r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2352
Expires: Fri, 03 Feb 2023 13:29:19 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash e935ea42be4feaed61a824b0b903913e
f966cfa80d65a805cb9d7c6a53b3340865d7c51a
eb0ce9ae50d156fe5924b2d77346735e4e93b5240cff301c9aa835bb0b385815
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EB0CE9AE50D156FE5924B2D77346735E4E93B5240CFF301C9AA835BB0B385815"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15808
Expires: Fri, 03 Feb 2023 17:13:35 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive
iihttanzania.com/tech-spec-2-3.html
172.252.4.201200 OK 7.1 kB URL HTTP/1.1 iihttanzania.com/tech-spec-2-3.html
IP 172.252.4.201:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with CRLF, LF line terminators
Hash 3e028d4ca4a17f456b247007a046fdce
c8257cd26565ec85ad86abc2c2224c16bb2e1eb4
9d28c3c37f394a10e811865575b53fcc4f13c3c54bd40e2ff49d699b4280f999
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /tech-spec-2-3.html HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Fri, 03 Feb 2023 12:43:35 GMT
content-type: application/json
age: 392
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7d2222d41721947297aaeb5a6e3d0714
04cc1ee417c8bf6338657fd4c2e4e1c1ddfd3065
de0e45969a2ad95e52f7e2fbd0d021d9075dd7b14666c929346efe111f648f7c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DE0E45969A2AD95E52F7E2FBD0D021D9075DD7B14666C929346EFE111F648F7C"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16786
Expires: Fri, 03 Feb 2023 17:29:53 GMT
Date: Fri, 03 Feb 2023 12:50:07 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: yWa2KZc0Jka52TJ8/ZHnFlAXSkV7g/BvJOQ8tDF7mfgC5NjPLG4YvaOx8B8KKLpgPk4dnpwAZng=
x-amz-request-id: NQYGTPPC5VPCH8V8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 03 Feb 2023 11:52:24 GMT
age: 3463
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 03 Feb 2023 12:50:07 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
iihttanzania.com/jquery.20.min.js
172.252.4.201301 Moved Permanently 178 B URL HTTP/1.1 iihttanzania.com/jquery.20.min.js
IP 172.252.4.201:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /jquery.20.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.iihttanzania.com/jquery.20.min.js
iihttanzania.com/css/reset.css
172.252.4.201200 OK 555 B URL HTTP/1.1 iihttanzania.com/css/reset.css
IP 172.252.4.201:0
Hash 1e2fc1a5c5119671a56b592b9d5bec23
d14752f41c79afab258fe0b46f40efd9b5d04e65
f10a5f98a81c9cf5d1978086c3afccebfb77f4ddcafec6606628500c97329dd2
Analyzer Verdict Alert quad9 Sinkholed
GET /css/reset.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/rest.css
172.252.4.201200 OK 235 B URL HTTP/1.1 iihttanzania.com/css/rest.css
IP 172.252.4.201:0
Hash 2fe5ed222b9ae02ae5fc2eae9c4f3702
7dca3557a57010906d1b96dcb6a6cf02330ba2d5
16978d88ec0ffbbb0a559a4664dbfb9ad5e35b69d27b5d90fb4608b603651377
Analyzer Verdict Alert quad9 Sinkholed
GET /css/rest.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/owl.carousel.css
172.252.4.201200 OK 1.3 kB URL HTTP/1.1 iihttanzania.com/css/owl.carousel.css
IP 172.252.4.201:0
Hash f749ae4ed93a0207f5a2286cbedf98a6
27809cc56ad080a64d9efc5fc4dd53390eaebc17
99742ccf0c1c5d03abe0cbda886693826e621232c060554bb5d165e6e90d78dd
Analyzer Verdict Alert quad9 Sinkholed
GET /css/owl.carousel.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/swiper.css
172.252.4.201200 OK 3.8 kB URL HTTP/1.1 iihttanzania.com/css/swiper.css
IP 172.252.4.201:0
File type ASCII text, with very long lines (1468)
Hash 805d196d330c08ba82eac960095ed3e4
83cb05b02af025acc036cba97ddb5521a1dbc9a1
d75e2401ea1593ef592dd1da423e05ae6e3b9adbc3e029eab1d85563de78ce1b
Analyzer Verdict Alert quad9 Sinkholed
GET /css/swiper.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/owl.theme.css
172.252.4.201200 OK 610 B URL HTTP/1.1 iihttanzania.com/css/owl.theme.css
IP 172.252.4.201:0
Hash c840100a072ce4171bf866f43f6de7f0
8eaa47fec2a7a91cc78d6e03ba4ef14ca7fd4d74
8324e1f174e74ecf6447544e7bf225562ee2a5eae1f7738aa9026e12326c2688
Analyzer Verdict Alert quad9 Sinkholed
GET /css/owl.theme.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/common.css
172.252.4.201200 OK 4.5 kB URL HTTP/1.1 iihttanzania.com/css/common.css
IP 172.252.4.201:0
Hash d463ee893fd26dd079647259406925e2
80e5aec5065ea221a97df019d503561c7b1b7656
3cd193bf0989310b2b442c9a6c5689cb0b7335e2b91ac11e68cf5ff8b477fd5d
Analyzer Verdict Alert quad9 Sinkholed
GET /css/common.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/animate.css
172.252.4.201200 OK 5.5 kB URL HTTP/1.1 iihttanzania.com/css/animate.css
IP 172.252.4.201:0
Hash 80c4b0f864622add53c429bd06d3deb5
ced68f2e95935c96d8f37cfcd72d4b019a3777bc
9796c77cc0a41cd8c093dfc178f705078039e09611d7b2d5aa8a2df14ebaa02b
Analyzer Verdict Alert quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Last-Modified, Cache-Control, Pragma, ETag, Backoff, Content-Type, Alert, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Fri, 03 Feb 2023 12:49:06 GMT
age: 61
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
iihttanzania.com/css/inside-page.css
172.252.4.201200 OK 1.7 kB URL HTTP/1.1 iihttanzania.com/css/inside-page.css
IP 172.252.4.201:0
Hash fea42ad20e5f222c44a015eee73b7d3d
5800d0e329127d6471666184889ed50befc2b1d6
7ebb816d3f69c1e729241fedb5e52ba99204f2c7913657598897e80ca6cc1b10
Analyzer Verdict Alert quad9 Sinkholed
GET /css/inside-page.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/css/tech-spec.css
172.252.4.201200 OK 3.6 kB URL HTTP/1.1 iihttanzania.com/css/tech-spec.css
IP 172.252.4.201:0
Hash 8b5299a2992f0c7335d40654d879bf62
ed29a8cac134b78d62b71c209adfccb18eec6268
206bb4756a3a658b1c53160b611a5ead1a66bf85a1bd0fe7ced4dceb4b8d368b
Analyzer Verdict Alert quad9 Sinkholed
GET /css/tech-spec.css HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: text/css;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/hoverSlippery.js
172.252.4.201200 OK 1.1 kB URL HTTP/1.1 iihttanzania.com/js/hoverSlippery.js
IP 172.252.4.201:0
Hash ccc1a5b1c6cfb3041d0fe91d3c2987dc
640e4ba0a224d31c29dac651c692481ba8f62738
4c20086f8640646e72d6ef6f1811a5fdf7338f2d6ebada9f0b7f4cb27cd7edcc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/hoverSlippery.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A9838D00256431807CA382FC205064B07C08D5054F2895C2AE3CC4E9094179A"
Last-Modified: Wed, 01 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2889
Expires: Fri, 03 Feb 2023 13:38:17 GMT
Date: Fri, 03 Feb 2023 12:50:08 GMT
Connection: keep-alive
iihttanzania.com/js/jquery.min.js
172.252.4.201200 OK 38 kB URL HTTP/1.1 iihttanzania.com/js/jquery.min.js
IP 172.252.4.201:0
File type ASCII text, with very long lines (32047)
Hash a09e2a0726e2d9dcd29299dfe735dfcf
9ee2c7d297d637523fdea30806b14193c88f899f
193651164815ad7dba48e5388eca28f5808876297941ce67fc12d4633b0aadd7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/jquery.headerNav.js
172.252.4.201200 OK 1.1 kB URL HTTP/1.1 iihttanzania.com/js/jquery.headerNav.js
IP 172.252.4.201:0
Hash 4aca9a348eeb28d9dfa151c660a07e86
7ba9b554e705355eac39f5d07f5a7224e1b0094b
e742c295dfd2735d68d800590c79c59befaaf593d09c94d02bd70a8e7b992ee3
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.headerNav.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/wow.js
172.252.4.201200 OK 3.6 kB URL HTTP/1.1 iihttanzania.com/js/wow.js
IP 172.252.4.201:0
Hash 862d9235a815ade22a5d01fd7b6760f0
564ed9b591b022a856dd99e2f30908a949d417e6
429794de778fa7863dc99d350449a319c22e28ac0545e90ea6230107847a9e94
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/wow.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/swiper.jquery.min.js
172.252.4.201200 OK 25 kB URL HTTP/1.1 iihttanzania.com/js/swiper.jquery.min.js
IP 172.252.4.201:0
File type ASCII text, with very long lines (32046)
Hash 3281d87739620fbb048821775009abc3
4f0713546467b0e6f9eb7cfc35dd82bee395ff84
6df30edcbf74bdc89df52948fce19c3a5aa024a7bff77168dbbbf52615a2bbff
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/swiper.jquery.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/owl.carousel.js
172.252.4.201200 OK 23 kB URL HTTP/1.1 iihttanzania.com/js/owl.carousel.js
IP 172.252.4.201:0
Hash 65cc44a2cb33ea7f220bbcde5991e71b
3d719b502f910bea0629c5a2eb5d959776448d29
b7d0d52ca5bd84ecd432939086edcc73328d9b467baf5b2bcaa259e929ef62ed
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/owl.carousel.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:07 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/js/jquery.qrcode.min.js
172.252.4.201200 OK 5.3 kB URL HTTP/1.1 iihttanzania.com/js/jquery.qrcode.min.js
IP 172.252.4.201:0
File type ASCII text, with very long lines (544)
Hash 23bdf2d83f4435aa205bdbd17b2cd666
360b606d818dd2d1e78f3fc7ac2c8a67c3a6f568
ca2264dfcc776fc6cdef06faed5ab7d376ea408981d9d065964428afd250e672
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/jquery.qrcode.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.iihttanzania.com/jquery.20.min.js
172.252.4.201200 OK 1.3 kB URL HTTP/1.1 www.iihttanzania.com/jquery.20.min.js
IP 172.252.4.201:0
File type ASCII text, with very long lines (2924), with no line terminators
Hash 1656f1ef69f3c4ff16c961a1ca62e2e9
93bb802ea0dbe77593d6e24c41131894b5e0a97c
24b3bbb338694a6d29f2b0701d98a510c9188ae9f4bff9070bee9b987f70ec21
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /jquery.20.min.js HTTP/1.1
Host: www.iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript
Last-Modified: Mon, 19 Apr 2021 06:11:18 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"607d1f06-b6c"
Expires: Fri, 03 Feb 2023 13:50:08 GMT
Cache-Control: max-age=3600
Content-Encoding: gzip
iihttanzania.com/jquery.la.min.js
172.252.4.201301 Moved Permanently 178 B URL HTTP/1.1 iihttanzania.com/jquery.la.min.js
IP 172.252.4.201:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash cd2e0e43980a00fb6a2742d3afd803b8
81ffbd1712afe8cdf138b570c0fc9934742c33c1
bd9df047d51943acc4bc6cf55d88edb5b6785a53337ee2a0f74dd521aedde87d
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /jquery.la.min.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Content-Length: 178
Connection: keep-alive
Location: http://www.iihttanzania.com/jquery.la.min.js
iihttanzania.com/js/common.js
172.252.4.201200 OK 2.0 kB URL HTTP/1.1 iihttanzania.com/js/common.js
IP 172.252.4.201:0
File type Unicode text, UTF-8 text, with very long lines (339)
Hash 7965eab8eefd8e624ae9de011b7cd926
5223e947c7660255da610de3acf9cff05d2f4cd0
662d9d7f98934375c20e22de55e6ccb584ece3703910a283ff5db1abd96e1862
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/common.js HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075738_32509.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075737_12190.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
iihttanzania.com/images/felo-img.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/felo-img.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/felo-img.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/felo-img.png
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075735_65785.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
push.services.mozilla.com/
35.86.38.2101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.86.38.2:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XO7iLPhpV/0nsUwC87eYqw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tyF2REWsTHDu7SuFh6Qy6wyu2Qo=
www.iihttanzania.com/jquery.la.min.js
172.252.4.201200 OK 518 B URL HTTP/1.1 www.iihttanzania.com/jquery.la.min.js
IP 172.252.4.201:0
File type ASCII text, with CRLF line terminators
Hash 99fb8d1e5710d0a40837609dc26373e2
11c7a79d2ad6cfa45757c951640d359eb13412a2
142f3e945a91286b7fa72b2976d654c75e0331d69f1d880d896f855d3c30cddc
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /jquery.la.min.js HTTP/1.1
Host: www.iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: application/javascript
Content-Length: 518
Last-Modified: Mon, 19 Apr 2021 06:11:18 GMT
Connection: keep-alive
ETag: "607d1f06-206"
Expires: Fri, 03 Feb 2023 13:50:08 GMT
Cache-Control: max-age=3600
Accept-Ranges: bytes
iihttanzania.com/images/advimg/1514339821598536217.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/advimg/1514339821598536217.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/advimg/1514339821598536217.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/1514339821598536217.png
iihttanzania.com/images/advimg/15143398211563325642.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/advimg/15143398211563325642.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/advimg/15143398211563325642.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/15143398211563325642.jpg
iihttanzania.com/images/online-ques.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/online-ques.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/online-ques.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/online-ques.png
iihttanzania.com/images/advimg/1606876958529880943.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/advimg/1606876958529880943.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/advimg/1606876958529880943.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/advimg/1606876958529880943.jpg
iihttanzania.com/images/header-logo.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/header-logo.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/header-logo.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/header-logo.png
iihttanzania.com/images/product/1533171831993168710.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/product/1533171831993168710.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/product/1533171831993168710.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/product/1533171831993168710.png
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075715_55007.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075714_11629.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075714_86537.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20171020/20171020075734_63449.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075734_63449.jpg
iihttanzania.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /include/kindeditor/attached/image/20201130/20201130160016_16322.jpg HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:08 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/include/kindeditor/attached/image/20201130/20201130160016_16322.jpg
ocsp.trust-provider.cn/
47.246.44.205200 OK 600 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 63bd94e9f844de5447eec3cc2682e4da
daf593846149d57579f5c8a5f92866ce995551f9
d0215ea0fbf9ed32079e57a0a964a0833248c652a6200ff507040878b727b56f
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 03 Feb 2023 12:50:00 GMT
last-modified: Thu, 02 Feb 2023 15:17:39 GMT
expires: Thu, 09 Feb 2023 15:17:38 GMT
etag: "daf593846149d57579f5c8a5f92866ce995551f9"
cache-control: max-age=588141,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb2
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793b4a327a70909d-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675428600
via: cache5.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache8.se1[22,22,200-0,H], cache4.se1[24,0], cache4.se1[26,0]
age: 8
x-cache: HIT TCP_REFRESH_HIT dirn:11:427785543
x-swift-savetime: Fri, 03 Feb 2023 12:50:08 GMT
x-swift-cachetime: 1792
timing-allow-origin: *, *
eagleid: 2ff62c9816754286087832061e, 2ff62c9816754286087832061e
www.bill8888.com/bb/pp.js
154.212.112.82200 OK 1.7 kB URL HTTP/1.1 www.bill8888.com/bb/pp.js
IP 154.212.112.82:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document, Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 8c340169f87cdb27f0ea54b95faaba2f
d8832f36396c065615bae93d66942efa108752f9
454765233c725bc01fb5db56df1e0abbf9137f75dac6475a0f96bd252e36708c
GET /bb/pp.js HTTP/1.1
Host: www.bill8888.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Nov 2022 07:51:14 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"636615f2-1814"
Content-Encoding: gzip
iihttanzania.com/images/login-help4.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help4.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help4.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help4.png
iihttanzania.com/images/login-help3.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help3.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help3.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help3.png
iihttanzania.com/images/login-help2.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help2.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help2.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help2.png
iihttanzania.com/images/login-help1.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help1.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help1.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help1.png
iihttanzania.com/fonts/st-arrow.ttf
172.252.4.201200 OK 3.6 kB URL HTTP/1.1 iihttanzania.com/fonts/st-arrow.ttf
IP 172.252.4.201:0
File type TrueType Font data, 17 tables, 1st "GSUB", name offset 0x82900001\012- data
Hash a3571e9cff1a330c0c26a660fdbdbb4d
51f05f6c6cc1e9b21a2b07fdc63d25cf0b45502f
bac11eef58d950b41e46adfa07138100ab4d89357365240569c8e94a2a9243ed
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /fonts/st-arrow.ttf HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.gdklc.com/images/felo-img.png
182.92.96.218200 OK 3.1 kB URL HTTP/1.1 www.gdklc.com/images/felo-img.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 91 x 75, 8-bit/color RGBA, non-interlaced\012- data
Hash 9d0661ca609750c800ce4c4cf438fac5
27965ef0c68f0dd1896275690e8e7232b686dd3a
b01819dcaf213ba408fa64d57756083868627259f988956b104be6cb0a9fb915
GET /images/felo-img.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Tue, 28 Feb 2017 09:02:58 GMT
ETag: "2021b-c33-5499376573480"
Accept-Ranges: bytes
Content-Length: 3123
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 12:50:09 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18198
Expires: Fri, 03 Feb 2023 17:53:27 GMT
Date: Fri, 03 Feb 2023 12:50:09 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4a92e881554205ebbe3721a7bbaeab40
b620fc82bd15b55b581bd8c3a699e1b16563ad2e
ff753b8411bfa0df54938a5f829ce25acbad863a2a3540b3bacca02baf9a2c7d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8f58ae1f-1f79-4cc4-b12e-b11dde3b7e4d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6398
x-amzn-requestid: 843fefd3-8cf4-44ee-bb7c-a010d4149442
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuv1XFXQoAMFe5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2cee-76739fd87b4c0d203eca4114;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2cGZEXolULcBUgvrZ55IWnR825LgkHDFmJFJ5i9lcl4KYbDte3-N1g==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:43 GMT
age: 53546
etag: "b620fc82bd15b55b581bd8c3a699e1b16563ad2e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
34.120.237.76200 OK 7.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ae0083daa88e6b26c6525c51348d266c
676f55b22fdeee4f7737a48cb2b89d86aa371aae
89f6903260704061faf849549fd95e6f9cbbfcbbf93eaa17d32b96c5e4244d53
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff9647681-964b-428d-89fe-5c4bc8cadebe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7159
x-amzn-requestid: 1d159649-0d8c-4806-8f42-585b985972ea
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuwSKF61IAMF5qg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2da7-18fc268c5a719c1d19079001;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:39:51 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: VyQrwAb5tjqPPPQbxf9Ee_zB1UvrnMPGjOHeRKEzyH6BBDazPUkXSA==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:41 GMT
age: 54328
etag: "676f55b22fdeee4f7737a48cb2b89d86aa371aae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4041f3b5316bc84c9e6d88ddbc85b89
4978a4a20836b6f5d863d331bcedad782b7b4ac6
549b62d2c4ec965b8bec62010c0ce338dfea7992ee83eb7af61ff1a30d21f8b5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F49d52576-44b1-4baf-92c0-88f267415a19.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5641
x-amzn-requestid: b53b54b1-3b00-47cf-a25c-e93910c2ebfb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fuvzpHsXoAMFsuw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc2ce3-0c4fc8154763febb44460ac2;Sampled=0
x-amzn-remapped-date: Thu, 02 Feb 2023 21:36:36 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: x4-BZdG4JGRKCSdKynnuweZfo9l0XZtDB-MiANy7C2Yz1URYMHP4sQ==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:57:49 GMT
age: 53540
etag: "4978a4a20836b6f5d863d331bcedad782b7b4ac6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a6aaf87a867f93dc9268a8b27973b97
f52ccbe6cbced1994acb13a00b05436553b6813e
3fbd7441712035f4d53c17eec93bc278e6c072043f3b5a721cac349fc0dabe77
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fedd456a0-d42f-4b40-ad63-ea1dcfaf69eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10166
x-amzn-requestid: 54fe0d12-360f-4d97-bcf3-b24747d956aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fY_4zHEcoAMF1iA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d379d1-4ba89e44005f616a0ed3ed24;Sampled=0
x-amzn-remapped-date: Fri, 27 Jan 2023 07:14:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: hSyEfSDToqgfnFIW68Krz-ANYUNQoUPWhyb-8xDUarI6mnVLXriHDQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:59:54 GMT
age: 53415
etag: "f52ccbe6cbced1994acb13a00b05436553b6813e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash e366b32074025aaf60bbae8bdb08d330
a52c2883bad98fa20333aa639a5dd3a5bf544c8e
9d661c26effaec9efee16833f6459d6ecbe4f77b822c9c46e2a6433bda816e5c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F64144d1c-f524-496f-8b52-ba63714dbfc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11565
x-amzn-requestid: 87a84ffd-1176-4656-aac4-e98f38ec2cd9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fboIrFGboAMFyyQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d48704-162ed8114aa1809204500548;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 02:23:00 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: w0Zm5V0TQxsQ7917U3fdhS_n7qKE143PuhI2JmNCDM_Pf0yPLyW6yA==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:48:01 GMT
age: 54128
etag: "a52c2883bad98fa20333aa639a5dd3a5bf544c8e"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3490571dd2de0a747987b9a0e18cccc8
18e9f8f160d3515f1cb31fc7538ac762a6cab344
1c071d7f3b288b29254500f94f19c0db0633c6aa90812f2e92c4f64992f5221a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6b4ea648-021a-44ef-a083-3ea03f73dca3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10796
x-amzn-requestid: 5c9b1a83-c99a-44b9-9a90-5edd7ef1e225
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi0XKG93oAMFtsA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76760-01bf754d6c725c3275c02a1b;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 06:44:48 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XTZJAn0LMAfFtaQ2bN8z58cCsUT5GzxDMnHVB_iw9E_NskHQ-BgbRQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e4d3d5aafc7d7d582423c073065ab562.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 22:19:26 GMT
age: 84437
etag: "18e9f8f160d3515f1cb31fc7538ac762a6cab344"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
iihttanzania.com/images/login-help4.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help4.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help4.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help4.png
iihttanzania.com/images/login-help3.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help3.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help3.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help3.png
iihttanzania.com/images/login-help2.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help2.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help2.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help2.png
iihttanzania.com/images/login-help1.png
172.252.4.201302 Moved Temporarily 0 B URL HTTP/1.1 iihttanzania.com/images/login-help1.png
IP 172.252.4.201:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /images/login-help1.png HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/css/common.css
HTTP/1.1 302 Moved Temporarily
Server: nginx
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.41
Location: http://www.gdklc.com/images/login-help1.png
ocsp.trust-provider.cn/
47.246.44.205200 OK 599 B IP 47.246.44.205:0
ASN #24429 Zhejiang Taobao Network Co.,Ltd
Hash 441040c330abc7d34d79b7fff49c5a99
90fbadcb0b9374ad5a69620e143688b872acea61
54dbde7d78d41543550365e588d183a6d32b40f17adef360dc6c2f6eef24221c
POST / HTTP/1.1
Host: ocsp.trust-provider.cn
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Tengine
Content-Type: application/ocsp-response
Transfer-Encoding: chunked
Connection: keep-alive
date: Fri, 03 Feb 2023 12:36:30 GMT
last-modified: Wed, 01 Feb 2023 17:12:39 GMT
expires: Wed, 08 Feb 2023 17:12:38 GMT
etag: "90fbadcb0b9374ad5a69620e143688b872acea61"
cache-control: max-age=588904,s-maxage=1800,public,no-transform,must-revalidate
x-ccacdn-proxy-id: mcdpinlb4
x-frame-options: SAMEORIGIN
cf-cache-status: REVALIDATED
cf-ray: 793b366b4ad99a33-FRA
accept-ranges: bytes
ali-swift-global-savetime: 1675427790
via: cache19.l2de2[0,0,304-0,H], cache23.l2de2[1,0], cache8.se1[22,22,200-0,H], cache4.se1[24,0], cache4.se1[25,0]
age: 819
x-cache: HIT TCP_REFRESH_HIT dirn:11:419983691
x-swift-savetime: Fri, 03 Feb 2023 12:50:09 GMT
x-swift-cachetime: 981
timing-allow-origin: *, *
eagleid: 2ff62c9816754286098283031e, 2ff62c9816754286098283031e
ocsp.globalsign.com/gsrsaovsslca2018
104.18.20.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.20.226:0
Hash ec797e57c49c365bc22b41719745a44f
73137ece8b97483cbdc054df43ddb7089e561696
c032775a25dea1ea72009f20b4f954e71e6353a1999874e5acfae185ec026881
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:10:26 GMT
ETag: "73137ece8b97483cbdc054df43ddb7089e561696"
Last-Modified: Fri, 03 Feb 2023 09:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b4a6be98bfab4-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash ec797e57c49c365bc22b41719745a44f
73137ece8b97483cbdc054df43ddb7089e561696
c032775a25dea1ea72009f20b4f954e71e6353a1999874e5acfae185ec026881
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Tue, 07 Feb 2023 09:10:26 GMT
ETag: "73137ece8b97483cbdc054df43ddb7089e561696"
Last-Modified: Fri, 03 Feb 2023 09:10:27 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2814
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 793b4a6bf8d10b55-OSL
www.gdklc.com/images/login-help4.png
182.92.96.218200 OK 1.6 kB URL HTTP/1.1 www.gdklc.com/images/login-help4.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 495df36dc72d1e6792e4c96dee14eb2d
13d805e525686456cd80ccc23c5bb216ea7caf23
660b14403a332a02bf60caaada94255b88be5210ec3aac98e72f5162d23cb92f
GET /images/login-help4.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:45:34 GMT
ETag: "2022a-641-540e887884b80"
Accept-Ranges: bytes
Content-Length: 1601
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
www.gdklc.com/images/login-help2.png
182.92.96.218200 OK 1.6 kB URL HTTP/1.1 www.gdklc.com/images/login-help2.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 4da5e6d2b98bfd3ad321bd909a234212
2ac240ed15dbb6f9ce843a152a548140bd49abae
10f4801716c858b5a4d3124d86267cbe8c4c85c2fca54f4028db0454c1821bdc
GET /images/login-help2.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:44:35 GMT
ETag: "20228-64d-540e8840406c0"
Accept-Ranges: bytes
Content-Length: 1613
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
www.gdklc.com/images/login-help1.png
182.92.96.218200 OK 1.7 kB URL HTTP/1.1 www.gdklc.com/images/login-help1.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Hash 52b886fb282e6e177bf32362204031c4
055e626463d7557f83d5d1097a2e6c7dbc4bbf4c
06332bfdf25e1911e8cc9f8923cf6d3516b901c9c4af95852473988d5952e3ec
GET /images/login-help1.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:10 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:44:16 GMT
ETag: "20227-690-540e882e21c00"
Accept-Ranges: bytes
Content-Length: 1680
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
www.gdklc.com/images/header-logo.png
182.92.96.218200 OK 21 kB URL HTTP/1.1 www.gdklc.com/images/header-logo.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 104 x 60, 8-bit/color RGBA, non-interlaced\012- data
Hash a4792ace98bad30ba76bea611dd14efb
4853559083f73f81e9dc8c9fd4c0b81138b86488
369e5aa26c4dada71a75678df1fdde8f7f10692ead7a884bd0b3f799e5934005
GET /images/header-logo.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Fri, 28 Jul 2017 02:19:46 GMT
ETag: "2021f-5172-555575094d480"
Accept-Ranges: bytes
Content-Length: 20850
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/png
www.bill2021.com/dan/indexty.html
154.208.77.212200 OK 1.4 kB URL HTTP/1.1 www.bill2021.com/dan/indexty.html
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (352)
Hash 9207a79bb10fc15812c3076c66ff52fc
2faef2e2afe7d9adf4978b196d554cdb5d129cc0
9a258e6c1b0d3eb25f3f5ef89cfc2edf31533be62ab10678c71e7af3041b95f4
GET /dan/indexty.html HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Last-Modified: Sat, 29 Oct 2022 01:20:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"635c7ff2-ff0"
Content-Encoding: gzip
www.bill2021.com/js/zhongguomeng.js.js
154.208.77.212404 Not Found 162 B URL HTTP/1.1 www.bill2021.com/js/zhongguomeng.js.js
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /js/zhongguomeng.js.js HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.bill2021.com/css/index.css
154.208.77.212404 Not Found 162 B URL HTTP/1.1 www.bill2021.com/css/index.css
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /css/index.css HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
push.zhanzhang.baidu.com/push.js
182.61.201.94200 OK 227 B URL HTTP/1.1 push.zhanzhang.baidu.com/push.js
IP 182.61.201.94:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with no line terminators
Hash e548b6ce15bb616c2bfba36e9cfbf307
a348285d9928a6548a57569f1fb9d62bdd747f33
7be3e4c53cc47ce5cfa40a5e79b42848a90acee0d7ff71f10ac31a49c81aead5
GET /push.js HTTP/1.1
Host: push.zhanzhang.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=31536000
Content-Encoding: gzip
Content-Length: 227
Content-Type: text/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: "4078521116"
Expires: Sat, 03 Feb 2024 12:50:10 GMT
Last-Modified: Wed, 25 Nov 2015 07:47:55 GMT
P3p: CP=" OTI DSP COR IVA OUR IND COM "
Server: apache
Set-Cookie: BAIDUID=E76CEEC559F7A4679A7A13479D2C9757:FG=1; max-age=31536000; expires=Sat, 03-Feb-24 12:50:10 GMT; domain=.baidu.com; path=/; version=1
Vary: Accept-Encoding
www.bill2021.com/dan/js/zhongguomeng.js
154.208.77.212200 OK 921 B URL HTTP/1.1 www.bill2021.com/dan/js/zhongguomeng.js
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type ASCII text, with CRLF line terminators
Hash b8e6872c8ed9db8e31d013f84e785870
fd9df2dae33af539c35317c2786c2bb1d76a94e2
d094409f7d7731c5c7396c4c42445c426ae6de3b210a11b58649691a812bc945
GET /dan/js/zhongguomeng.js HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: application/javascript
Content-Length: 921
Last-Modified: Fri, 03 Feb 2023 05:10:27 GMT
Connection: keep-alive
ETag: "63dc9743-399"
Accept-Ranges: bytes
www.bill2021.com/dan/index.css
154.208.77.212200 OK 511 B URL HTTP/1.1 www.bill2021.com/dan/index.css
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
Hash 1a04275bd681a7baf6118fd368aa3eff
05969c3a348b2f8e4ab4f3e31c55fea788074480
b4328988195bd9d7ff38a3519f1d650d7d98c8cc91500174fcc24d448ebd2b2b
GET /dan/index.css HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:10 GMT
Content-Type: text/css
Last-Modified: Fri, 24 Dec 2021 10:25:42 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
ETag: W/"61c5a026-450"
Content-Encoding: gzip
hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?2a961ecad4c90ac34c7562d9a1e5832b
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (618)
Hash 91dfda4257cafc34e635d5c7f42a2c52
bec10be60f555ca5a13388ac18e59c50c1ba22ec
cd95c93cde732ec7dc9ee283e94fbe32a13d90637e8d435549d9dfc7d2c7e6e4
GET /hm.js?2a961ecad4c90ac34c7562d9a1e5832b HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11256
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: 05d74a574fe90fe81d606049af4e1cd5
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=7E76B7FCB918BE1A; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40
103.235.46.191200 OK 11 kB URL HTTP/1.1 hm.baidu.com/hm.js?69213e6e300ff71fcc72673b58b9ba40
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type ASCII text, with very long lines (622)
Hash faa341f02cd2b48e2f2b02f4c2ebc334
ec579ab34998f9d8a00688cd1d88398351c830c0
4a905311d51b7a136f32823941504b6eccddd655d1ee2eab9d229d0adcfa7116
GET /hm.js?69213e6e300ff71fcc72673b58b9ba40 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: max-age=0, must-revalidate
Content-Encoding: gzip
Content-Length: 11260
Content-Type: application/javascript
Date: Fri, 03 Feb 2023 12:50:10 GMT
Etag: 70d166f35afc9cc84d294503223cf56f
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Server: apache
Set-Cookie: HMACCOUNT=CBC308C59091AA87; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
www.bill2021.com/dan/pkPhoto/weibu.jpg
154.208.77.212200 OK 93 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/weibu.jpg
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1077x326, components 3\012- data
Hash 72ffbaa3518e14d528abcdfb3f5ab8b3
9385a5a42b04c4af17148a61c062cf4b8d976ac3
bea6c9dc0fa84aecf9bd0031e998523a9d4dff5ace9814b20e573e849da77666
GET /dan/pkPhoto/weibu.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/jpeg
Content-Length: 93266
Last-Modified: Thu, 08 Sep 2022 07:53:17 GMT
Connection: keep-alive
ETag: "63199f6d-16c52"
Accept-Ranges: bytes
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=1707981466&si=2a961ecad4c90ac34c7562d9a1e5832b&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 12:50:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=7AF8324BFA895C2F; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
103.235.46.191200 OK 43 B URL HTTP/1.1 hm.baidu.com/hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8
IP 103.235.46.191:0
ASN #55967 Beijing Baidu Netcom Science and Technology Co., Ltd.
File type GIF image data, version 89a, 1 x 1\012- data
Hash ad4b0f606e0f8465bc4c4c170b37e1a3
50b30fd5f87c85fe5cba2635cb83316ca71250d7
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
GET /hm.gif?cc=1&ck=1&cl=24-bit&ds=1280x1024&vl=939&et=0&ja=0&ln=en-us&lo=0&rnd=924596328&si=69213e6e300ff71fcc72673b58b9ba40&v=1.3.0&lv=1&sn=26367&r=0&ww=1280&u=http%3A%2F%2Fiihttanzania.com%2Ftech-spec-2-3.html&tt=%E9%93%B6%E6%B2%B3%E6%B8%B8%E6%88%8F%E5%AE%98%E6%96%B9%E9%A6%96%E9%A1%B5---%E6%AC%A2%E8%BF%8E%E6%82%A8 HTTP/1.1
Host: hm.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://iihttanzania.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: private, max-age=0, no-cache
Content-Length: 43
Content-Type: image/gif
Date: Fri, 03 Feb 2023 12:50:11 GMT
P3p: CP="CURa ADMa DEVa PSAo PSDo OUR BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
Pragma: no-cache
Server: apache
Set-Cookie: HMACCOUNT=64A905146C5C71A3; Path=/; Domain=hm.baidu.com; Expires=Sun, 18 Jan 2038 00:00:00 GMT
Strict-Transport-Security: max-age=172800
X-Content-Type-Options: nosniff
api.share.baidu.com/s.gif?l=http://iihttanzania.com/tech-spec-2-3.html
182.61.201.93200 OK 0 B URL HTTP/1.1 api.share.baidu.com/s.gif?l=http://iihttanzania.com/tech-spec-2-3.html
IP 182.61.201.93:0
ASN #38365 Beijing Baidu Netcom Science and Technology Co., Ltd.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /s.gif?l=http://iihttanzania.com/tech-spec-2-3.html HTTP/1.1
Host: api.share.baidu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/
HTTP/1.1 200 OK
Content-Length: 0
Content-Type: text/plain; charset=utf-8
Date: Fri, 03 Feb 2023 12:50:11 GMT
www.gdklc.com/images/advimg/1514339821598536217.png
182.92.96.218200 OK 8.4 kB URL HTTP/1.1 www.gdklc.com/images/advimg/1514339821598536217.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 112 x 112, 8-bit/color RGB, non-interlaced\012- data
Hash 042b77d5817d6ec3801f7089ce21bca0
472a4a0dcc77d88da8fa03844a3c68a210c1a387
cf7a1ec06c2a6edbfa306d0e675e9e4f10fa2ef07cac0c9817d1382986b209ad
GET /images/advimg/1514339821598536217.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Wed, 27 Dec 2017 01:57:01 GMT
ETag: "202ab-20b0-56148b7199540"
Accept-Ranges: bytes
Content-Length: 8368
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
www.bill2021.com/dan/img/bg1111.jpg
154.208.77.212404 Not Found 162 B URL HTTP/1.1 www.bill2021.com/dan/img/bg1111.jpg
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 70461da8b94c6ca5d2fda3260c5a8c3b
994bc667720c21257500e29038c1a5f61e25da1e
f33c27745f2bd87344be790465ef984a972fd539dc83bd4f61d4242c607ef1ee
GET /dan/img/bg1111.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/index.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 404 Not Found
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
www.bill2021.com/dan/pkPhoto/bcxh.png
154.208.77.212200 OK 135 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/bcxh.png
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 980 x 100, 8-bit/color RGBA, non-interlaced\012- data
Size 135 kB (135021 bytes)
Hash 13eee91adfed5e2c622e386bba677e01
3bc40b822089c26da2551b40c5239e5bf6159fa1
a097f5b4c905b3fdf29085e4407047d5ab8395cfed166030aa2399ff4df84b3b
GET /dan/pkPhoto/bcxh.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 135021
Last-Modified: Thu, 08 Sep 2022 07:53:17 GMT
Connection: keep-alive
ETag: "63199f6d-20f6d"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/ty-yaobo.png
154.208.77.212200 OK 375 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/ty-yaobo.png
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 1434 x 168, 8-bit/color RGBA, non-interlaced\012- data
Size 375 kB (375070 bytes)
Hash 8246fea5d34a8158b32ca6c245ea16b6
ba9ad21b7780a9ea8a530f363c09d4448cac7b6e
12bb8811bdbadec42e092ff12b79bb52657f2cd971e188052610e6358e3c9813
GET /dan/pkPhoto/ty-yaobo.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 375070
Last-Modified: Thu, 08 Sep 2022 07:53:27 GMT
Connection: keep-alive
ETag: "63199f77-5b91e"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/ledong100.png
154.208.77.212200 OK 222 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/ledong100.png
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 2100 x 150, 8-bit colormap, non-interlaced\012- data
Size 222 kB (222004 bytes)
Hash c514cc26a8bbf5cb52abdf9ab9e68980
18199a677d4fbb0cf0a1c7f9af076c2ae76fb4cb
3a39dc076d1c0bfec10debd1c0f54249d89036049dad5f24255eb2e6b610b27d
GET /dan/pkPhoto/ledong100.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/png
Content-Length: 222004
Last-Modified: Thu, 08 Sep 2022 07:53:28 GMT
Connection: keep-alive
ETag: "63199f78-36334"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/bet1000x100_jpg.jpg
154.208.77.212200 OK 118 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/bet1000x100_jpg.jpg
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x100, components 3\012- data
Size 118 kB (118484 bytes)
Hash b601a3aeeb918c401a7e6203a27129f5
314ab685c22cf0f4979e2468ce2de55c74a959de
a86e74c3ec52a8b51388c52bad6b510042b1faf95bf730f20a7d6b899c373969
GET /dan/pkPhoto/bet1000x100_jpg.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/jpeg
Content-Length: 118484
Last-Modified: Mon, 26 Sep 2022 05:53:04 GMT
Connection: keep-alive
ETag: "63313e40-1ced4"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/amdcpc.gif
154.208.77.212200 OK 278 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/amdcpc.gif
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 100\012- data
Size 278 kB (278305 bytes)
Hash 71c7927a8115608a38ef646fbe1d245e
62308a2b77fe5db7519349d56e8f9daf1230a5dc
94cf5d84e80dc1006762bb51fe0a2ae9cd9a9a608eb4d60f25bbfb4e9959dbf8
GET /dan/pkPhoto/amdcpc.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/gif
Content-Length: 278305
Last-Modified: Thu, 08 Sep 2022 07:53:28 GMT
Connection: keep-alive
ETag: "63199f78-43f21"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/by1000x100.gif
154.208.77.212200 OK 352 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/by1000x100.gif
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 100\012- data
Size 352 kB (352162 bytes)
Hash 8c6b4b6fc48958d58ed73edaec8c7371
7b2b81852ab9d722e1dc4f5782192d41bbfbfa81
ee7d062eccc180754f4b4eb2623ea2ef13cbba7375c405e56db371dee5273656
GET /dan/pkPhoto/by1000x100.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:11 GMT
Content-Type: image/gif
Content-Length: 352162
Last-Modified: Thu, 08 Sep 2022 07:53:19 GMT
Connection: keep-alive
ETag: "63199f6f-55fa2"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/ty1000x100_jpg.jpg
154.208.77.212200 OK 105 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/ty1000x100_jpg.jpg
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1000x100, components 3\012- data
Size 105 kB (105237 bytes)
Hash 0241d16d8bcd8a13925af33abc59e638
637b547e6b2cc177008349123d0c6566147ceeab
0033014a565093b3e5fbbac9eebb9efc1a94a262630d976d52564a8e27e862ec
GET /dan/pkPhoto/ty1000x100_jpg.jpg HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/jpeg
Content-Length: 105237
Last-Modified: Mon, 26 Sep 2022 05:53:18 GMT
Connection: keep-alive
ETag: "63313e4e-19b15"
Accept-Ranges: bytes
www.gdklc.com/images/login-help3.png
182.92.96.218200 OK 321 kB URL HTTP/1.1 www.gdklc.com/images/login-help3.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type PNG image data, 30 x 30, 8-bit/color RGBA, non-interlaced\012- data
Size 321 kB (320939 bytes)
Hash 177066cf15a8204b2eb6ca099d6b4abd
7d0688a20afffd32f1ef8c3694f6ee80c5ba0ee9
331633f4971f2b3925d224b639f41696906ed229bfc996599272d55f70f85a59
GET /images/login-help3.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://iihttanzania.com
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 10 Nov 2016 01:45:11 GMT
ETag: "20229-5bc-540e8862957c0"
Accept-Ranges: bytes
Content-Length: 1468
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/png
www.gdklc.com/images/advimg/15143398211563325642.jpg
182.92.96.218200 OK 40 kB URL HTTP/1.1 www.gdklc.com/images/advimg/15143398211563325642.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS2 Windows, datetime=2017:12:27 09:55:37], progressive, precision 8, 112x112, components 3\012- data
Hash 2d706bf982387e496e7ca1703c4a5b75
ef892b0ec27c8ca36103f054551bc7be9fdd00ce
fb2d076ebe205f293ec8ec566f5af9f4cb32005c3d7ee35f0fefb8da2dd36b3a
GET /images/advimg/15143398211563325642.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Wed, 27 Dec 2017 01:57:01 GMT
ETag: "202aa-9d70-56148b7199540"
Accept-Ranges: bytes
Content-Length: 40304
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg
www.bill2021.com/dan/pkPhoto/500pj1000-200.gif
154.208.77.212200 OK 649 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/500pj1000-200.gif
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 200\012- data
Size 649 kB (649012 bytes)
Hash 4b2329aee1fcc97910223870de0a7ac3
f7a5bd1bee03223ee41d7a586569337aefb09ea2
ddff3a89b79326f02c8e2ba68f8534df4ad3196134e74ec0accb51800cd4de3d
GET /dan/pkPhoto/500pj1000-200.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/gif
Content-Length: 649012
Last-Modified: Thu, 08 Sep 2022 07:53:30 GMT
Connection: keep-alive
ETag: "63199f7a-9e734"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/5247cc1000-200%20.gif
154.208.77.212200 OK 591 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/5247cc1000-200%20.gif
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type GIF image data, version 89a, 1000 x 200\012- data
Size 591 kB (590972 bytes)
Hash 60f5165ec126a4b95de17cd8d93df564
9144c7659554767fe1c8c6bc0732fbd190c810fb
e84562dfeb76c6669ed9e07b976e1e2a63925573aa3ca92b44e12942a06f1232
GET /dan/pkPhoto/5247cc1000-200%20.gif HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/gif
Content-Length: 590972
Last-Modified: Thu, 08 Sep 2022 07:53:30 GMT
Connection: keep-alive
ETag: "63199f7a-9047c"
Accept-Ranges: bytes
www.bill2021.com/dan/pkPhoto/kaiyun1100x200.png
154.208.77.212200 OK 470 kB URL HTTP/1.1 www.bill2021.com/dan/pkPhoto/kaiyun1100x200.png
IP 154.208.77.212:0
ASN #134548 DXTL Tseung Kwan O Service
File type PNG image data, 1110 x 221, 8-bit/color RGB, non-interlaced\012- data
Size 470 kB (470322 bytes)
Hash cb8dacafc8816967d295f039376b84d9
9d5be5064687055afebdd885845776b6d08344e2
5d99ded757913931536dd9fdcebc6a793fd073e0b5ebb51b121f9dbf0be0be4d
GET /dan/pkPhoto/kaiyun1100x200.png HTTP/1.1
Host: www.bill2021.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.bill2021.com/dan/indexty.html
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:12 GMT
Content-Type: image/png
Content-Length: 470322
Last-Modified: Sat, 29 Oct 2022 01:15:52 GMT
Connection: keep-alive
ETag: "635c7ec8-72d32"
Accept-Ranges: bytes
iihttanzania.com/images/shortcut-icon.ico
172.252.4.201200 OK 2.3 kB URL HTTP/1.1 iihttanzania.com/images/shortcut-icon.ico
IP 172.252.4.201:0
Hash c3f311f91642b8da1462af5684493e6e
658f6fee9d109f4ec044c90f2ce226abd85f39f7
92ce6afc7830310a3316cf0195073814f0586c26129f008b2520827f10b54f7b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /images/shortcut-icon.ico HTTP/1.1
Host: iihttanzania.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://iihttanzania.com/tech-spec-2-3.html
Cookie: Hm_lvt_2a961ecad4c90ac34c7562d9a1e5832b=1675428642; Hm_lpvt_2a961ecad4c90ac34c7562d9a1e5832b=1675428642; Hm_lvt_69213e6e300ff71fcc72673b58b9ba40=1675428642; Hm_lpvt_69213e6e300ff71fcc72673b58b9ba40=1675428642
HTTP/1.1 200 OK
Server: nginx
Date: Fri, 03 Feb 2023 12:50:14 GMT
Content-Type: text/html;charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
X-Powered-By: PHP/5.4.41
Content-Encoding: gzip
www.gdklc.com/images/advimg/1606876958529880943.jpg
182.92.96.218200 OK 401 kB URL HTTP/1.1 www.gdklc.com/images/advimg/1606876958529880943.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2019 (Windows), datetime=2020:12:02 10:42:11], baseline, precision 8, 1920x549, components 3\012- data
Size 401 kB (400794 bytes)
Hash 7308a7a91f644453dff3480f25009301
3efb65402aad6f7974db905fd738eae775c5bf81
7ea719e260da36a67baeb9d7021da266a6f3cab6e2a082a39d59d34f0a2f94e0
GET /images/advimg/1606876958529880943.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:10 GMT
Server: Apache
Last-Modified: Wed, 02 Dec 2020 02:42:38 GMT
ETag: "202c4-61d9a-5b57232478380"
Accept-Ranges: bytes
Content-Length: 400794
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
182.92.96.218200 OK 57 kB URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_11629.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2017 (Windows), datetime=2017:10:19 16:39:53], baseline, precision 8, 375x214, components 3\012- data
Hash 3b48811150974b922366ddcfe0edd39f
37b83e83258bf81c7a2a232238bde0f81eab2d92
bfde5d37da5e8576014f9470ad7f7a46fbc95c81d7ab4aeb514fd3fe00b3415d
GET /include/kindeditor/attached/image/20171020/20171020075714_11629.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:12 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:14 GMT
ETag: "20c90-dd23-55bef1d832a80"
Accept-Ranges: bytes
Content-Length: 56611
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075715_55007.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /include/kindeditor/attached/image/20171020/20171020075715_55007.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:15 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:15 GMT
ETag: "20c92-fbb6-55bef1d926cc0"
Accept-Ranges: bytes
Content-Length: 64438
Vary: User-Agent
Keep-Alive: timeout=15, max=298
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/images/product/1533171831993168710.png
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/images/product/1533171831993168710.png
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /images/product/1533171831993168710.png HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:11 GMT
Server: Apache
Last-Modified: Thu, 02 Aug 2018 01:03:51 GMT
ETag: "2073e-178b1-57269625dcbc0"
Accept-Ranges: bytes
Content-Length: 96433
Vary: User-Agent
Keep-Alive: timeout=15, max=299
Connection: Keep-Alive
Content-Type: image/png
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075714_86537.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /include/kindeditor/attached/image/20171020/20171020075714_86537.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:15 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:14 GMT
ETag: "20c91-f78a-55bef1d832a80"
Accept-Ranges: bytes
Content-Length: 63370
Vary: User-Agent
Keep-Alive: timeout=15, max=297
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075737_12190.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /include/kindeditor/attached/image/20171020/20171020075737_12190.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:37 GMT
ETag: "20c95-9e1d5-55bef1ee21e40"
Accept-Ranges: bytes
Content-Length: 647637
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075738_32509.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /include/kindeditor/attached/image/20171020/20171020075738_32509.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:38 GMT
ETag: "20c96-9ac98-55bef1ef16080"
Accept-Ranges: bytes
Content-Length: 634008
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg
www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
182.92.96.218200 OK 0 B URL HTTP/1.1 www.gdklc.com/include/kindeditor/attached/image/20171020/20171020075735_65785.jpg
IP 182.92.96.218:0
ASN #37963 Hangzhou Alibaba Advertising Co.,Ltd.
GET /include/kindeditor/attached/image/20171020/20171020075735_65785.jpg HTTP/1.1
Host: www.gdklc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://iihttanzania.com/
Connection: keep-alive
HTTP/1.1 200 OK
Date: Fri, 03 Feb 2023 12:50:09 GMT
Server: Apache
Last-Modified: Thu, 19 Oct 2017 23:57:35 GMT
ETag: "20c94-a9c76-55bef1ec399c0"
Accept-Ranges: bytes
Content-Length: 695414
Vary: User-Agent
Keep-Alive: timeout=15, max=300
Connection: Keep-Alive
Content-Type: image/jpeg