81b8
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (iconMarkup && iconBeforeTitle)
        }
    } catch (e) {}
}

function f8(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (iconMarkup && !iconBeforeTitle)
        }
    } catch (e) {}
}
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        if ((v = values['iconMarkup']) != null) out.push(v)
    }
    out.push('<div id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-textEl" data-ref="textEl" class="')
    if ((v = values['textCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['textCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['itemCls']) != null) out.push(v)
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('" unselectable="on"')
    if (values['textElRole']) {
        out.push(' role="')
        if ((v = values['textElRole']) != null) out.push(v)
        out.push('"')
    }
    out.push('>')
    if ((v = values['text']) != null) out.push(v)
    out.push('</div>')
    if (f8.call(this, out, values, parent, xindex, xcount, xkey)) {
        if ((v = values['iconMarkup']) != null) out.push(v)
    }

}
#9 JavaScript::Eval (size: 1321) - SHA256: e77b2ee957240564cf4e5f207e30862a6ff30e09b647a1a833dae1ea04156737
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (!Ext.supports.Placeholder)
        }
    } catch (e) {}
}
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        out.push('<label id="')
        if ((v = values['cmpId']) != null) out.push(v)
        out.push('-placeholderLabel" data-ref="placeholderLabel" for="')
        if ((v = values['id']) != null) out.push(v)
        out.push('" class="')
        if ((v = values['placeholderCoverCls']) != null) out.push(v)
        out.push(' ')
        if ((v = values['placeholderCoverCls']) != null) out.push(v)
        out.push('-')
        if ((v = values['ui']) != null) out.push(v)
        out.push('">')
        if ((v = values['placeholder']) != null) out.push(v)
        out.push('</label>')
    }
    out.push('</div>')
    var i1 = 0,
        n1 = 0,
        c1 = values['triggers'],
        a1 = Array.isArray(c1),
        r1 = values,
        p1, k1;
    p1 = parent = a0 ? c0[i0] : c0
    if (c1) {
        if (a1) {
            n1 = c1.length;
        } else if (c1.isMixedCollection) {
            c1 = c1.items;
            n1 = c1.length;
        } else if (c1.isStore) {
            c1 = c1.data.items;
            n1 = c1.length;
        } else {
            c1 = [c1];
            n1 = 1;
        }
    }
    for (xcount = n1; i1 < n1; ++i1) {
        values = c1[i1]
        xindex = i1 + 1
        if ((v = values.renderTrigger(parent)) != null) out.push(v)
    }
    parent = p0;
    values = r1;
    xcount = n0;
    xindex = i0 + 1;
    xkey = k0;
    out.push('</div>')

}
#10 JavaScript::Eval (size: 31) - SHA256: 51a7b3374d53506a04ce2e5f5bd3e025872ae0cf6e9c2de106bb80465288c9c9
uniSyncObj.xEncode(0x0B0A7315);
#11 JavaScript::Eval (size: 8) - SHA256: 70aa6bcc3e9532234113baff7b56c8be642354109f0780f62afdf1349fdfcbbe
"srcArr"
#12 JavaScript::Eval (size: 3153) - SHA256: 24d544540ab33ff04030b9a0888c01214637709d097e8ccc13d38eab6a8e089c
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
var validTypes = {
    string: 1,
    number: 1,
    boolean: 1
};
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if (values['headingText']) {
        out.push('<div id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-headingEl" data-ref="headingEl" role="heading" class="x-hidden-clip" style="height:0">')
        if ((v = values['headingText']) != null) out.push(v)
        out.push('</div>')
    }
    if (values['hasTabGuard']) {
        this.renderTabGuard(out, values, 'before');
    }
    out.push('<div id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-bodyWrap" data-ref="bodyWrap" class="')
    if ((v = values['baseCls']) != null) out.push(v)
    out.push('-bodyWrap"')
    if (values['bodyWrapAriaAttributes']) {
        var i1 = -1,
            n1 = 0,
            c1 = values['bodyWrapAriaAttributes'],
            a1 = Array.isArray(c1),
            r1 = values,
            p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        for (k1 in c1) {
            xindex = ++i1 + 1;
            xkey = k1;
            values = c1[k1];
            out.push(' ')
            if ((v = xkey) != null) out.push(v)
            out.push('="')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
            out.push('"')
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
    } else {
        out.push(' role="presentation"')
    }
    out.push('>')
    this.renderDockedItems(out, values, 0);
    out.push('<div id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-body" data-ref="body" class="')
    if ((v = values['baseCls']) != null) out.push(v)
    out.push('-body')
    if (values['bodyCls']) {
        out.push(' ')
        if ((v = values['bodyCls']) != null) out.push(v)
    }
    out.push(' ')
    if ((v = values['baseCls']) != null) out.push(v)
    out.push('-body-')
    if ((v = values['ui']) != null) out.push(v)
    if (values['uiCls']) {
        i1 = 0, n1 = 0, c1 = values['uiCls'], a1 = Array.isArray(c1), r1 = values, p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        if (c1) {
            if (a1) {
                n1 = c1.length;
            } else if (c1.isMixedCollection) {
                c1 = c1.items;
                n1 = c1.length;
            } else if (c1.isStore) {
                c1 = c1.data.items;
                n1 = c1.length;
            } else {
                c1 = [c1];
                n1 = 1;
            }
        }
        for (xcount = n1; i1 < n1; ++i1) {
            values = c1[i1]
            xindex = i1 + 1
            out.push(' ')
            if ((v = parent.baseCls) != null) out.push(v)
            out.push('-body-')
            if ((v = parent.ui) != null) out.push(v)
            out.push('-')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
    }
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('"')
    if (values['bodyAriaAttributes']) {
        i1 = -1, n1 = 0, c1 = values['bodyAriaAttributes'], a1 = Array.isArray(c1), r1 = values, p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        for (k1 in c1) {
            xindex = ++i1 + 1;
            xkey = k1;
            values = c1[k1];
            out.push(' ')
            if ((v = xkey) != null) out.push(v)
            out.push('="')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
            out.push('"')
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
    } else {
        out.push(' role="presentation"')
    }
    if (values['bodyStyle']) {
        out.push(' style="')
        if ((v = values['bodyStyle']) != null) out.push(v)
        out.push('"')
    }
    out.push('>')
    this.renderContainer(out, values);
    out.push('</div>')
    this.renderDockedItems(out, values, 1);
    out.push('</div>')
    if (values['hasTabGuard']) {
        this.renderTabGuard(out, values, 'after');
    }

}
#13 JavaScript::Eval (size: 901) - SHA256: c333ede8f27db0ecec144af81bce9bf82a2232a7ce3600a77463e796e40b9d4c
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (!$comp.html)
        }
    } catch (e) {}
}
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<div id="')
    if ((v = values['ownerId']) != null) out.push(v)
    out.push('-outerCt" data-ref="outerCt" class="')
    if ((v = values['outerCtCls']) != null) out.push(v)
    out.push('" role="presentation"><div id="')
    if ((v = values['ownerId']) != null) out.push(v)
    out.push('-innerCt" data-ref="innerCt" style="')
    this.renderPadding(out, values)
    out.push('" ')
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        out.push('role="presentation"')
    }
    out.push('class="')
    if ((v = values['innerCtCls']) != null) out.push(v)
    out.push('">')
    this.renderBody(out, values)
    out.push('</div></div>')

}
#14 JavaScript::Eval (size: 1517) - SHA256: e5e5e8fbe838d311619ce443ca5cb82a238016ee75a10bb6a308b8a85059b51e
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (ariaEl == 'triggerWrap')
        }
    } catch (e) {}
}
var validTypes = {
    string: 1,
    number: 1,
    boolean: 1
};
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<div id="')
    if ((v = values['cmpId']) != null) out.push(v)
    out.push('-triggerWrap" data-ref="triggerWrap"')
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        var i1 = -1,
            n1 = 0,
            c1 = values['ariaElAttributes'],
            a1 = Array.isArray(c1),
            r1 = values,
            p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        for (k1 in c1) {
            xindex = ++i1 + 1;
            xkey = k1;
            values = c1[k1];
            out.push(' ')
            if ((v = xkey) != null) out.push(v)
            out.push('="')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
            out.push('"')
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
    } else {
        out.push(' role="presentation"')
    }
    out.push(' class="')
    if ((v = values['triggerWrapCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['triggerWrapCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push('"><div id=')
    if ((v = values['cmpId']) != null) out.push(v)
    out.push('-inputWrap data-ref="inputWrap" role="presentation" class="')
    if ((v = values['inputWrapCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['inputWrapCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push('">')

}
#15 JavaScript::Eval (size: 295) - SHA256: 3acdad218cc8c89b0552c4ca4235d20b9b43accb35be94c46b81f545e4ff47ed
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if ((v = values['prefix']) != null) out.push(v)
    out.push('/')
    if ((v = values['entityName']) != null) out.push(v)

}
#16 JavaScript::Eval (size: 17) - SHA256: 78dc7a97812cd75dca151764e561c3d5a8a55ecdc2b1e77c9618ce37a97d6710
UniLoginForm1 = {};
#17 JavaScript::Eval (size: 562) - SHA256: a9c3d8d11dc504f3856e92ab91fb1540626dcf85e8f4b72c202699e462973325
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-')
    if ((v = values['tabGuardEl']) != null) out.push(v)
    out.push('" data-ref="')
    if ((v = values['tabGuardEl']) != null) out.push(v)
    out.push('" aria-hidden="true" class="x-tab-guard x-tab-guard-')
    if ((v = values['tabGuardPosition']) != null) out.push(v)
    out.push('" style="width:0px;height:0px;"></span>')

}
#18 JavaScript::Eval (size: 213) - SHA256: 7ab3d9376f6b12127da11872f7070f3f8bc3554c2547a1227c5b4ffe5f49272a
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    this.renderBody(out, values)

}
#19 JavaScript::Eval (size: 3906) - SHA256: c7be8c3ca1adb6a5fed4c3c6b5b64d2eb3721a732f7f40490c76bde30a569ae0
var fm = Ext.util.Format,
    ts = Object.prototype.toString;

function f1(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (!iconBeforeText)
        }
    } catch (e) {}
}

function f8(out, values, parent, xindex, xcount, xkey) {
    try {
        var $v = values;
        with($v) {
            return (tabIndex != null)
        }
    } catch (e) {}
}
var validTypes = {
    string: 1,
    number: 1,
    boolean: 1
};
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    out.push('<span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-btnWrap" data-ref="btnWrap" role="presentation" unselectable="on" style="')
    if ((v = values['btnWrapStyle']) != null) out.push(v)
    out.push('" class="')
    if ((v = values['btnWrapCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['btnWrapCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['splitCls']) != null) out.push(v)
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('"><span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-btnEl" data-ref="btnEl" role="presentation" unselectable="on" style="')
    if ((v = values['btnElStyle']) != null) out.push(v)
    out.push('" class="')
    if ((v = values['btnCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['btnCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    out.push(' ')
    if ((v = values['textCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['noTextCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['hasIconCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['iconAlignCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['textAlignCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['btnElAutoHeightCls']) != null) out.push(v)
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('">')
    if (values['iconBeforeText']) {
        if ((v = values.$comp.renderIcon(values)) != null) out.push(v)
    }
    out.push('<span id="')
    if ((v = values['id']) != null) out.push(v)
    out.push('-btnInnerEl" data-ref="btnInnerEl" unselectable="on" class="')
    if ((v = values['innerCls']) != null) out.push(v)
    out.push(' ')
    if ((v = values['innerCls']) != null) out.push(v)
    out.push('-')
    if ((v = values['ui']) != null) out.push(v)
    if ((v = values['childElCls']) != null) out.push(v)
    out.push('">')
    if ((v = values['text']) != null) out.push(v)
    out.push('</span>')
    if (f1.call(this, out, values, parent, xindex, xcount, xkey)) {
        if ((v = values.$comp.renderIcon(values)) != null) out.push(v)
    }
    out.push('</span></span>')
    if ((v = values.$comp.getAfterMarkup ? values.$comp.getAfterMarkup(values) : "") != null) out.push(v)
    if (values['closable']) {
        out.push('<span id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-closeEl" data-ref="closeEl" class="')
        if ((v = values['baseCls']) != null) out.push(v)
        out.push('-close-btn">')
        if (values['closeText']) {
            out.push(' ')
            if ((v = values['closeText']) != null) out.push(v)
        }
        out.push('</span>')
    }
    if (values['split']) {
        out.push('<span id="')
        if ((v = values['id']) != null) out.push(v)
        out.push('-arrowEl" class="')
        if ((v = values['arrowElCls']) != null) out.push(v)
        out.push('" data-ref="arrowEl" role="button" hidefocus="on" unselectable="on"')
        if (f8.call(this, out, values, parent, xindex, xcount, xkey)) {
            out.push(' tabindex="')
            if ((v = values['tabIndex']) != null) out.push(v)
            out.push('"')
        }
        var i1 = -1,
            n1 = 0,
            c1 = values['arrowElAttributes'],
            a1 = Array.isArray(c1),
            r1 = values,
            p1, k1;
        p1 = parent = a0 ? c0[i0] : c0
        for (k1 in c1) {
            xindex = ++i1 + 1;
            xkey = k1;
            values = c1[k1];
            out.push(' ')
            if ((v = xkey) != null) out.push(v)
            out.push('="')
            if ((v = validTypes[typeof values] || ts.call(values) === "[object Date]" ? values : "") != null) out.push(v)
            out.push('"')
        }
        parent = p0;
        values = r1;
        xcount = n0;
        xindex = i0 + 1;
        xkey = k0;
        out.push(' style="')
        if ((v = values['arrowElStyle']) != null) out.push(v)
        out.push('">')
        if ((v = values['arrowElText']) != null) out.push(v)
        out.push('</span>')
    }

}
#20 JavaScript::Eval (size: 71) - SHA256: e8acb3cd4ebdf9a0ebded2a843dd2561320dd244c93514daf07b95c225f38e8e
try {
    eval("uniSyncObj.xEncode(0x0B0A7315);")
} catch (e) {
    alert(e.message)
};
#21 JavaScript::Eval (size: 50) - SHA256: fba72aa4d1d991e33c934c2202157bebdfdc62ef1bb8f17ac89d2e05cf0987c8
var batch = 30803,
    child, next, prev, byClassName;
#22 JavaScript::Eval (size: 373) - SHA256: 6583265e27ec57e59ad0e4039119c60ec459d2b2edb4133b693f0ef95f49ba7d
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    if (values['hasTabGuard']) {
        this.renderTabGuard(out, values, 'before');
    }
    this.renderContainer(out, values)
    if (values['hasTabGuard']) {
        this.renderTabGuard(out, values, 'after');
    }

}
#23 JavaScript::Eval (size: 36) - SHA256: 996f2efe40000d57a1ecf71d5a998c4d17f416495207906842a45beb81a9c183
UniLoginForm1.uname = "UniLoginForm1";
#24 JavaScript::Eval (size: 216) - SHA256: bb3daa9779d3adaee4b92e53c2c4f40c8fe03bed679b9e9b8b6c1e7548e84497
var fm = Ext.util.Format,
    ts = Object.prototype.toString;
$ = function(out, values, parent, xindex, xcount, xkey) {
    var c0 = values,
        a0 = Array.isArray(c0),
        p0 = parent,
        n0 = xcount,
        i0 = xindex,
        k0, v;
    this.renderContent(out, values)

}

Executed Writes (0)


HTTP Transactions (50)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "51148FED95CC00D60DC3640350F135B1B2763FF0E3CFBFFC40F0948317894BE9"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4634
Expires: Fri, 09 Dec 2022 13:20:29 GMT
Date: Fri, 09 Dec 2022 12:03:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7E210F03B140418085E94EC20C1D27D6ECF7A404CBD323E16476AE5AE95D6DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13208
Expires: Fri, 09 Dec 2022 15:43:23 GMT
Date: Fri, 09 Dec 2022 12:03:15 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "4819229FD8F502A0C68C80BD7409E104C1B4D1A98CA8A6CD9DEBA629B1511AEA"
Last-Modified: Thu, 08 Dec 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14447
Expires: Fri, 09 Dec 2022 16:04:02 GMT
Date: Fri, 09 Dec 2022 12:03:15 GMT
Connection: keep-alive

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Backoff, Content-Length, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 09 Dec 2022 11:08:18 GMT
age: 3297
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: XkDPtktwuY3pxSUUSl0zH/rbgyA0R6R2bN8XRbLSeBEZwiDsA3C8MnwT+rHNw7tpuRlFsARbJCKYVgKCFErp8Q==
x-amz-request-id: EGCEKRQCW8K1BRZM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 09 Dec 2022 11:50:14 GMT
age: 781
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    53341dea33f4f3d9b4966f80589f429a
Sha1:   20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
Sha256: 651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Fri, 09 Dec 2022 12:03:15 GMT
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         35.241.9.150
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Alert, Cache-Control, Backoff, Content-Length, Content-Type, Last-Modified, ETag, Expires, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 09 Dec 2022 11:07:55 GMT
age: 3320
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 44
Cache-Control: max-age=162264
Date: Fri, 09 Dec 2022 12:03:15 GMT
Etag: "6392faaf-1d7"
Expires: Sun, 11 Dec 2022 09:07:39 GMT
Last-Modified: Fri, 09 Dec 2022 09:06:55 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         101.132.152.76
HTTP/1.1 200 HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3719
Cache-control: max-age=0, no-cache, no-store, must-revalidate, proxy-revalidate
Date: Fri, 09 Dec 2022 12:03:15 GMT
Expires: Thu, 09 Dec 2021 12:03:15 GMT
Pragma: no-cache
session_id: 9_U9w8Oe7F4Y10BA75768
Last-Modified: Fri, 09 Dec 2022 12:03:15 GMT
Server: ??????


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5112), with CRLF line terminators
Size:   3719
Md5:    e0c196cdfff154623c271dda3ad6620e
Sha1:   a6c8ef15438e6a34a8c552cdf4cd195b8589abc0
Sha256: 8f79bf64cb8945a9264190d988b49a24a792b981c91e0ad2e91c4497751aa3d9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 0pMgwZdly60aBzFApb/pCQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.89.136.7
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WJanBszxCSipgDhz4sWEvTHcRIE=

                                        
                                            GET /uni-1.90.0.1514/css/uni-ext.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 811
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Mon, 10 Jun 2019 05:02:02 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   811
Md5:    299c280788190d298a9ab58c5723fbb0
Sha1:   68ebf8e3560011fc64a071d1bd57126d66202e98
Sha256: 4ac99592e4089374563dc1f494680ce6b83ef722783f739c03881d86a947d223

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/ext-unicommon-min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 7521
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Wed, 20 Nov 2019 02:14:20 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (20090)
Size:   7521
Md5:    5762d54c26515e8af9c58a22cf4588ea
Sha1:   03eb7801b79a009a07ee84b84d6f8f3131bbb7a8
Sha256: f45d8e0294b776b8ed028ea936bac54d527ec977a5d09e0cf66ef327f70d58d5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/ext-sync-min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 5508
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Wed, 20 Nov 2019 02:14:18 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  HTML document, ASCII text, with very long lines (14181)
Size:   5508
Md5:    5afe059cc8c07eae3d3710a499061007
Sha1:   1d8b856293606e641d27557942c5c86857c93d5d
Sha256: fdd20133625f21559bacf0b578672c8fed80f7d0b6d546fa4432c23702a8811d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 61
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text
Size:   61
Md5:    6eb0d9869565f47792f1ece17ef6a8f5
Sha1:   b31a2f688c3c88e0f8cb0530514d104e95da708f
Sha256: def3cbc31e33a29226fc35665783058d41d5015d22b6b96feed06aa3d75db3b5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/classic/theme-classic/theme-classic.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 316
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (871), with no line terminators
Size:   316
Md5:    0702e01054ed1f3f185e655006a6c7b4
Sha1:   eb6d3e3d8ebe770c3fb95d860a91c0a242d3e806
Sha256: 26d9145b431eaaaaf0961c9795afa6d285a257d36af3e18df9de2f11fab8cbf1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/packages/font-awesome/resources/font-awesome-all.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 6828
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:58 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (38036), with no line terminators
Size:   6828
Md5:    84721d2d3bf467a3a2728f7dcf692b9e
Sha1:   0fe4db6f070cf09dd0d54b907725d4b98dafd10d
Sha256: 4bbd5299ea94106fed170b4230ff21589d490185f114f1d3947ab0f8a31d2ded

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/jQuery/MaskedInput/jquery.inputmask.min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 12261
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Wed, 08 Apr 2015 16:05:54 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (20986)
Size:   12261
Md5:    3e8c9cade2af700d97e16abbb8d0d4a9
Sha1:   eaf1d132557c2298ee67c9aba6d6a03f962cfc7c
Sha256: 8fcd7c3059e816422814158cb93cd4aaea294fb3cd2a1b146d24cae778f1f87b

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/jQuery/jquery-1.11.2.min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 33262
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 14 Apr 2015 09:46:12 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (32047)
Size:   33262
Md5:    e07cb9af3202ee78cef3808af2acf764
Sha1:   12f69b5ca95d21a4449137f8436b99b147403c3c
Sha256: 5a32e163f25061539ce62ea06ab91a780743a34988b65c4103f7960991b448be

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17559
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 12:03:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17559
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 12:03:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17559
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 12:03:17 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         95.101.11.115
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "CACC53ED285E96DCD5BA7609823922A253BC0623999B8716F430632D2C0E7DAC"
Last-Modified: Wed, 07 Dec 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17559
Expires: Fri, 09 Dec 2022 16:55:56 GMT
Date: Fri, 09 Dec 2022 12:03:17 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9f25ad59-b8ed-49ea-9611-21f63c20c8fb.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7960
x-amzn-requestid: beadd240-39d0-407d-a890-6a095657cac3
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEd8HC0oAMFUag=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb459-44d4f63c62f58684782ef14a;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: yL-FrFYh-3PuCZCpCHYg--ebTS7wMmMQ7IE2mgimDVsKWFEtKC2gVQ==
via: 1.1 74aa91fe819001bcedd882694f52b436.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 06:08:38 GMT
age: 21279
etag: "cfb1e5bcab2148a777889680e6e36b9d7e8917ec"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7960
Md5:    eb00a2a503a690cee3e4dd729b5bc9bd
Sha1:   cfb1e5bcab2148a777889680e6e36b9d7e8917ec
Sha256: 7e4583ae78ab597639f53669ac2d67d1ebd26be3278c2fc3fc95af934178c116
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29d00d08-ec53-4c7b-a2ef-5901b64cdefd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7557
x-amzn-requestid: 09204b5e-8af5-4d4b-8186-628443866e0f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctlz5EISoAMFdWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638ee9b2-357cd4f921c592e1319098dd;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 07:05:22 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 3KZwQ5HqXa_-tUyDHA5m-65OprogFpFgbbKpEJ65k-Yy3lwoCg8M5w==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:15 GMT
age: 17402
etag: "cde4c7fa0145d3645af17e34c83c63c08f76a076"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7557
Md5:    5de5d319f43d9c9c641419d96655541f
Sha1:   cde4c7fa0145d3645af17e34c83c63c08f76a076
Sha256: fdb114eb142f035c7a54195d16af51b5b423642c312f4bccc0f407d8fcc245aa
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe602fad-66c2-48db-acd3-371ca6dcb8f6.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7897
x-amzn-requestid: 032fd8ae-b7e9-4e12-8546-838191a73688
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cwVM_F51IAMFunw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63900252-345ae6cd107d207f5dbe29a8;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 03:02:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: oV7bB5Tek01MFi9x2tr_Wix13-UGlQPIt042XM0ALNUvVFYnu5DRcg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 03:38:26 GMT
age: 30291
etag: "7558222788f06623ddae6e883413e38e1146281e"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7897
Md5:    8c3214044657f3b876d1f1848bca5684
Sha1:   7558222788f06623ddae6e883413e38e1146281e
Sha256: e1f9c9c445bba7765f371dbb655cab43c1e12de7cbd015f8034c494118f7f708
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6a20bda5-6ca4-42c4-8729-6e975652e66a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6578
x-amzn-requestid: 6392feb9-e33e-42fa-bc10-b5e31e654c9b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cw4beGG7oAMF8hA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63903aaf-2c890b7b0a16617346a0f7e7;Sampled=0
x-amzn-remapped-date: Wed, 07 Dec 2022 07:03:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: nXaZ1pazAGWMI9GFYZjGlvVVIb8wX6feD0O8VpzjsL8F8l3mFmydAw==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 07:13:59 GMT
age: 17358
etag: "5c8ffe91490006a9890188b53f875568c2b6bd8f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6578
Md5:    8546542f00ea29ef4df6ab8d3c7c2164
Sha1:   5c8ffe91490006a9890188b53f875568c2b6bd8f
Sha256: 7fb11750ac339ac283da62fd370862c6b95a103a585ca5dd8c90038718d818a1
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2654f7a6-bd8b-4c13-9c46-9b7582ba979a.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5169
x-amzn-requestid: 277a1b04-4e19-4313-8aac-5f9ab9076305
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ctEdkFGrIAMFvHg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638eb456-5b21edd57297665012d536cc;Sampled=0
x-amzn-remapped-date: Tue, 06 Dec 2022 03:17:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: swNGUcNy2i0w9UGe-EJhwslE01TzTC3rrDhLhVVxHyhWMGSC1uq0mA==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 09 Dec 2022 04:46:15 GMT
age: 26222
etag: "ebb97e5b97f394e8c67098f55581d5329ce819a2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5169
Md5:    06514ce96ae21cb01f526a5febdcbeb4
Sha1:   ebb97e5b97f394e8c67098f55581d5329ce819a2
Sha256: 4099a2fb6ddc4feaa30f357a180d64aeb7c9fc73f115fc762d5fe5c221d2e89e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d2c55a-1a85-4fbf-b256-9d812a2b5ec2.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5188
x-amzn-requestid: afb8cbd2-3674-4dac-9cd9-9ff83618ac0a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ck2-5G9joAMFlPA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638b6b92-2979ff216b9028aa70baef8b;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 15:30:26 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dGxzuQ6zj6wXQbkBuKBnOKxwKJDHUyGoi7PgcugcpdX4QYruNiFxsQ==
via: 1.1 8ae6af4d17aae7471e5fe2792eb6abcc.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 08 Dec 2022 21:51:24 GMT
age: 51113
etag: "8fbff7725c842d70e047c635a725723a9dc9c55a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5188
Md5:    fba9a3854df65740512f96efe7442e58
Sha1:   8fbff7725c842d70e047c635a725723a9dc9c55a
Sha256: 6e639298ebc82343cee9267d2910d15735af55f910e2c3de9218266b7c6fffc9
                                        
                                            GET /uni-1.90.0.1514/jQuery/autoNumeric/autoNumeric-1.9.35.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 14321
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Thu, 16 Apr 2015 05:41:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  Unicode text, UTF-8 text
Size:   14321
Md5:    5efd654024bd52337e8d53ec92895cfd
Sha1:   c302f63044f8cd9ef272e970caa6e40560865111
Sha256: 6204cd3eb3f951018444323b0aa4ca37e217055a9ab23a8a25646924156e1cfd

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/ext-treenode-plugin.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1523
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Wed, 28 Mar 2018 13:15:44 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   1523
Md5:    2053312bc72017e7a5aacf4ee6edcc67
Sha1:   7e98b447e37fa21f438f2cac40e55d804b5c17b1
Sha256: 6f7ab8778f8295fec756a950119c74e38bd480ffda53c1dec9b5bf475c9c64c1

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/packages/font-pictos/resources/font-pictos-all.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 925
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:58 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (4975), with no line terminators
Size:   925
Md5:    d9518729d43f8a57cfc0b8cb29d85c7b
Sha1:   67ef03330c0a06864839eb5fd8996c7d680cc4f1
Sha256: 44aff8373aeecc1c50f9af4b71c145583d0b87128531b70b9393ecd5e1681d85

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all_1.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all.css

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 35711
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   35711
Md5:    5560d451a5a701df83d0143deb81b784
Sha1:   e7826b268ad553ae9760858dc672fdd3cc34d818
Sha256: 8e27efacc900ad13f1d62588f0a355a29f1f99c43a440c0469d485a2ce4009ef

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/packages/ux/classic/ux.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 48640
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:58 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size:   48640
Md5:    cd21ec57e3dcaa18f3842ac16de3d07f
Sha1:   25281c149429e92ff32740e8e1b05686fd16aa2d
Sha256: 229501f041338f10411c3058015656f4b4ce41c4244d69ae52c79ba863f65c1e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/ext-unigui-min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 16601
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Wed, 20 Nov 2019 02:14:18 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (53202)
Size:   16601
Md5:    1902306a3fb767baad8d5f20de8ffb47
Sha1:   fbd88064933552fccb7e2d72c6d522b136e6b7f3
Sha256: 981170337e4885364118bdb877250ebcd16595b2ababff95322d825caa181504

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/css/uni-xtheme-common.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 450
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Fri, 25 May 2018 14:26:38 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   450
Md5:    1ceaf91d4c38b2ef51f7875178bb1ded
Sha1:   6c10f24f23c857ae6eb4c197d068bd89daa9182c
Sha256: 18e7dd3a97cd01aa7e7c36a807a16e559fd52257cf3d915b787c329622dfde7d

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/css/uni-xtheme-classic.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 392
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Fri, 25 May 2018 14:26:38 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with CRLF line terminators
Size:   392
Md5:    cb040490d34b6de8124ac1cf7e35e5a4
Sha1:   1a862ffd9f4772553f8ef36267c367fbc5cdedca
Sha256: fe117d268bf76fda157b80c103147380aa9023954cdbfd835ac565c2d114e675

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all_2.css HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all.css

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 2932
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (18785), with no line terminators
Size:   2932
Md5:    cfd59b05b6d6835e714792d98f9e94af
Sha1:   881ad903a4bc7df6a9fdec3164359b2c531a50fa
Sha256: 0a65a3a8a3b4a9cea100697d12ff1c394f440855203bad4aa897add9ca5d7d2f

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/ext-all.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 682998
Date: Fri, 09 Dec 2022 12:03:16 GMT
Expires: Sun, 08 Jan 2023 12:03:16 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:44 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (64854)
Size:   682998
Md5:    78974464104b24cd1c504d3728225866
Sha1:   3b580ef70f3f2dbeed5147b1966361d8394f675e
Sha256: c5fa92523aa89d37eeed2ee16cc4af7240d23c8bbb58177e479df542ce880352

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /GY_files/GY_Platform.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 283
Date: Fri, 09 Dec 2022 12:03:17 GMT
Expires: Sun, 08 Jan 2023 12:03:17 GMT
Last-Modified: Thu, 21 Apr 2022 01:38:52 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with CRLF line terminators
Size:   283
Md5:    5552730319b24431a5f65ef58db05067
Sha1:   0c1dd6639cbf91c5fb4d94d38d39fc67f0624a1f
Sha256: d8bca4d423d82a2e839f156983e9ff22b9095820f7a17d03027f1a362421b6d9

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/unicanvas-min.js HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: text/javascript; charset=utf-8
                                        
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 1990
Date: Fri, 09 Dec 2022 12:03:18 GMT
Expires: Sun, 08 Jan 2023 12:03:18 GMT
Last-Modified: Wed, 20 Nov 2019 02:14:20 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  ASCII text, with very long lines (5298)
Size:   1990
Md5:    01d5125cd190fc08f2f8e5edd2900cad
Sha1:   08a5f772321388a35166f244575630662d072803
Sha256: 32b46e8753fdde1d22837f7bcdca11105b522b1f16444e9c0ad500a6064061c5

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /uni-1.90.0.1514/images/loading.gif HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/uni-1.90.0.1514/css/uni-ext.css

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/gif; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 1619
Date: Fri, 09 Dec 2022 12:03:18 GMT
Expires: Sun, 08 Jan 2023 12:03:18 GMT
Last-Modified: Fri, 13 Mar 2015 17:34:12 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  GIF image data, version 89a, 32 x 32\012- data
Size:   1619
Md5:    743a4c306da72d0e08f5d17b07cd3549
Sha1:   e5255c4e1b4d60d376cd84a2d0e89d1150a7f005
Sha256: e84da71738ac5e261d2110a3559cae04931f1e697ce6c0d8e43ad74fe026f354

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /HandleEvent HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 96
Origin: http://101.132.152.76
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 0
Date: Fri, 09 Dec 2022 12:03:18 GMT
Server: ??????


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /HandleEvent HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 130
Origin: http://101.132.152.76
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 71
Date: Fri, 09 Dec 2022 12:03:18 GMT
Server: ??????


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   71
Md5:    17f40732dd707ef6500823a680a41f0b
Sha1:   24d2af61d7df4bbf35f12d9711296e58676f7607
Sha256: e8acb3cd4ebdf9a0ebded2a843dd2561320dd244c93514daf07b95c225f38e8e

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cache/%E8%90%A5%E9%94%80%E6%9C%8D%E5%8A%A1%E5%B9%B3%E5%8F%B0_exe/n9/res/__70C9B0EB35A9F6E8A673A952.png HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/x-png; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 1406
Date: Fri, 09 Dec 2022 12:03:18 GMT
Expires: Sun, 08 Jan 2023 12:03:18 GMT
Last-Modified: Mon, 10 Oct 2022 00:11:43 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  PNG image data, 36 x 36, 8-bit colormap, non-interlaced\012- data
Size:   1406
Md5:    6b05ffd78d0785ff0ca25970e6ffea78
Sha1:   8cec4cd08c2200956447cd95e433dc38e166e4db
Sha256: 0b82407f2544c50adf3658b8fd0e650abb6e1f8776f99ebad29e23c62aa039c8

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cache/%E8%90%A5%E9%94%80%E6%9C%8D%E5%8A%A1%E5%B9%B3%E5%8F%B0_exe/n9/res/__CEC6BCCCDEB8733FAD3E9772.jpg HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/jpeg; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 100662
Date: Fri, 09 Dec 2022 12:03:18 GMT
Expires: Sun, 08 Jan 2023 12:03:18 GMT
Last-Modified: Mon, 10 Oct 2022 00:11:43 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 15x15, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=12, height=3616, bps=0, PhotometricIntepretation=RGB, orientation=upper-left, width=8062], baseline, precision 8, 576x259, components 3\012- data
Size:   100662
Md5:    b264431fb49cdfc410c775b9318b6eb9
Sha1:   8bcf044f8c55d6ba34e0afb6026bb8a987d6184a
Sha256: f2bdac0e62d09e128a835a3ae19466d61926a75c3f49840f3681a2e897a9b3a4

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /HandleEvent HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 88
Origin: http://101.132.152.76
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 52
Date: Fri, 09 Dec 2022 12:03:18 GMT
Server: ??????


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   52
Md5:    fdb4a69838fc314f469e76eaa2939702
Sha1:   6c23f9901b5d0fec6a561d46434bd0ee4ec0949a
Sha256: f67312a0339236adf5c0b18224832f91647c556412a7c2eb6602da620f43fd20

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /ext-6.7.0/build/classic/theme-classic/resources/images/form/text-bg.gif HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/ext-6.7.0/build/classic/theme-classic/resources/theme-classic-all_1.css

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/gif; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 819
Date: Fri, 09 Dec 2022 12:03:18 GMT
Expires: Sun, 08 Jan 2023 12:03:18 GMT
Last-Modified: Tue, 26 Feb 2019 16:43:56 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 18\012- data
Size:   819
Md5:    d5ba54c1f417e6a72cbce8b909078727
Sha1:   14ce153d393b3c489f8a4e6b9a9383e7d8f4c911
Sha256: 7e188ce20ec98dc68e6325bddb607f097fee0429824e472bd087cd46d2fe0c69

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            POST /HandleEvent HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 99
Origin: http://101.132.152.76
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 HTTP/1.1 200 OK
Content-Type: text/html; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 0
Date: Fri, 09 Dec 2022 12:03:19 GMT
Server: ??????


--- Additional Info ---
Magic:  
Size:   0
Md5:    d41d8cd98f00b204e9800998ecf8427e
Sha1:   da39a3ee5e6b4b0d3255bfef95601890afd80709
Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cache/%E8%90%A5%E9%94%80%E6%9C%8D%E5%8A%A1%E5%B9%B3%E5%8F%B0_exe/n9/9_U9w8Oe7F4Y10BA75768/favicon.ico HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/x-icon; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 67646
Date: Fri, 09 Dec 2022 12:03:19 GMT
Expires: Sun, 08 Jan 2023 12:03:19 GMT
Last-Modified: Fri, 09 Dec 2022 12:03:15 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  MS Windows icon resource - 1 icon, -128x-128, 32 bits/pixel\012- data
Size:   67646
Md5:    cdacf224b762d44aa85ae35cfd5445f2
Sha1:   005d7869544db44d7b9f8bb03db973f5f5ee231d
Sha256: d29f2340b0c9ba943b481beb31971f357f4ce51a77f26207f5d942c5b2f044d7

Alerts:
  Blocklists:
    - quad9: Sinkholed
                                        
                                            GET /cache/%E8%90%A5%E9%94%80%E6%9C%8D%E5%8A%A1%E5%B9%B3%E5%8F%B0_exe/n9/res/__13F2C3A40EEAEFC722DDB1A2.png HTTP/1.1 
Host: 101.132.152.76
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://101.132.152.76/

search
                                         101.132.152.76
HTTP/1.1 200 OK
Content-Type: image/x-png; charset=utf-8
                                        
Connection: keep-alive
Content-Length: 656
Date: Fri, 09 Dec 2022 12:03:19 GMT
Expires: Sun, 08 Jan 2023 12:03:19 GMT
Last-Modified: Mon, 10 Oct 2022 00:11:43 GMT
Server: uniGUI HyperServer - 1.90.0.1514


--- Additional Info ---
Magic:  PNG image data, 36 x 37, 4-bit colormap, non-interlaced\012- data
Size:   656
Md5:    ee4f8c7a01fb916e708dbfc495f53dad
Sha1:   2bc7b575df7b6956aa112fc8b47d6c83b0ef9062
Sha256: 6b2faad597a44ab1074e2c453fe9d62a1bd702ecafb106ef7d83cc7deb92955d

Alerts:
  Blocklists:
    - quad9: Sinkholed