Report - iihttanzania.com/tech-spec-2-3.html

Report Overview

Submitted URL
iihttanzania.com/tech-spec-2-3.html
IP
172.252.4.201
ASN
#18779 EGIHOSTING
Submitted
2023-02-03 12:50:19
Access
Website Title
Final URL
Tags
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
124

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-13T05:09:16Z	3.2 kB	58 kB	34.120.237.76
api.share.baidu.com	44629	2013-04-25T16:45:11Z	2023-03-13T05:37:01Z	346 B	114 B	182.61.201.93
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-13T05:09:07Z	2.0 kB	5.3 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-13T05:09:35Z	413 B	5.8 kB	34.160.144.191
ocsp.trust-provider.cn	unknown	2022-02-10T09:18:30Z	2023-03-13T07:40:56Z	692 B	3.0 kB	47.246.44.205
www.bill2021.com	unknown	2021-03-06T07:37:32Z	2023-03-13T08:20:48Z	7.1 kB	3.4 MB	154.208.77.212
push.zhanzhang.baidu.com	57139	2015-07-22T07:44:02Z	2023-03-13T05:37:01Z	286 B	750 B	182.61.201.94
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-13T05:09:10Z	782 B	2.4 kB	35.241.9.150
www.iihttanzania.com	unknown	2022-07-16T17:25:46Z	2023-03-09T17:22:32Z	582 B	2.5 kB	172.252.4.201
www.gdklc.com	unknown	2014-12-01T07:05:51Z	2023-03-09T17:22:34Z	5.5 kB	861 kB	182.92.96.218
hm.baidu.com	8254	2012-05-26T10:38:45Z	2023-03-13T05:32:36Z	2.1 kB	24 kB	103.235.46.191
iihttanzania.com	unknown	2019-05-09T16:51:58Z	2023-03-11T16:50:34Z	15 kB	144 kB	172.252.4.201
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-13T05:09:13Z	333 B	391 B	34.117.237.239
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-13T05:09:14Z	606 B	127 B	35.86.38.2
www.bill8888.com	unknown	2021-03-06T07:03:08Z	2023-03-13T08:20:45Z	360 B	2.0 kB	154.212.112.82
ocsp.globalsign.com	2075	2012-07-20T19:46:16Z	2023-03-13T05:09:19Z	718 B	3.8 kB	104.18.20.226

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	iihttanzania.com/tech-spec-2-3.html	Phishing
2023-02-03	medium	iihttanzania.com/jquery.20.min.js	Phishing
2023-02-03	medium	iihttanzania.com/js/hoverSlippery.js	Phishing
2023-02-03	medium	iihttanzania.com/js/jquery.min.js	Phishing
2023-02-03	medium	iihttanzania.com/js/jquery.headerNav.js	Phishing
2023-02-03	medium	iihttanzania.com/js/wow.js	Phishing
2023-02-03	medium	iihttanzania.com/js/swiper.jquery.min.js	Phishing
2023-02-03	medium	iihttanzania.com/js/owl.carousel.js	Phishing
2023-02-03	medium	iihttanzania.com/js/jquery.qrcode.min.js	Phishing
2023-02-03	medium	www.iihttanzania.com/jquery.20.min.js	Phishing
2023-02-03	medium	iihttanzania.com/jquery.la.min.js	Phishing
2023-02-03	medium	iihttanzania.com/js/common.js	Phishing
2023-02-03	medium	www.iihttanzania.com/jquery.la.min.js	Phishing
2023-02-03	medium	iihttanzania.com/fonts/st-arrow.ttf	Phishing
2023-02-03	medium	iihttanzania.com/images/shortcut-icon.ico	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed
2023-02-03	medium	iihttanzania.com	Sinkholed

ThreatFox

No alerts detected

JavaScript (22)

	URL	Size	First Seen	Last Seen
	www.bill8888.com/bb/pp.js	6.2 kB	2023-03-09	2023-03-26
Pretty URL www.bill8888.com/bb/pp.js IP 154.212.112.82 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 06:06:03 Last Seen2023-03-26 05:44:13 Times Seen7 Hash f01b4954be256491e50c429e16a3678a 79357c69ecaf39f082e4d0aeb1bfbc494e3ee02e 7833d2c2125fb924b6ca343410658ff03c6fb6986dba0a782ef7773a32971d17 Loading...

	iihttanzania.com/js/jquery.headerNav.js	4.4 kB	2023-03-13	2023-03-26
Pretty URL iihttanzania.com/js/jquery.headerNav.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:40 Last Seen2023-03-26 00:57:29 Times Seen4 Hash d34b637767b81aaac6c8c27b5fec52cd bb6c0ac4e9695cd98b8a7bc392e145d9edebf767 079c69b1723c43a4d3828365ae21c508f0da921425c571c21d36afdbdf70c772 Loading...

	iihttanzania.com/tech-spec-2-3.html	3.6 kB	2023-03-13	2023-03-26
Pretty URL iihttanzania.com/tech-spec-2-3.html IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:40 Last Seen2023-03-26 00:57:29 Times Seen2 Hash 47cf8a87885c3e67254c0dbca47f1a1b 9bdbe184d24caea1066a6a014cb87f81b737f6e1 f0d79315ed1c3dcebe81987265c45ea61f6fada4b6bc4ed3445578721ab75371 Loading...

	www.bill2021.com/dan/indexty.html	290 B	2023-03-08	2023-04-01
Pretty URL www.bill2021.com/dan/indexty.html IP 154.208.77.212 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 01:15:01 Last Seen2023-04-01 11:22:43 Times Seen14 Hash df98945709ae88713fbb5ca94b7aefc8 c4bb66c02ffd36624d2a56105fb30cd8b97eb611 fa26c07c58a4f478a587a06cde2c2b3edb0f94ad3b4428088b4db185956c64dd Loading...

	hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40 IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:49:11 Last Seen2023-03-13 15:49:11 Times Seen1 Hash a56e8019b2f2606ca53e3d2ae70142ab 8a1b2bc39591c7ef9719e1be84cefba80b403c9b e2b8f2cdc41b29b50383904ec6b50ba9af5686c4fe649039cd4d19d4c2cf41e3 Loading...

	iihttanzania.com/js/jquery.min.js	96 kB	2023-03-07	2024-04-25
Pretty URL iihttanzania.com/js/jquery.min.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:10:31 Last Seen2024-04-25 05:59:54 Times Seen706 Hash 87e69028f78d75ca225b3dc54d233239 b33ee3b42b988eef9d4d62495b6e54e23dd642fd d4ec583c7604001f87233d1fe0076cbd909f15a5f8c6b4c3f5dd81b462d79d32 Loading...

	iihttanzania.com/js/jquery.qrcode.min.js	14 kB	2023-03-07	2024-04-23
Pretty URL iihttanzania.com/js/jquery.qrcode.min.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:08 Last Seen2024-04-23 04:27:01 Times Seen1729 Hash 05f0b1d7d4b9b0b4975870606d650e3c f424bd339870510d1160d1c5da5d698aedbb452e f4ccf02b69092819ac24575c717a080c3b6c6d6161f1b8d82bf0bb523075032d Loading...

	iihttanzania.com/tech-spec-2-3.html	404 B	2023-03-07	2024-04-18
Pretty URL iihttanzania.com/tech-spec-2-3.html IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-18 08:01:19 Times Seen2975 Hash 91862680df880ab56f799547b01a5900 bd184fe6e0e046873c1a606c89ce2d3eed4b689f 6520359b93c2e43efd5a58f422af308b43c718769a0989344a10f00b345ca0b2 Loading...

	www.bill2021.com/dan/js/zhongguomeng.js	921 B	2023-03-13	2023-03-13
Pretty URL www.bill2021.com/dan/js/zhongguomeng.js IP 154.208.77.212 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:49:11 Last Seen2023-03-13 18:08:01 Times Seen1 Hash b8e6872c8ed9db8e31d013f84e785870 fd9df2dae33af539c35317c2786c2bb1d76a94e2 d094409f7d7731c5c7396c4c42445c426ae6de3b210a11b58649691a812bc945 Loading...

	iihttanzania.com/js/hoverSlippery.js	4.0 kB	2023-03-13	2023-03-26
Pretty URL iihttanzania.com/js/hoverSlippery.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:40 Last Seen2023-03-26 00:57:29 Times Seen4 Hash aa949cc9db9069aedb0cecddd4fc9ef3 df9194422ec3286a4bb08679f76b607474b5357b 1a64eb4056caa8ae66a2e8ad401c0882a28862f8fc1371c638060d09436dd10c Loading...

	iihttanzania.com/jquery.la.min.js	518 B	2023-03-08	2023-03-26
Pretty URL iihttanzania.com/jquery.la.min.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:37 Last Seen2023-03-26 00:57:29 Times Seen4 Hash 99fb8d1e5710d0a40837609dc26373e2 11c7a79d2ad6cfa45757c951640d359eb13412a2 142f3e945a91286b7fa72b2976d654c75e0331d69f1d880d896f855d3c30cddc Loading...

	push.zhanzhang.baidu.com/push.js	281 B	2023-03-07	2024-04-25
Pretty URL push.zhanzhang.baidu.com/push.js IP 182.61.201.94 ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:09 Last Seen2024-04-25 07:54:35 Times Seen18993 Hash 1bb5a3267c9865ad4abe8d937734b62b b5478dd2edb3e64242eced1db2dbd945ef81f592 674bc0c70f98d627b8a7e1d278a1f21ffe33815565f7d5371bf0275da57571b2 Loading...

	iihttanzania.com/js/wow.js	14 kB	2023-03-07	2024-01-05
Pretty URL iihttanzania.com/js/wow.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:22 Last Seen2024-01-05 08:28:28 Times Seen33 Hash 79717a04aa8c96eba465c90e898d288a e7ad67fb7ba0758f63965ab3bf2a7d8246d1a0b5 7a2a0b9a2a5c581ba0d66c9aa26e4b293a2465d29a4caedea1408273554f1877 Loading...

	iihttanzania.com/js/swiper.jquery.min.js	87 kB	2023-03-07	2023-11-22
Pretty URL iihttanzania.com/js/swiper.jquery.min.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:24:28 Last Seen2023-11-22 00:47:01 Times Seen31 Hash 67ec6a55cc19c1a0424f2231713233ab 0622046ad7faa37116e6abaf3ef29e36349f83d1 a9acd400db4f37dce9e1b0a138e549f43d8266c63fa62a5cd7e0258d47fe7c94 Loading...

	iihttanzania.com/js/common.js	5.3 kB	2023-03-13	2023-03-26
Pretty URL iihttanzania.com/js/common.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:40 Last Seen2023-03-26 00:57:29 Times Seen4 Hash d1a75a8ab29feebb2ebfd6a6dedc51b0 edb6f27a04d6d1ebbda7c59c4c749ed215785615 5abd67c19f3cce2ca1d27c912afd96437b228807a3fd7f6873ee267b34a51e2e Loading...

	iihttanzania.com/tech-spec-2-3.html	434 B	2023-03-13	2023-03-26
Pretty URL iihttanzania.com/tech-spec-2-3.html IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 11:22:40 Last Seen2023-03-26 00:57:29 Times Seen4 Hash 3febdbcdd564d9ed8a28c6fe63196e67 e7392bfc7e1f1902dc5abbae44cec8389826cc47 308f683c29df323080fd7a18151609904506a696115bfe092d063d3e45f0f097 Loading...

	iihttanzania.com/js/owl.carousel.js	78 kB	2023-03-09	2024-03-03
Pretty URL iihttanzania.com/js/owl.carousel.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-09 00:47:46 Last Seen2024-03-03 22:38:50 Times Seen29 Hash 7ec8ccb167ce26c98302c87e6462e7ec 4229cbbfde8dcceef4e6dbae8116e9c95e7f6e90 5143afd65e4d0359a4a95abb3fdd3b4fd6855c8b092df792f988065eac491906 Loading...

	iihttanzania.com/jquery.20.min.js	2.9 kB	2023-03-08	2024-04-14
Pretty URL iihttanzania.com/jquery.20.min.js IP 172.252.4.201 ASN #18779 EGIHOSTING Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 00:28:37 Last Seen2024-04-14 20:15:22 Times Seen204 Hash 9ea925bfc838253437d2bc500c294629 b778753280367de97bb061ca87c9031ccc290593 0e5fe1265a477850496550d0bc8e56466c9d9603e643e74ebaa40f1343bdd7bb Loading...

	www.bill2021.com/dan/indexty.html	251 B	2023-03-13	2023-04-01
Pretty URL www.bill2021.com/dan/indexty.html IP 154.208.77.212 ASN #134548 DXTL Tseung Kwan O Service Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 07:56:31 Last Seen2023-04-01 10:39:40 Times Seen7 Hash 7c2a2f744ff84b4f9df6a388066e5a89 7ce8aab570e54b18148154bbf429601cb4d4a82b a5bbc84b885e353dd18762a20225a91b1a6d865bde5a0c433b23aa10c05d5e17 Loading...

	hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b	30 kB	2023-03-13	2023-03-13
Pretty URL hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b IP 103.235.46.191 ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-13 15:49:11 Last Seen2023-03-13 15:49:11 Times Seen1 Hash a537f07d711b9733d3f42150912ecd15 74ae40abfff67775d9f82b49e6cb36f67bca812d 06e3ee15cc1f04acbd105bea83dc4f1407bd0fb3448c371623aec3466b552969 Loading...

		Size	First Seen	Last Seen
	#1 Write - ca8acb244ae58e550e811c1b233d36a8	118 B	2023-03-08	2024-04-14
Pretty Observations First Seen2023-03-08 00:28:37 Last Seen2024-04-14 20:15:22 Times Seen104 Hash ca8acb244ae58e550e811c1b233d36a8 efbe86d4bb5ae5bb1eccf1150b35c96224296173 061522ea3aab4134d23d638a4a01a40e2b1c3ebb621a77f3891fa0b8952a936e Loading...

	#2 Write - c8a1c60a17a59165ae1fde336f13042b	185 B	2023-03-07	2024-04-21
Pretty Observations First Seen2023-03-07 01:19:11 Last Seen2024-04-21 11:46:22 Times Seen1071 Hash c8a1c60a17a59165ae1fde336f13042b b03c5e90dcd61e05fd5416417edfc76b49b42875 f57ad520d4c886dd0d5c383359823ae450923fd3e35085ca618b89143e0f0086 Loading...

HTTP Transactions (108)

URL IP Response Size

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15808
Expires: Fri, 03 Feb 2023 17:13:35 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive

iihttanzania.com/tech-spec-2-3.html

172.252.4.201

200 OK

7.1 kB

URL HTTP/1.1
iihttanzania.com/tech-spec-2-3.html
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Size
7.1 kB (7102 bytes)
Hash
3e028d4ca4a17f456b247007a046fdce
c8257cd26565ec85ad86abc2c2224c16bb2e1eb4
9d28c3c37f394a10e811865575b53fcc4f13c3c54bd40e2ff49d699b4280f999

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /tech-spec-2-3.html HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 12:43:35 GMT
content-type: application/json
age: 392
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Fri, 03 Feb 2023 17:29:53 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: yWa2KZc0Jka52TJ8/ZHnFlAXSkV7g/BvJOQ8tDF7mfgC5NjPLG4YvaOx8B8KKLpgPk4dnpwAZng=
x-amz-request-id: NQYGTPPC5VPCH8V8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 11:52:24 GMT
age: 3463
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:50:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

iihttanzania.com/jquery.20.min.js

172.252.4.201

301 Moved Permanently

178 B

URL HTTP/1.1
iihttanzania.com/jquery.20.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /jquery.20.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.iihttanzania.com/jquery.20.min.js

iihttanzania.com/css/reset.css

172.252.4.201

200 OK

555 B

URL HTTP/1.1
iihttanzania.com/css/reset.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text
Size
555 B (555 bytes)
Hash
1e2fc1a5c5119671a56b592b9d5bec23
d14752f41c79afab258fe0b46f40efd9b5d04e65
f10a5f98a81c9cf5d1978086c3afccebfb77f4ddcafec6606628500c97329dd2

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/reset.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/rest.css

172.252.4.201

200 OK

235 B

URL HTTP/1.1
iihttanzania.com/css/rest.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
235 B (235 bytes)
Hash
2fe5ed222b9ae02ae5fc2eae9c4f3702
7dca3557a57010906d1b96dcb6a6cf02330ba2d5
16978d88ec0ffbbb0a559a4664dbfb9ad5e35b69d27b5d90fb4608b603651377

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/rest.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/owl.carousel.css

172.252.4.201

200 OK

1.3 kB

URL HTTP/1.1
iihttanzania.com/css/owl.carousel.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
1.3 kB (1303 bytes)
Hash
f749ae4ed93a0207f5a2286cbedf98a6
27809cc56ad080a64d9efc5fc4dd53390eaebc17
99742ccf0c1c5d03abe0cbda886693826e621232c060554bb5d165e6e90d78dd

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/owl.carousel.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/swiper.css

172.252.4.201

200 OK

3.8 kB

URL HTTP/1.1
iihttanzania.com/css/swiper.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (1468)
Size
3.8 kB (3783 bytes)
Hash
805d196d330c08ba82eac960095ed3e4
83cb05b02af025acc036cba97ddb5521a1dbc9a1
d75e2401ea1593ef592dd1da423e05ae6e3b9adbc3e029eab1d85563de78ce1b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/swiper.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/owl.theme.css

172.252.4.201

200 OK

610 B

URL HTTP/1.1
iihttanzania.com/css/owl.theme.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
610 B (610 bytes)
Hash
c840100a072ce4171bf866f43f6de7f0
8eaa47fec2a7a91cc78d6e03ba4ef14ca7fd4d74
8324e1f174e74ecf6447544e7bf225562ee2a5eae1f7738aa9026e12326c2688

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/owl.theme.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/common.css

172.252.4.201

200 OK

4.5 kB

URL HTTP/1.1
iihttanzania.com/css/common.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text
Size
4.5 kB (4485 bytes)
Hash
d463ee893fd26dd079647259406925e2
80e5aec5065ea221a97df019d503561c7b1b7656
3cd193bf0989310b2b442c9a6c5689cb0b7335e2b91ac11e68cf5ff8b477fd5d

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/common.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/animate.css

172.252.4.201

200 OK

5.5 kB

URL HTTP/1.1
iihttanzania.com/css/animate.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
5.5 kB (5536 bytes)
Hash
80c4b0f864622add53c429bd06d3deb5
ced68f2e95935c96d8f37cfcd72d4b019a3777bc
9796c77cc0a41cd8c093dfc178f705078039e09611d7b2d5aa8a2df14ebaa02b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/animate.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
35.241.9.150:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 12:49:06 GMT
age: 61
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

iihttanzania.com/css/inside-page.css

172.252.4.201

200 OK

1.7 kB

URL HTTP/1.1
iihttanzania.com/css/inside-page.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text
Size
1.7 kB (1721 bytes)
Hash
fea42ad20e5f222c44a015eee73b7d3d
5800d0e329127d6471666184889ed50befc2b1d6
7ebb816d3f69c1e729241fedb5e52ba99204f2c7913657598897e80ca6cc1b10

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/inside-page.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/css/tech-spec.css

172.252.4.201

200 OK

3.6 kB

URL HTTP/1.1
iihttanzania.com/css/tech-spec.css
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text
Size
3.6 kB (3590 bytes)
Hash
8b5299a2992f0c7335d40654d879bf62
ed29a8cac134b78d62b71c209adfccb18eec6268
206bb4756a3a658b1c53160b611a5ead1a66bf85a1bd0fe7ced4dceb4b8d368b

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /css/tech-spec.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/hoverSlippery.js

172.252.4.201

200 OK

1.1 kB

URL HTTP/1.1
iihttanzania.com/js/hoverSlippery.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
1.1 kB (1142 bytes)
Hash
ccc1a5b1c6cfb3041d0fe91d3c2987dc
640e4ba0a224d31c29dac651c692481ba8f62738
4c20086f8640646e72d6ef6f1811a5fdf7338f2d6ebada9f0b7f4cb27cd7edcc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/hoverSlippery.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Fri, 03 Feb 2023 13:38:17 GMT
Date: Fri, 03 Feb 2023 12:50:08 GMT
Connection: keep-alive

iihttanzania.com/js/jquery.min.js

172.252.4.201

200 OK

38 kB

URL HTTP/1.1
iihttanzania.com/js/jquery.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (32047)
Size
38 kB (37499 bytes)
Hash
a09e2a0726e2d9dcd29299dfe735dfcf
9ee2c7d297d637523fdea30806b14193c88f899f
193651164815ad7dba48e5388eca28f5808876297941ce67fc12d4633b0aadd7

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/jquery.headerNav.js

172.252.4.201

200 OK

1.1 kB

URL HTTP/1.1
iihttanzania.com/js/jquery.headerNav.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text
Size
1.1 kB (1065 bytes)
Hash
4aca9a348eeb28d9dfa151c660a07e86
7ba9b554e705355eac39f5d07f5a7224e1b0094b
e742c295dfd2735d68d800590c79c59befaaf593d09c94d02bd70a8e7b992ee3

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.headerNav.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/wow.js

172.252.4.201

200 OK

3.6 kB

URL HTTP/1.1
iihttanzania.com/js/wow.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
3.6 kB (3598 bytes)
Hash
862d9235a815ade22a5d01fd7b6760f0
564ed9b591b022a856dd99e2f30908a949d417e6
429794de778fa7863dc99d350449a319c22e28ac0545e90ea6230107847a9e94

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/wow.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/swiper.jquery.min.js

172.252.4.201

200 OK

25 kB

URL HTTP/1.1
iihttanzania.com/js/swiper.jquery.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (32046)
Size
25 kB (24838 bytes)
Hash
3281d87739620fbb048821775009abc3
4f0713546467b0e6f9eb7cfc35dd82bee395ff84
6df30edcbf74bdc89df52948fce19c3a5aa024a7bff77168dbbbf52615a2bbff

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/swiper.jquery.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/owl.carousel.js

172.252.4.201

200 OK

23 kB

URL HTTP/1.1
iihttanzania.com/js/owl.carousel.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text
Size
23 kB (22692 bytes)
Hash
65cc44a2cb33ea7f220bbcde5991e71b
3d719b502f910bea0629c5a2eb5d959776448d29
b7d0d52ca5bd84ecd432939086edcc73328d9b467baf5b2bcaa259e929ef62ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/owl.carousel.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/js/jquery.qrcode.min.js

172.252.4.201

200 OK

5.3 kB

URL HTTP/1.1
iihttanzania.com/js/jquery.qrcode.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (544)
Size
5.3 kB (5258 bytes)
Hash
23bdf2d83f4435aa205bdbd17b2cd666
360b606d818dd2d1e78f3fc7ac2c8a67c3a6f568
ca2264dfcc776fc6cdef06faed5ab7d376ea408981d9d065964428afd250e672

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/jquery.qrcode.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.iihttanzania.com/jquery.20.min.js

172.252.4.201

200 OK

1.3 kB

URL HTTP/1.1
www.iihttanzania.com/jquery.20.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with very long lines (2924), with no line terminators
Size
1.3 kB (1339 bytes)
Hash
1656f1ef69f3c4ff16c961a1ca62e2e9
93bb802ea0dbe77593d6e24c41131894b5e0a97c
24b3bbb338694a6d29f2b0701d98a510c9188ae9f4bff9070bee9b987f70ec21

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /jquery.20.min.js HTTP/1.1
Host: www.iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Apr 2021 06:11:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607d1f06-b6c"
Expires: Fri, 03 Feb 2023 13:50:08 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip

iihttanzania.com/jquery.la.min.js

172.252.4.201

301 Moved Permanently

178 B

URL HTTP/1.1
iihttanzania.com/jquery.la.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
178 B (178 bytes)
Hash
cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /jquery.la.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.iihttanzania.com/jquery.la.min.js

iihttanzania.com/js/common.js

172.252.4.201

200 OK

2.0 kB

URL HTTP/1.1
iihttanzania.com/js/common.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
Unicode text, UTF-8 text, with very long lines (339)
Size
2.0 kB (1985 bytes)
Hash
7965eab8eefd8e624ae9de011b7cd926
5223e947c7660255da610de3acf9cff05d2f4cd0
662d9d7f98934375c20e22de55e6ccb584ece3703910a283ff5db1abd96e1862

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /js/common.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075738_32509.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075737_12190.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg

iihttanzania.com/images/felo-img.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/felo-img.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/felo-img.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/felo-img.png

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075735_65785.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg

push.services.mozilla.com/

35.86.38.2

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.86.38.2:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XO7iLPhpV/0nsUwC87eYqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tyF2REWsTHDu7SuFh6Qy6wyu2Qo=

www.iihttanzania.com/jquery.la.min.js

172.252.4.201

200 OK

518 B

URL HTTP/1.1
www.iihttanzania.com/jquery.la.min.js
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
ASCII text, with CRLF line terminators
Size
518 B (518 bytes)
Hash
99fb8d1e5710d0a40837609dc26373e2
11c7a79d2ad6cfa45757c951640d359eb13412a2
142f3e945a91286b7fa72b2976d654c75e0331d69f1d880d896f855d3c30cddc

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /jquery.la.min.js HTTP/1.1
Host: www.iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript
Content-Length: 518
Last-Modified: Mon, 19 Apr 2021 06:11:18 GMT
Connection: keep-alive
ETag: "607d1f06-206"
Expires: Fri, 03 Feb 2023 13:50:08 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes

iihttanzania.com/images/advimg/1514339821598536217.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/advimg/1514339821598536217.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/advimg/1514339821598536217.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/1514339821598536217.png

iihttanzania.com/images/advimg/15143398211563325642.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/advimg/15143398211563325642.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/advimg/15143398211563325642.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/15143398211563325642.jpg

iihttanzania.com/images/online-ques.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/online-ques.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/online-ques.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/online-ques.png

iihttanzania.com/images/advimg/1606876958529880943.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/advimg/1606876958529880943.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/advimg/1606876958529880943.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/1606876958529880943.jpg

iihttanzania.com/images/header-logo.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/header-logo.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/header-logo.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/header-logo.png

iihttanzania.com/images/product/1533171831993168710.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/product/1533171831993168710.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/product/1533171831993168710.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/product/1533171831993168710.png

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075715_55007.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075714_11629.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075714_86537.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg

iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075734_63449.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg

iihttanzania.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /include/kindeditor/attached/image/20201130/20201130160016_16322.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg

ocsp.trust-provider.cn/

47.246.44.205

200 OK

600 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
600 B (600 bytes)
Hash
63bd94e9f844de5447eec3cc2682e4da
daf593846149d57579f5c8a5f92866ce995551f9
d0215ea0fbf9ed32079e57a0a964a0833248c652a6200ff507040878b727b56f

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 03 Feb 2023 12:50:00 GMT
last-modified: Thu, 02 Feb 2023 15:17:39 GMT
expires: Thu, 09 Feb 2023 15:17:38 GMT
etag: "daf593846149d57579f5c8a5f92866ce995551f9"
cache-control: max-age=588141,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793b4a327a70909d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675428600
via: cache5.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache8.se1[22,22,200-0,H], cache4.se1[24,0], cache4.se1[26,0]
age: 8
x-cache: HIT TCP_REFRESH_HIT dirn:11:427785543
x-swift-savetime: Fri, 03 Feb 2023 12:50:08 GMT
x-swift-cachetime: 1792
timing-allow-origin: *, *
eagleid: 2ff62c9816754286087832061e, 2ff62c9816754286087832061e

www.bill8888.com/bb/pp.js

154.212.112.82

200 OK

1.7 kB

URL HTTP/1.1
www.bill8888.com/bb/pp.js
IP
154.212.112.82:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Size
1.7 kB (1743 bytes)
Hash
8c340169f87cdb27f0ea54b95faaba2f
d8832f36396c065615bae93d66942efa108752f9
454765233c725bc01fb5db56df1e0abbf9137f75dac6475a0f96bd252e36708c

HTTP Headers

GET /bb/pp.js HTTP/1.1
Host: www.bill8888.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 07:51:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636615f2-1814"
Content-Encoding: gzip

iihttanzania.com/images/login-help4.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help4.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help4.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help4.png

iihttanzania.com/images/login-help3.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help3.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help3.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help3.png

iihttanzania.com/images/login-help2.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help2.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help2.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help2.png

iihttanzania.com/images/login-help1.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help1.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help1.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help1.png

iihttanzania.com/fonts/st-arrow.ttf

172.252.4.201

200 OK

3.6 kB

URL HTTP/1.1
iihttanzania.com/fonts/st-arrow.ttf
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
TrueType Font data, 17 tables, 1st "GSUB", name offset 0x82900001\012- data
Size
3.6 kB (3641 bytes)
Hash
a3571e9cff1a330c0c26a660fdbdbb4d
51f05f6c6cc1e9b21a2b07fdc63d25cf0b45502f
bac11eef58d950b41e46adfa07138100ab4d89357365240569c8e94a2a9243ed

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /fonts/st-arrow.ttf HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.gdklc.com/images/felo-img.png

182.92.96.218

200 OK

3.1 kB

URL HTTP/1.1
www.gdklc.com/images/felo-img.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 91 x 75, 8-bit/color RGBA, non-interlaced\012- data
Size
3.1 kB (3123 bytes)
Hash
9d0661ca609750c800ce4c4cf438fac5
27965ef0c68f0dd1896275690e8e7232b686dd3a
b01819dcaf213ba408fa64d57756083868627259f988956b104be6cb0a9fb915

HTTP Headers

GET /images/felo-img.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Tue, 28 Feb 2017 09:02:58 GMT
ETag: "2021b-c33-5499376573480"
Accept-Ranges: bytes
Content-Length: 3123
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 12:50:09 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 12:50:09 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg

34.120.237.76

200 OK

6.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.4 kB (6398 bytes)
Hash
4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 53546
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.2 kB (7159 bytes)
Hash
ae0083daa88e6b26c6525c51348d266c
676f55b22fdeee4f7737a48cb2b89d86aa371aae
89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7159
x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuwSKF61IAMF5qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:41 GMT
age: 54328
etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

5.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
5.6 kB (5641 bytes)
Hash
d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 53540
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10166 bytes)
Hash
2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 53415
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (11565 bytes)
Hash
e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 54128
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
11 kB (10796 bytes)
Hash
3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

iihttanzania.com/images/login-help4.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help4.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help4.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help4.png

iihttanzania.com/images/login-help3.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help3.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help3.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help3.png

iihttanzania.com/images/login-help2.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help2.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help2.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help2.png

iihttanzania.com/images/login-help1.png

172.252.4.201

302 Moved Temporarily

0 B

URL HTTP/1.1
iihttanzania.com/images/login-help1.png
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /images/login-help1.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css

HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help1.png

ocsp.trust-provider.cn/

47.246.44.205

200 OK

599 B

URL HTTP/1.1
ocsp.trust-provider.cn/
IP
47.246.44.205:0
ASN
#24429 Zhejiang Taobao Network Co.,Ltd

File type
data
Size
599 B (599 bytes)
Hash
441040c330abc7d34d79b7fff49c5a99
90fbadcb0b9374ad5a69620e143688b872acea61
54dbde7d78d41543550365e588d183a6d32b40f17adef360dc6c2f6eef24221c

HTTP Headers

POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 03 Feb 2023 12:36:30 GMT
last-modified: Wed, 01 Feb 2023 17:12:39 GMT
expires: Wed, 08 Feb 2023 17:12:38 GMT
etag: "90fbadcb0b9374ad5a69620e143688b872acea61"
cache-control: max-age=588904,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793b366b4ad99a33-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675427790
via: cache19.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache8.se1[22,22,200-0,H], cache4.se1[24,0], cache4.se1[25,0]
age: 819
x-cache: HIT TCP_REFRESH_HIT dirn:11:419983691
x-swift-savetime: Fri, 03 Feb 2023 12:50:09 GMT
x-swift-cachetime: 981
timing-allow-origin: *, *
eagleid: 2ff62c9816754286098283031e, 2ff62c9816754286098283031e

ocsp.globalsign.com/gsrsaovsslca2018

104.18.20.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.20.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
ec797e57c49c365bc22b41719745a44f
73137ece8b97483cbdc054df43ddb7089e561696
c032775a25dea1ea72009f20b4f954e71e6353a1999874e5acfae185ec026881

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:10:26 GMT
ETag: "73137ece8b97483cbdc054df43ddb7089e561696"
Last-Modified: Fri, 03 Feb 2023 09:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b4a6be98bfab4-OSL

ocsp.globalsign.com/gsrsaovsslca2018

104.18.21.226

200 OK

1.4 kB

URL HTTP/1.1
ocsp.globalsign.com/gsrsaovsslca2018
IP
104.18.21.226:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
1.4 kB (1432 bytes)
Hash
ec797e57c49c365bc22b41719745a44f
73137ece8b97483cbdc054df43ddb7089e561696
c032775a25dea1ea72009f20b4f954e71e6353a1999874e5acfae185ec026881

HTTP Headers

POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:10:26 GMT
ETag: "73137ece8b97483cbdc054df43ddb7089e561696"
Last-Modified: Fri, 03 Feb 2023 09:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b4a6bf8d10b55-OSL

www.gdklc.com/images/login-help4.png

182.92.96.218

200 OK

1.6 kB

URL HTTP/1.1
www.gdklc.com/images/login-help4.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1601 bytes)
Hash
495df36dc72d1e6792e4c96dee14eb2d
13d805e525686456cd80ccc23c5bb216ea7caf23
660b14403a332a02bf60caaada94255b88be5210ec3aac98e72f5162d23cb92f

HTTP Headers

GET /images/login-help4.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:45:34 GMT
ETag: "2022a-641-540e887884b80"
Accept-Ranges: bytes
Content-Length: 1601
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

www.gdklc.com/images/login-help2.png

182.92.96.218

200 OK

1.6 kB

URL HTTP/1.1
www.gdklc.com/images/login-help2.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.6 kB (1613 bytes)
Hash
4da5e6d2b98bfd3ad321bd909a234212
2ac240ed15dbb6f9ce843a152a548140bd49abae
10f4801716c858b5a4d3124d86267cbe8c4c85c2fca54f4028db0454c1821bdc

HTTP Headers

GET /images/login-help2.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:44:35 GMT
ETag: "20228-64d-540e8840406c0"
Accept-Ranges: bytes
Content-Length: 1613
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

www.gdklc.com/images/login-help1.png

182.92.96.218

200 OK

1.7 kB

URL HTTP/1.1
www.gdklc.com/images/login-help1.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
1.7 kB (1680 bytes)
Hash
52b886fb282e6e177bf32362204031c4
055e626463d7557f83d5d1097a2e6c7dbc4bbf4c
06332bfdf25e1911e8cc9f8923cf6d3516b901c9c4af95852473988d5952e3ec

HTTP Headers

GET /images/login-help1.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:10 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:44:16 GMT
ETag: "20227-690-540e882e21c00"
Accept-Ranges: bytes
Content-Length: 1680
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

www.gdklc.com/images/header-logo.png

182.92.96.218

200 OK

21 kB

URL HTTP/1.1
www.gdklc.com/images/header-logo.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 104 x 60, 8-bit/color RGBA, non-interlaced\012- data
Size
21 kB (20850 bytes)
Hash
a4792ace98bad30ba76bea611dd14efb
4853559083f73f81e9dc8c9fd4c0b81138b86488
369e5aa26c4dada71a75678df1fdde8f7f10692ead7a884bd0b3f799e5934005

HTTP Headers

GET /images/header-logo.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Fri, 28 Jul 2017 02:19:46 GMT
ETag: "2021f-5172-555575094d480"
Accept-Ranges: bytes
Content-Length: 20850
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/png

www.bill2021.com/dan/indexty.html

154.208.77.212

200 OK

1.4 kB

URL HTTP/1.1
www.bill2021.com/dan/indexty.html
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (352)
Size
1.4 kB (1439 bytes)
Hash
9207a79bb10fc15812c3076c66ff52fc
2faef2e2afe7d9adf4978b196d554cdb5d129cc0
9a258e6c1b0d3eb25f3f5ef89cfc2edf31533be62ab10678c71e7af3041b95f4

HTTP Headers

GET /dan/indexty.html HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Last-Modified: Sat, 29 Oct 2022 01:20:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635c7ff2-ff0"
Content-Encoding: gzip

www.bill2021.com/js/zhongguomeng.js.js

154.208.77.212

404 Not Found

162 B

URL HTTP/1.1
www.bill2021.com/js/zhongguomeng.js.js
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

HTTP Headers

GET /js/zhongguomeng.js.js HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive

www.bill2021.com/css/index.css

154.208.77.212

404 Not Found

162 B

URL HTTP/1.1
www.bill2021.com/css/index.css
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

HTTP Headers

GET /css/index.css HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive

push.zhanzhang.baidu.com/push.js

182.61.201.94

200 OK

227 B

URL HTTP/1.1
push.zhanzhang.baidu.com/push.js
IP
182.61.201.94:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with no line terminators
Size
227 B (227 bytes)
Hash
e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5

HTTP Headers

GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: "4078521116"
Expires: Sat, 03 Feb 2024 12:50:10 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=E76CEEC559F7A4679A7A13479D2C9757:FG=1; max-age=31536000; expires=Sat, 03-Feb-24 12:50:10 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding

www.bill2021.com/dan/js/zhongguomeng.js

154.208.77.212

200 OK

921 B

URL HTTP/1.1
www.bill2021.com/dan/js/zhongguomeng.js
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text, with CRLF line terminators
Size
921 B (921 bytes)
Hash
b8e6872c8ed9db8e31d013f84e785870
fd9df2dae33af539c35317c2786c2bb1d76a94e2
d094409f7d7731c5c7396c4c42445c426ae6de3b210a11b58649691a812bc945

HTTP Headers

GET /dan/js/zhongguomeng.js HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: application/javascript
Content-Length: 921
Last-Modified: Fri, 03 Feb 2023 05:10:27 GMT
Connection: keep-alive
ETag: "63dc9743-399"
Accept-Ranges: bytes

www.bill2021.com/dan/index.css

154.208.77.212

200 OK

511 B

URL HTTP/1.1
www.bill2021.com/dan/index.css
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
ASCII text
Size
511 B (511 bytes)
Hash
1a04275bd681a7baf6118fd368aa3eff
05969c3a348b2f8e4ab4f3e31c55fea788074480
b4328988195bd9d7ff38a3519f1d650d7d98c8cc91500174fcc24d448ebd2b2b

HTTP Headers

GET /dan/index.css HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/css
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61c5a026-450"
Content-Encoding: gzip

hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (618)
Size
11 kB (11256 bytes)
Hash
91dfda4257cafc34e635d5c7f42a2c52
bec10be60f555ca5a13388ac18e59c50c1ba22ec
cd95c93cde732ec7dc9ee283e94fbe32a13d90637e8d435549d9dfc7d2c7e6e4

HTTP Headers

GET /hm.js?2a961ecad4c90ac34c7562d9a1e5832b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: 05d74a574fe90fe81d606049af4e1cd5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7E76B7FCB918BE1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40

103.235.46.191

200 OK

11 kB

URL HTTP/1.1
hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
ASCII text, with very long lines (622)
Size
11 kB (11260 bytes)
Hash
faa341f02cd2b48e2f2b02f4c2ebc334
ec579ab34998f9d8a00688cd1d88398351c830c0
4a905311d51b7a136f32823941504b6eccddd655d1ee2eab9d229d0adcfa7116

HTTP Headers

GET /hm.js?69213e6e300ff71fcc72673b58b9ba40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: 70d166f35afc9cc84d294503223cf56f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CBC308C59091AA87; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800

www.bill2021.com/dan/pkPhoto/weibu.jpg

154.208.77.212

200 OK

93 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/weibu.jpg
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1077x326, components 3\012- data
Size
93 kB (93266 bytes)
Hash
72ffbaa3518e14d528abcdfb3f5ab8b3
9385a5a42b04c4af17148a61c062cf4b8d976ac3
bea6c9dc0fa84aecf9bd0031e998523a9d4dff5ace9814b20e573e849da77666

HTTP Headers

GET /dan/pkPhoto/weibu.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/jpeg
Content-Length: 93266
Last-Modified: Thu, 08 Sep 2022 07:53:17 GMT
Connection: keep-alive
ETag: "63199f6d-16c52"
Accept-Ranges: bytes

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 12:50:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7AF8324BFA895C2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8

103.235.46.191

200 OK

43 B

URL HTTP/1.1
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
IP
103.235.46.191:0
ASN
#55967 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

HTTP Headers

GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 12:50:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=64A905146C5C71A3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff

api.share.baidu.com/s.gif?l=http://iihttanzania.com/tech-spec-2-3.html

182.61.201.93

200 OK

0 B

URL HTTP/1.1
api.share.baidu.com/s.gif?l=http://iihttanzania.com/tech-spec-2-3.html
IP
182.61.201.93:0
ASN
#38365 Beijing Baidu Netcom Science and Technology Co., Ltd.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /s.gif?l=http://iihttanzania.com/tech-spec-2-3.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/

HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 03 Feb 2023 12:50:11 GMT

www.gdklc.com/images/advimg/1514339821598536217.png

182.92.96.218

200 OK

8.4 kB

URL HTTP/1.1
www.gdklc.com/images/advimg/1514339821598536217.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 112 x 112, 8-bit/color RGB, non-interlaced\012- data
Size
8.4 kB (8368 bytes)
Hash
042b77d5817d6ec3801f7089ce21bca0
472a4a0dcc77d88da8fa03844a3c68a210c1a387
cf7a1ec06c2a6edbfa306d0e675e9e4f10fa2ef07cac0c9817d1382986b209ad

HTTP Headers

GET /images/advimg/1514339821598536217.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Wed, 27 Dec 2017 01:57:01 GMT
ETag: "202ab-20b0-56148b7199540"
Accept-Ranges: bytes
Content-Length: 8368
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

www.bill2021.com/dan/img/bg1111.jpg

154.208.77.212

404 Not Found

162 B

URL HTTP/1.1
www.bill2021.com/dan/img/bg1111.jpg
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
162 B (162 bytes)
Hash
70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee

HTTP Headers

GET /dan/img/bg1111.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive

www.bill2021.com/dan/pkPhoto/bcxh.png

154.208.77.212

200 OK

135 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/bcxh.png
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
PNG image data, 980 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size
135 kB (135021 bytes)
Hash
13eee91adfed5e2c622e386bba677e01
3bc40b822089c26da2551b40c5239e5bf6159fa1
a097f5b4c905b3fdf29085e4407047d5ab8395cfed166030aa2399ff4df84b3b

HTTP Headers

GET /dan/pkPhoto/bcxh.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 135021
Last-Modified: Thu, 08 Sep 2022 07:53:17 GMT
Connection: keep-alive
ETag: "63199f6d-20f6d"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/ty-yaobo.png

154.208.77.212

200 OK

375 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/ty-yaobo.png
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
PNG image data, 1434 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size
375 kB (375070 bytes)
Hash
8246fea5d34a8158b32ca6c245ea16b6
ba9ad21b7780a9ea8a530f363c09d4448cac7b6e
12bb8811bdbadec42e092ff12b79bb52657f2cd971e188052610e6358e3c9813

HTTP Headers

GET /dan/pkPhoto/ty-yaobo.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 375070
Last-Modified: Thu, 08 Sep 2022 07:53:27 GMT
Connection: keep-alive
ETag: "63199f77-5b91e"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/ledong100.png

154.208.77.212

200 OK

222 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/ledong100.png
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
PNG image data, 2100 x 150, 8-bit colormap, non-interlaced\012- data
Size
222 kB (222004 bytes)
Hash
c514cc26a8bbf5cb52abdf9ab9e68980
18199a677d4fbb0cf0a1c7f9af076c2ae76fb4cb
3a39dc076d1c0bfec10debd1c0f54249d89036049dad5f24255eb2e6b610b27d

HTTP Headers

GET /dan/pkPhoto/ledong100.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 222004
Last-Modified: Thu, 08 Sep 2022 07:53:28 GMT
Connection: keep-alive
ETag: "63199f78-36334"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/bet1000x100_jpg.jpg

154.208.77.212

200 OK

118 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/bet1000x100_jpg.jpg
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x100, components 3\012- data
Size
118 kB (118484 bytes)
Hash
b601a3aeeb918c401a7e6203a27129f5
314ab685c22cf0f4979e2468ce2de55c74a959de
a86e74c3ec52a8b51388c52bad6b510042b1faf95bf730f20a7d6b899c373969

HTTP Headers

GET /dan/pkPhoto/bet1000x100_jpg.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/jpeg
Content-Length: 118484
Last-Modified: Mon, 26 Sep 2022 05:53:04 GMT
Connection: keep-alive
ETag: "63313e40-1ced4"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/amdcpc.gif

154.208.77.212

200 OK

278 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/amdcpc.gif
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
GIF image data, version 89a, 1000 x 100\012- data
Size
278 kB (278305 bytes)
Hash
71c7927a8115608a38ef646fbe1d245e
62308a2b77fe5db7519349d56e8f9daf1230a5dc
94cf5d84e80dc1006762bb51fe0a2ae9cd9a9a608eb4d60f25bbfb4e9959dbf8

HTTP Headers

GET /dan/pkPhoto/amdcpc.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/gif
Content-Length: 278305
Last-Modified: Thu, 08 Sep 2022 07:53:28 GMT
Connection: keep-alive
ETag: "63199f78-43f21"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/by1000x100.gif

154.208.77.212

200 OK

352 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/by1000x100.gif
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
GIF image data, version 89a, 1000 x 100\012- data
Size
352 kB (352162 bytes)
Hash
8c6b4b6fc48958d58ed73edaec8c7371
7b2b81852ab9d722e1dc4f5782192d41bbfbfa81
ee7d062eccc180754f4b4eb2623ea2ef13cbba7375c405e56db371dee5273656

HTTP Headers

GET /dan/pkPhoto/by1000x100.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/gif
Content-Length: 352162
Last-Modified: Thu, 08 Sep 2022 07:53:19 GMT
Connection: keep-alive
ETag: "63199f6f-55fa2"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/ty1000x100_jpg.jpg

154.208.77.212

200 OK

105 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/ty1000x100_jpg.jpg
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x100, components 3\012- data
Size
105 kB (105237 bytes)
Hash
0241d16d8bcd8a13925af33abc59e638
637b547e6b2cc177008349123d0c6566147ceeab
0033014a565093b3e5fbbac9eebb9efc1a94a262630d976d52564a8e27e862ec

HTTP Headers

GET /dan/pkPhoto/ty1000x100_jpg.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/jpeg
Content-Length: 105237
Last-Modified: Mon, 26 Sep 2022 05:53:18 GMT
Connection: keep-alive
ETag: "63313e4e-19b15"
Accept-Ranges: bytes

www.gdklc.com/images/login-help3.png

182.92.96.218

200 OK

321 kB

URL HTTP/1.1
www.gdklc.com/images/login-help3.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size
321 kB (320939 bytes)
Hash
177066cf15a8204b2eb6ca099d6b4abd
7d0688a20afffd32f1ef8c3694f6ee80c5ba0ee9
331633f4971f2b3925d224b639f41696906ed229bfc996599272d55f70f85a59

HTTP Headers

GET /images/login-help3.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:45:11 GMT
ETag: "20229-5bc-540e8862957c0"
Accept-Ranges: bytes
Content-Length: 1468
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png

www.gdklc.com/images/advimg/15143398211563325642.jpg

182.92.96.218

200 OK

40 kB

URL HTTP/1.1
www.gdklc.com/images/advimg/15143398211563325642.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2017:12:27 09:55:37], progressive, precision 8, 112x112, components 3\012- data
Size
40 kB (40304 bytes)
Hash
2d706bf982387e496e7ca1703c4a5b75
ef892b0ec27c8ca36103f054551bc7be9fdd00ce
fb2d076ebe205f293ec8ec566f5af9f4cb32005c3d7ee35f0fefb8da2dd36b3a

HTTP Headers

GET /images/advimg/15143398211563325642.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Wed, 27 Dec 2017 01:57:01 GMT
ETag: "202aa-9d70-56148b7199540"
Accept-Ranges: bytes
Content-Length: 40304
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg

www.bill2021.com/dan/pkPhoto/500pj1000-200.gif

154.208.77.212

200 OK

649 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/500pj1000-200.gif
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
GIF image data, version 89a, 1000 x 200\012- data
Size
649 kB (649012 bytes)
Hash
4b2329aee1fcc97910223870de0a7ac3
f7a5bd1bee03223ee41d7a586569337aefb09ea2
ddff3a89b79326f02c8e2ba68f8534df4ad3196134e74ec0accb51800cd4de3d

HTTP Headers

GET /dan/pkPhoto/500pj1000-200.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/gif
Content-Length: 649012
Last-Modified: Thu, 08 Sep 2022 07:53:30 GMT
Connection: keep-alive
ETag: "63199f7a-9e734"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/5247cc1000-200%20.gif

154.208.77.212

200 OK

591 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/5247cc1000-200%20.gif
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
GIF image data, version 89a, 1000 x 200\012- data
Size
591 kB (590972 bytes)
Hash
60f5165ec126a4b95de17cd8d93df564
9144c7659554767fe1c8c6bc0732fbd190c810fb
e84562dfeb76c6669ed9e07b976e1e2a63925573aa3ca92b44e12942a06f1232

HTTP Headers

GET /dan/pkPhoto/5247cc1000-200%20.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/gif
Content-Length: 590972
Last-Modified: Thu, 08 Sep 2022 07:53:30 GMT
Connection: keep-alive
ETag: "63199f7a-9047c"
Accept-Ranges: bytes

www.bill2021.com/dan/pkPhoto/kaiyun1100x200.png

154.208.77.212

200 OK

470 kB

URL HTTP/1.1
www.bill2021.com/dan/pkPhoto/kaiyun1100x200.png
IP
154.208.77.212:0
ASN
#134548 DXTL Tseung Kwan O Service

File type
PNG image data, 1110 x 221, 8-bit/color RGB, non-interlaced\012- data
Size
470 kB (470322 bytes)
Hash
cb8dacafc8816967d295f039376b84d9
9d5be5064687055afebdd885845776b6d08344e2
5d99ded757913931536dd9fdcebc6a793fd073e0b5ebb51b121f9dbf0be0be4d

HTTP Headers

GET /dan/pkPhoto/kaiyun1100x200.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/png
Content-Length: 470322
Last-Modified: Sat, 29 Oct 2022 01:15:52 GMT
Connection: keep-alive
ETag: "635c7ec8-72d32"
Accept-Ranges: bytes

iihttanzania.com/images/shortcut-icon.ico

172.252.4.201

200 OK

2.3 kB

URL HTTP/1.1
iihttanzania.com/images/shortcut-icon.ico
IP
172.252.4.201:0
ASN
#18779 EGIHOSTING

File type
data
Size
2.3 kB (2322 bytes)
Hash
c3f311f91642b8da1462af5684493e6e
658f6fee9d109f4ec044c90f2ce226abd85f39f7
92ce6afc7830310a3316cf0195073814f0586c26129f008b2520827f10b54f7b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /images/shortcut-icon.ico HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
Cookie: Hm_lvt_2a961ecad4c90ac34c7562d9a1e5832b=1675428642; Hm_lpvt_2a961ecad4c90ac34c7562d9a1e5832b=1675428642; Hm_lvt_69213e6e300ff71fcc72673b58b9ba40=1675428642; Hm_lpvt_69213e6e300ff71fcc72673b58b9ba40=1675428642

HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip

www.gdklc.com/images/advimg/1606876958529880943.jpg

182.92.96.218

200 OK

401 kB

URL HTTP/1.1
www.gdklc.com/images/advimg/1606876958529880943.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:12:02 10:42:11], baseline, precision 8, 1920x549, components 3\012- data
Size
401 kB (400794 bytes)
Hash
7308a7a91f644453dff3480f25009301
3efb65402aad6f7974db905fd738eae775c5bf81
7ea719e260da36a67baeb9d7021da266a6f3cab6e2a082a39d59d34f0a2f94e0

HTTP Headers

GET /images/advimg/1606876958529880943.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:10 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 02:42:38 GMT
ETag: "202c4-61d9a-5b57232478380"
Accept-Ranges: bytes
Content-Length: 400794
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg

182.92.96.218

200 OK

57 kB

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type
JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:10:19 16:39:53], baseline, precision 8, 375x214, components 3\012- data
Size
57 kB (56611 bytes)
Hash
3b48811150974b922366ddcfe0edd39f
37b83e83258bf81c7a2a232238bde0f81eab2d92
bfde5d37da5e8576014f9470ad7f7a46fbc95c81d7ab4aeb514fd3fe00b3415d

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075714_11629.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:12 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:14 GMT
ETag: "20c90-dd23-55bef1d832a80"
Accept-Ranges: bytes
Content-Length: 56611
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075715_55007.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:15 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:15 GMT
ETag: "20c92-fbb6-55bef1d926cc0"
Accept-Ranges: bytes
Content-Length: 64438
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/images/product/1533171831993168710.png

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/images/product/1533171831993168710.png
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /images/product/1533171831993168710.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:11 GMT
Server: Apache
Last-Modified: Thu, 02 Aug 2018 01:03:51 GMT
ETag: "2073e-178b1-57269625dcbc0"
Accept-Ranges: bytes
Content-Length: 96433
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/png

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075714_86537.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:15 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:14 GMT
ETag: "20c91-f78a-55bef1d832a80"
Accept-Ranges: bytes
Content-Length: 63370
Vary: User-Agent
Keep-Alive: timeout=15, max=297
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075737_12190.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:37 GMT
ETag: "20c95-9e1d5-55bef1ee21e40"
Accept-Ranges: bytes
Content-Length: 647637
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075738_32509.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:38 GMT
ETag: "20c96-9ac98-55bef1ef16080"
Accept-Ranges: bytes
Content-Length: 634008
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg

www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg

182.92.96.218

200 OK

0 B

URL HTTP/1.1
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
IP
182.92.96.218:0
ASN
#37963 Hangzhou Alibaba Advertising Co.,Ltd.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /include/kindeditor/attached/image/20171020/20171020075735_65785.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive

HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:35 GMT
ETag: "20c94-a9c76-55bef1ec399c0"
Accept-Ranges: bytes
Content-Length: 695414
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (22)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML