Report - godentalcare.com.au/ga/queeaiuq

Report Overview

Submitted URL
godentalcare.com.au/ga/queeaiuq
IP
172.67.134.126
ASN
#13335 CLOUDFLARENET
Submitted
2022-10-14 17:18:11
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
28

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
away.bettershitecolumn.com	unknown	2022-08-31T21:41:18Z	2022-12-18T16:25:57Z	1.5 kB	1.9 kB	91.211.91.104
img-getpocket.cdn.mozilla.net	1631	2018-06-22T01:36:00Z	2023-03-09T10:04:36Z	3.7 kB	120 kB	34.120.237.76
fonts.googleapis.com	8877	2013-06-10T22:14:26Z	2023-03-09T12:17:45Z	501 B	2.3 kB	142.250.74.10
accessily.com	28988	2019-03-30T12:00:51Z	2023-01-24T21:33:23Z	399 B	24 kB	104.21.86.155
0.shar-pei.top	unknown	2022-05-06T23:00:50Z	2023-03-07T00:22:41Z	1.5 kB	976 B	185.177.92.29
di4.biz	unknown	2017-01-20T20:13:06Z	2023-03-08T16:01:02Z	1.1 kB	611 B	185.177.92.179
ocsp.pki.goog	175	2018-07-01T08:43:07Z	2023-03-09T05:09:50Z	2.3 kB	4.9 kB	142.250.74.3
r3.o.lencr.org	344	2020-12-02T09:52:13Z	2023-03-09T05:09:05Z	3.3 kB	8.9 kB	23.36.77.32
content-signature-2.cdn.mozilla.net	1152	2020-11-03T13:26:46Z	2023-03-09T05:09:49Z	401 B	5.9 kB	34.160.144.191
push.services.mozilla.com	2140	2014-10-24T10:27:06Z	2023-03-09T05:09:13Z	594 B	127 B	44.237.163.41
fonts.gstatic.com	unknown	2014-09-09T02:40:21Z	2023-03-09T10:01:47Z	1.9 kB	127 kB	216.58.207.195
cdn.weatherplllatform.com	unknown	2022-09-14T13:23:49Z	2023-03-07T20:37:17Z	367 B	7.7 kB	91.211.91.114
firefox.settings.services.mozilla.com	867	2020-06-04T22:08:41Z	2023-03-09T05:09:18Z	758 B	2.8 kB	143.204.55.35
ocsp.digicert.com	86	2012-05-21T09:02:23Z	2023-03-09T11:52:10Z	987 B	2.0 kB	93.184.220.29
shar-pei.top	unknown	2022-05-06T23:00:51Z	2023-03-07T00:18:52Z	2.3 kB	5.8 kB	185.177.92.29
saint-petersburg.top	unknown	2022-10-11T13:50:12Z	2023-03-09T17:49:30Z	802 B	728 B	51.15.19.93
godentalcare.com.au	unknown	2017-01-28T15:19:24Z	2023-02-27T04:46:23Z	448 B	612 B	104.21.25.192
contile.services.mozilla.com	1114	2021-05-27T20:32:35Z	2023-03-09T05:09:48Z	321 B	229 B	34.117.237.239

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-10-14	medium	0.shar-pei.top/l99ea0f0d.js	Phishing
2022-10-14	medium	godentalcare.com.au/ga/queeaiuq	Malware
2022-10-14	medium	0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	di4.biz	Sinkholed
2022-10-14	medium	di4.biz	Sinkholed
2022-10-14	medium	godentalcare.com.au	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed
2022-10-14	medium	shar-pei.top	Sinkholed

JavaScript (16)

	URL	Size	First Seen	Last Seen
	godentalcare.com.au/wp-content/themes/hitmag/js/scripts.js?ver=6.0.2	1.2 kB	2023-03-07	2024-02-25
Pretty URL godentalcare.com.au/wp-content/themes/hitmag/js/scripts.js?ver=6.0.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:14 Last Seen2024-02-25 13:25:10 Times Seen21 Hash a6df452b8302332e83a5aaad430e2620 d01ca09a76512e35e3ba05d10304567ad1184ffb d4c2f019588ff655135e71eb5879169d5947e6c224cde9b64dad3647a7d83806 Loading...

	away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=	158 B	2023-03-08	2023-03-10
Pretty URL away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA= IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:53:26 Last Seen2023-03-10 11:08:24 Times Seen1 Hash 2e8811512dbaa8636a88d7aa0e66aba2 40355c043054f3b8c71f9e1a2b8810abdd58d01f 521dba5c1bfb2da53d2a1c7891e3984897ee0b3f468d9c71d52033b85d4279ae Loading...

	shar-pei.top/go/mu2gknlgme5dgnjs	8.1 kB	2023-03-10	2023-03-10
Pretty URL shar-pei.top/go/mu2gknlgme5dgnjs IP 185.177.92.29 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:22:40 Last Seen2023-03-10 09:22:40 Times Seen1 Hash 548c8f1c1b2818524a22254a64a0d069 284e56ff97b1634defa0fc990d84f52f3ba4c756 f51a23a5d2c9e75b0a0ba4b26ae942d0a0b39a1e5d3707448228c823a411300d Loading...

	godentalcare.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0	90 kB	2023-03-07	2024-04-24
Pretty URL godentalcare.com.au/wp-includes/js/jquery/jquery.min.js?ver=3.6.0 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-24 22:40:37 Times Seen31821 Hash 02dd5d04add4759122013c5ab4dc5cc2 a45a56e396ac549b4ff39b696ce9e0c16a7612de bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea Loading...

	godentalcare.com.au/wp-content/themes/hitmag/js/navigation.js?ver=20151215	3.8 kB	2023-03-07	2024-02-25
Pretty URL godentalcare.com.au/wp-content/themes/hitmag/js/navigation.js?ver=20151215 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:58:14 Last Seen2024-02-25 13:25:10 Times Seen26 Hash 7b843632f259e27cf7371cae377a340d 052edd114707f0165f514087d2a57377f53c7963 62cc1fc4688e993489101af51c899c67bddf976e08ce9c7d051595144038261b Loading...

	godentalcare.com.au/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215	683 B	2023-03-07	2024-04-24
Pretty URL godentalcare.com.au/wp-content/themes/hitmag/js/skip-link-focus-fix.js?ver=20151215 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:28 Last Seen2024-04-24 22:41:01 Times Seen3285 Hash 75abd4cd8807b312f9f7faeb77ee774b e7b7a7ed06d0123ab8667a1d1eeb23de9f2bece7 ca424c0181141900220a19f998ffa7660380bc99ab99557ad458a083251f7034 Loading...

	godentalcare.com.au/ga/queeaiuq	670 B	2023-03-08	2023-03-11
Pretty URL godentalcare.com.au/ga/queeaiuq IP 104.21.25.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:52:43 Last Seen2023-03-11 19:09:28 Times Seen1 Hash 05fa9ca6765d6e63d0e77bdb1d6cc770 715700aa7b5c32decacf45ae09ffec8783c59e47 8be3e2c724034529e7bd1435a5fce5344cdc015be2238292e5e1a26645cbd936 Loading...

	godentalcare.com.au/ga/queeaiuq	2.2 kB	2023-03-08	2023-03-10
Pretty URL godentalcare.com.au/ga/queeaiuq IP 104.21.25.192 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:52:42 Last Seen2023-03-10 09:22:40 Times Seen1 Hash e2d4d30a4be3cc296d52e2b1d25bf5c1 ae215e6496b22e1da206a04d8b41642c0304ad4a 9734052b989887f73028bf4f0267618638f340f48d92d8a409be75f2ae904a7f Loading...

	godentalcare.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2	11 kB	2023-03-07	2024-04-25
Pretty URL godentalcare.com.au/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:02 Last Seen2024-04-25 01:37:46 Times Seen68606 Hash 79b4956b7ec478ec10244b5e2d33ac7d a46025b9d05e3df30d610a8aef14f392c7058dc9 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300 Loading...

	godentalcare.com.au/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=6.0.2	22 kB	2023-03-07	2024-04-08
Pretty URL godentalcare.com.au/wp-content/themes/hitmag/js/jquery.flexslider-min.js?ver=6.0.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:16:48 Last Seen2024-04-08 08:58:50 Times Seen307 Hash 713a5d55fb669e19047d11696c912724 be1225831828975aec69f791de6cf118994c05ef 8b2c3d7393c0c588c830ba08b65816fd313fc7e0095948423aaa45205196f6bf Loading...

	0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs	8.1 kB	2023-03-10	2023-03-10
Pretty URL 0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs IP 185.177.92.29 ASN #39572 DataWeb Global Group B.V. Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:22:40 Last Seen2023-03-10 09:22:40 Times Seen1 Hash 94efdab6a1e956290330764523d1baee 1e4eef1ddfcaea98152ce7efe6fa60fd72f040d0 c8bfc2ed4a1faf6d15b52ccfd021a857e5b4733d6745273b46f26f91bfff64b8 Loading...

	godentalcare.com.au/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=6.0.2	20 kB	2023-03-07	2024-04-25
Pretty URL godentalcare.com.au/wp-content/themes/hitmag/js/jquery.magnific-popup.min.js?ver=6.0.2 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:00 Last Seen2024-04-25 01:32:29 Times Seen19512 Hash ba6cf724c8bb1cf5b084e79ff230626e f455c5f153f872e52265f87a644ff89fe14a6fb6 3fddc6d28aba3c13d64cfd4847c333ff48c71d4a5a58bd1a0494ca6ae8ac1bb4 Loading...

	cdn.weatherplllatform.com/news.js?v=34.5	3.4 kB	2023-03-08	2023-03-10
Pretty URL cdn.weatherplllatform.com/news.js?v=34.5 IP 91.211.91.114 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 12:52:42 Last Seen2023-03-10 11:08:24 Times Seen1 Hash ab9e90875ff2ab8ba2434412db27ce3e e48b14e4335282b648c26e9dd95793822cd7f99f fbb22469d61572a962cdf149d109c118ff7ce977d96599f129f9ab05886dbccf Loading...

	away.bettershitecolumn.com/fly/follow.js?v=3.8.3	264 B	2023-03-10	2023-03-10
Pretty URL away.bettershitecolumn.com/fly/follow.js?v=3.8.3 IP 91.211.91.104 ASN #206638 PE Brezhnev Daniil Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 09:22:40 Last Seen2023-03-10 09:22:40 Times Seen1 Hash 74a9f444a057fa1535e164fffa743d8f bc29439cd12300c9ed1c70516ab6f91eae3e9c60 c4a8177a9b69e27a105d1622e504731ec9d249077cec61f0859164ea5233e6af Loading...

		Size	First Seen	Last Seen
	#1 Eval - e16a7b20e9e1dab3667f28350404d416	8.0 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 09:22:40 Last Seen2023-03-10 09:22:40 Times Seen1 Hash e16a7b20e9e1dab3667f28350404d416 5e18e186e623da5e027f187722c61148f10637f5 8b412573a8f56754ae8c5281f87123486c657a230ada395abe4ec6115997eb9a Loading...

	#2 Eval - 9d481d483cac15dc1606e806e636b1ee	7.9 kB	2023-03-10	2023-03-10
Pretty Observations First Seen2023-03-10 09:22:40 Last Seen2023-03-10 09:22:40 Times Seen1 Hash 9d481d483cac15dc1606e806e636b1ee 10425b54b2fa6fecd2090ccca70839bf3b99af3c 307fcf225a7885048539efd330da8bad77ab5f25ffc18302a0dfb6ac72a40646 Loading...

HTTP Transactions (55)

URL IP Response Size

firefox.settings.services.mozilla.com/v1/

143.204.55.35

200 OK

939 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
c9df6b36bf16969ac566c1b798362e4a
e56eff34815153ae019a4bf63eb9746dd9ae2e5b
33c1175144ab2be42c9de383f7893a6e60cd1f21f282eacb413d546331db3fa0

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Retry-After, Alert, Content-Type, Backoff
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 14 Oct 2022 16:49:52 GMT
Expires: Fri, 14 Oct 2022 17:03:37 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 bcd5dadccb0831729969c938747ff79a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Fuaq1bDJTRjki8xjVz49Eqf5UAaYN_bA7j1yN2PRf6dHX1DWKs6rCQ==
Age: 1688

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ef1ca48ca7fd21239a2a11fcfc6366b
ee44232c27fb39d25ac901df2247c3ffd2c5bcca
e9bad8be490429a84a567acd710f97a402bcf7b4ba4e47f2bed27cada418c439

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9BAD8BE490429A84A567ACD710F97A402BCF7B4BA4E47F2BED27CADA418C439"
Last-Modified: Wed, 12 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4469
Expires: Fri, 14 Oct 2022 18:32:29 GMT
Date: Fri, 14 Oct 2022 17:18:00 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5afb6d2acaf66af4c3fd458a0b70e17
ae58844d8753fe1b62240067b7c0efba86a858d0
42b37d16055f0f3ec52cbb45b4af4900baac4352e87c662811cdb377eb2d3c3e

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "42B37D16055F0F3EC52CBB45B4AF4900BAAC4352E87C662811CDB377EB2D3C3E"
Last-Modified: Wed, 12 Oct 2022 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10216
Expires: Fri, 14 Oct 2022 20:08:16 GMT
Date: Fri, 14 Oct 2022 17:18:00 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: mHz/2pmXs5EiLrMuu/rAKo+B7XLKltzQsnfvUwek/NFY8X5HSmDGihjIZAx+bO9FheQioYZ1aLDtKemjigpmPg==
x-amz-request-id: VCPGR72VJM9NG5TJ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Fri, 14 Oct 2022 17:02:13 GMT
age: 947
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:00 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9413b88ae91adcd2a3eada7320672803
6bb74ad022f4af2da594f9066c4086f2eaf869be
6dd4e22ad9d9f5cc731a69c95d6d05e41fbbbb7a9d9cbcf26eea98e2d09631cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=114912
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:00 GMT
Etag: "6348b7a8-117"
Expires: Sun, 16 Oct 2022 01:13:12 GMT
Last-Modified: Fri, 14 Oct 2022 01:13:12 GMT
Server: nginx
Content-Length: 279

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

143.204.55.35

200 OK

329 B

URL HTTP/1.1
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
143.204.55.35:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 14 Oct 2022 17:07:43 GMT
Expires: Fri, 14 Oct 2022 17:41:39 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: DRDzoAWi9WE0ZdQu8uWyka2xg_vhBwmwDYlxEEq0FnbJebaviQ1TlA==
Age: 617

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
90336661a2936bdb9efcc26998693b34
bee3b0e35ce901bff835d43a0f22eb0765ab8264
717bf09925581cc0668632ad10dfc2b714e77f9ba2c3852e8cf3ead552fde950

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1706
Cache-Control: max-age=141436
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:01 GMT
Etag: "6349189b-1d7"
Expires: Sun, 16 Oct 2022 08:35:17 GMT
Last-Modified: Fri, 14 Oct 2022 08:06:51 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

44.237.163.41

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
44.237.163.41:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: CZ4L30l4pLrAnFL6ReNgHQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: SjoTCKlZ63pjthFx9zxlD95B5VU=

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
9413b88ae91adcd2a3eada7320672803
6bb74ad022f4af2da594f9066c4086f2eaf869be
6dd4e22ad9d9f5cc731a69c95d6d05e41fbbbb7a9d9cbcf26eea98e2d09631cc

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=114912
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:01 GMT
Etag: "6348b7a8-117"
Expires: Sun, 16 Oct 2022 01:13:13 GMT
Last-Modified: Fri, 14 Oct 2022 01:13:12 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5ed407e919c07a9656b2b6e4079f9bb
f5302c72ba5d7622bba0e82a13102cbb09a0b834
bf93eb8a66d73c8b2425f3a16fc077959f0b7b41634821b852004d22fd213860

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext

142.250.74.10

200 OK

1.6 kB

URL HTTP/2
fonts.googleapis.com/css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext
IP
142.250.74.10:0
ASN
#15169 GOOGLE

File type
data
Size
1.6 kB (1560 bytes)
Hash
fc4df2695e2806f858ce43f68d4955c6
8e4e3b330214fe0dbeeafd4f51ae4340ecb4e579
65d367cdf9875c22c9e5b20192783e8b38f0132c53ff067db6525bb3feaffc2d

HTTP Headers

GET /css?family=Ubuntu%3A400%2C500%2C700%7CLato%3A400%2C700%2C400italic%2C700italic%7COpen+Sans%3A400%2C400italic%2C700&subset=latin%2Clatin-ext HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 14 Oct 2022 17:18:01 GMT
date: Fri, 14 Oct 2022 17:18:01 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2

216.58.207.195

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
data
Size
24 kB (23837 bytes)
Hash
2232c788ac4daca10a7908f5710c42fe
eeef6ddd675d1174d3c89951e15a11069c589b49
f7c3a805717abd3a18a9105321bdeb7abcced2b71680747619fdcde5afcc7319

HTTP Headers

GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 11 Oct 2022 17:10:21 GMT
expires: Wed, 11 Oct 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 259661
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
acaba5d27d27f0ebeb1a1495a6e4ff09
5953b351f69fd15de1b4d42dd9634dea8f6e920b
023cd9eaaee884f8cb91ed69805e308b42d2aaf48be2e3788e33dd95a501410f

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

accessily.com/img/Accessily_badge.png

104.21.86.155

404 Not Found

23 kB

URL HTTP/2
accessily.com/img/Accessily_badge.png
IP
104.21.86.155:0
ASN
#13335 CLOUDFLARENET

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size
23 kB (23297 bytes)
Hash
81af831e0d0be4c0a3a7bba228485325
d17f26d93fc8a3819991f7efc22f19c2e9f2ee8e
7fd465c5519676a06ed051cfcc5d104040f7b6419863770f89383527a0608aa1

HTTP Headers

GET /img/Accessily_badge.png HTTP/1.1
Host: accessily.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 404 Not Found
date: Fri, 14 Oct 2022 17:18:01 GMT
content-type: text/html; charset=iso-8859-1
cache-control: max-age=2678400
cf-cache-status: HIT
age: 110
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kDuYH7xR8zb0nYtPJKTpTZo8eLaFQrDU5ZPifglehp3UAbokm2O%2Bl6kiDt7Zv1iKJeR3kV1ytefL2%2Fzjfp6RNyP4Wer2JDqnm7885Vp393cm9KGUsgxtT%2BXLYOTNTz4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 75a1f8ccccb2b4f3-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Fri, 14 Oct 2022 18:33:38 GMT
Date: Fri, 14 Oct 2022 17:18:02 GMT
Connection: keep-alive

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

216.58.207.195

200 OK

45 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Size
45 kB (44856 bytes)
Hash
565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

HTTP Headers

GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 05:42:51 GMT
expires: Fri, 13 Oct 2023 05:42:51 GMT
cache-control: public, max-age=31536000
age: 128111
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Fri, 14 Oct 2022 18:33:38 GMT
Date: Fri, 14 Oct 2022 17:18:02 GMT
Connection: keep-alive

fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

216.58.207.195

200 OK

30 kB

URL HTTP/2
fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 29752, version 1.0\012- data
Size
30 kB (29752 bytes)
Hash
ab1fc8621287e4ea9319a3136812cf80
fb4ed2e52e2a8d7ac50a7618a0c2ea5507a24ef3
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

HTTP Headers

GET /s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 29752
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 13 Oct 2022 07:00:19 GMT
expires: Fri, 13 Oct 2023 07:00:19 GMT
cache-control: public, max-age=31536000
age: 123463
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Fri, 14 Oct 2022 18:33:38 GMT
Date: Fri, 14 Oct 2022 17:18:02 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg

34.120.237.76

200 OK

11 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
11 kB (10970 bytes)
Hash
bebccfd233122382143eaed780a0f452
363c2448ebe7293d9cc7cc2d873d09567abbe747
545ef6f74ac2963f8830b1fbd76439169dcdc758be50699cf72c86c5de2b5564

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F98481d75-e189-4e2a-94de-5d6c94c4ea9e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6685
x-amzn-requestid: 8d5aa091-bf24-4ab1-a33b-73795e951da1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EENeIAMF9Eg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-36c8c3d75b57c8df3b0644a0;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf8nte3n3LzQdLXnv6MfnVk2LO0b0CjSfyiaxK2UWsM2DLsm-xEAgA==
via: 1.1 33d72803ad26b392c1b578a2b1276580.cloudfront.net (CloudFront), 1.1 2f7934de1dfe281c3e4446892eab6462.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 22:56:52 GMT
age: 66070
etag: "3c567806bfec9a195235f1c1e3c3e4bc647fdde9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.5 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
7.5 kB (7452 bytes)
Hash
a657b6f5063a4f9a233eb1f3fcd48ff8
3af9c020a08991ca167359a05a6b5db9b7cd69fd
cdea720104200b5151f15315bcefc2adbf950c29576db6fbe66ce86af29a284e

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3ada65cb-c437-4614-ad56-8612a5eb3d39.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6005
x-amzn-requestid: f9cd6d19-f5f8-44ad-a809-9c66b2cea9ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m7YEw7oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488515-74c9354b031430335dfea732;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 2ajNm0eHqNm4Rel0IY5TN-cQSUP3b1PGbu-DkiSEY3vJZThcU2Jkxg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:48:24 GMT
age: 70178
etag: "a7eb3a1289135eeafd639dffba6daf3e0bd0aee5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2

216.58.207.195

200 OK

24 kB

URL HTTP/2
fonts.gstatic.com/s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 24408, version 1.0\012- data
Size
24 kB (24408 bytes)
Hash
efee2d080d7bebdd2e0aeb2e030813a0
f8d38f9f9584e48c2e469877ebd94232265585f1
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0

HTTP Headers

GET /s/lato/v23/S6u8w4BMUTPHjxsAXC-q.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://godentalcare.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 24408
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 10 Oct 2022 20:02:02 GMT
expires: Tue, 10 Oct 2023 20:02:02 GMT
cache-control: public, max-age=31536000
age: 335760
last-modified: Tue, 26 Apr 2022 15:50:25 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

34.120.237.76

200 OK

23 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde2ff105-702e-4225-b2f4-c0fe3377e2a8.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
23 kB (23282 bytes)
Hash
b720ae4ff785ebcdd067043fbb87e950
593e06d548547bd5aca2b4ce73f78eb1ddc97b72
cf6a136cc23e79c495e54033a1f0a4f9a57aa2c0902c72a39b20f1272b60a9e3

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fde2ff105-702e-4225-b2f4-c0fe3377e2a8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9940
x-amzn-requestid: 31adb8d0-861d-4441-816b-70359c6f6bce
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z58NnHYZoAMFvCw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63470d8a-6065baad4c7fbc2c2b020341;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 18:55:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: -o5MNf3AtJpZLd3tfC4QqppNQJXHZCOG7p1oZx-QUDmvuaIx-bs7-g==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 08:38:45 GMT
age: 31157
etag: "b6f3673d218466d4cd383398038da6fe88f67827"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a239968682150ba8fb61f7b2101edba3
35724b1e7f236cddd2e9c542a0da63d9e915c310
e2cb65724d3870506a1efcfd90f43c61f87bb694b0c2cb07568bf1aaea7d1d98

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E2CB65724D3870506A1EFCFD90F43C61F87BB694B0C2CB07568BF1AAEA7D1D98"
Last-Modified: Fri, 14 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4536
Expires: Fri, 14 Oct 2022 18:33:38 GMT
Date: Fri, 14 Oct 2022 17:18:02 GMT
Connection: keep-alive

34.120.237.76

200 OK

9.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
9.6 kB (9622 bytes)
Hash
07dec47a418618af22b7104e1bbde5e6
c34dd1552df55e8b62e699a5efb14e7f26a60acb
5eb94cd99c5187faa2c0c8f5ef5b9786009d37c2950ca0048eb3f737e45c363b

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F42e00752-5abb-46e6-8a0d-c47f96af6b9f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9622
x-amzn-requestid: 340d7e66-1eb4-49fc-bf3d-56e5cc4af771
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9n2_HXqIAMFzsg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63488692-78ea067c541cb84f75741d22;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: uN6RkKHKGjhauRGxTQiyluFaTwFaGBgtkJsdFMcxUoZNEu_05ocMZg==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 23:14:16 GMT
etag: "c34dd1552df55e8b62e699a5efb14e7f26a60acb"
content-type: image/jpeg
age: 65026
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

8.2 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.2 kB (8183 bytes)
Hash
c3368090318fe53289f4e0fe284ee1e2
ec5e3f3d6a334d0b8a92ce06327b5b145002087c
73bb52c89af285a60360a119d3f21b0d7309ea7fd26a36c1e46fe6b1b9f25164

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F560d2eb7-40d7-4861-8041-41b8184de030.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8183
x-amzn-requestid: f41fdb47-83e8-48f9-95ac-a79e2bfc521d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z6Tu8FwCoAMF_OQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6347332c-67bc08ef6315488e07fc3c4c;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 21:35:40 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CGpa_I95VYqIP5j-OWRJ_xLopy7H9wlZRPSTP_mL-hymbOqhelsTCQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 21:50:40 GMT
age: 70042
etag: "ec5e3f3d6a334d0b8a92ce06327b5b145002087c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
d5738fadfd14ee094abde15bccc21efa
dc09db0e0d326104b2c41c8982e036d770f0a2f9
11785be62471d0c75f0ef30c8bc4c40ebc217b3c256dcc4e47d6dbd937b99551

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 14 Oct 2022 17:18:02 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

34.120.237.76

200 OK

41 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
data
Size
41 kB (41309 bytes)
Hash
987efacf306cbfd74dc50b2ece6394fc
19a3ee54ba272c22d4bba2e4a29b8df91476f7a3
f723095be0da5e1671e722c5ff2d24d9116d7f6cfcedc904fb7b93a9b6cfc16a

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F66af0895-4532-481a-84d9-523353a6c160.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 9350
x-amzn-requestid: fd2ec00f-7ef1-4e4a-a652-a388dcba3e16
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z9m0EHctoAMF8Ww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634884e6-7e945574599f2ec67e824671;Sampled=0
x-amzn-remapped-date: Thu, 13 Oct 2022 21:36:38 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: jwQT6vQNNLDQFqrROqQ-prpvIGnhB5aK-hVVwZRClZQP5fnbgpfOuA==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Thu, 13 Oct 2022 23:04:28 GMT
age: 65614
etag: "6c055a00a12067ab5b11458bb614bc6f1028c28a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.weatherplllatform.com/news.js?v=34.5

91.211.91.114

200 OK

7.4 kB

URL HTTP/2
cdn.weatherplllatform.com/news.js?v=34.5
IP
91.211.91.114:0
ASN
#206638 PE Brezhnev Daniil

File type
data
Size
7.4 kB (7359 bytes)
Hash
1e63ec0227597a4a662cd6ab29a065f3
7de3f08913077ea2a6739a3009c7ee78583478e7
ddf7b62e47620ec41132b06e7f3547c35bcd8888cfb60be0965f9a76e0ee5929

HTTP Headers

GET /news.js?v=34.5 HTTP/1.1
Host: cdn.weatherplllatform.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:02 GMT
content-type: application/javascript; charset=utf-8
last-modified: Tue, 11 Oct 2022 08:01:57 GMT
vary: Accept-Encoding
etag: W/"634522f5-d5e"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=15768000;
content-encoding: gzip
X-Firefox-Spdy: h2

away.bettershitecolumn.com/fly/follow.js?v=3.8.3

91.211.91.104

200 OK

264 B

URL HTTP/2
away.bettershitecolumn.com/fly/follow.js?v=3.8.3
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type
ASCII text, with no line terminators
Size
264 B (264 bytes)
Hash
74a9f444a057fa1535e164fffa743d8f
bc29439cd12300c9ed1c70516ab6f91eae3e9c60
c4a8177a9b69e27a105d1622e504731ec9d249077cec61f0859164ea5233e6af

HTTP Headers

GET /fly/follow.js?v=3.8.3 HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:03 GMT
content-type: text/html; charset=UTF-8
content-length: 264
x-powered-by: PHP/7.3.33
set-cookie: ht_rr=1; expires=Sat, 15-Oct-2022 17:18:03 GMT; Max-Age=86400; path=/
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

away.bettershitecolumn.com/fly.php?t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=

91.211.91.104

302 Found

0 B

URL HTTP/2
away.bettershitecolumn.com/fly.php?t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /fly.php?t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA= HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://godentalcare.com.au/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 302 Found
server: nginx
date: Fri, 14 Oct 2022 17:18:04 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: https://away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=

91.211.91.104

200 OK

712 B

URL HTTP/2
away.bettershitecolumn.com/fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA=
IP
91.211.91.104:0
ASN
#206638 PE Brezhnev Daniil

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
712 B (712 bytes)
Hash
036d8c0e453aa5e761e899610d6eb8a6
492a962d34a1266c751e8ff6ac1551914fabb39b
856dc9e4b4f2857da678f1423960c69fb58117899f9456bfc5f6632153a8630f

HTTP Headers

GET /fly.php?lid=9554-29&t=aHR0cHM6Ly9ndWlmbHVuZWJyZWMudGsvaGVscC8/MjMwNzE2NTA5MDIxMjA= HTTP/1.1
Host: away.bettershitecolumn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://godentalcare.com.au/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:04 GMT
content-type: text/html; charset=UTF-8
content-length: 712
vary: Accept-Encoding
x-powered-by: PHP/7.3.33
strict-transport-security: max-age=15768000;
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1e64345f2ba5e45215aff924dfb2ca91
83d1810f769e018655399630f9b1c47477bcad36
514c9a81eb4a7f7bf2950486b31779ab52b0d4d0c0036bccecf3dd89ccf5b5a3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "514C9A81EB4A7F7BF2950486B31779AB52B0D4D0C0036BCCECF3DD89CCF5B5A3"
Last-Modified: Wed, 12 Oct 2022 23:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10145
Expires: Fri, 14 Oct 2022 20:07:09 GMT
Date: Fri, 14 Oct 2022 17:18:04 GMT
Connection: keep-alive

shar-pei.top/l99ea0f0d.js

185.177.92.29

200 OK

61 B

URL HTTP/2
shar-pei.top/l99ea0f0d.js
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
08206b778e25d9f33e060b8557706744
abd767a3d2b7a41b49dcea82a98a6b0775b73d54
96b96c7aef801a81b6a62271b45368576b0282fd112e25c9032498818797a2eb

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /l99ea0f0d.js HTTP/1.1
Host: shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 61
last-modified: Fri, 14 Oct 2022 13:33:11 GMT
etag: "63496517-3d"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

shar-pei.top/favicon.ico

185.177.92.29

204 No Content

0 B

URL HTTP/2
shar-pei.top/favicon.ico
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shar-pei.top/go/mu2gknlgme5dgnjs
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
9dfb11b507c8440b0312ce7063336904
2464d0641971bd070eb247f0594feb8a348a71ac
19376050caac5f84d5599f1990d743abb825ea3d2c49d5f3105f04b64d3c4d30

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "19376050CAAC5F84D5599F1990D743ABB825EA3D2C49D5F3105F04B64D3C4D30"
Last-Modified: Fri, 14 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9071
Expires: Fri, 14 Oct 2022 19:49:16 GMT
Date: Fri, 14 Oct 2022 17:18:05 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
c5ac793a239f4eb6a95291a2ac65c0e6
b9100b4377f186113a6efbe51ad72e6d8b7db4e7
2bbb052700251677e9a9c46490428816cbd07473ffdac89ff941dfdf6c2f7132

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2BBB052700251677E9A9C46490428816CBD07473FFDAC89FF941DFDF6C2F7132"
Last-Modified: Fri, 14 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21558
Expires: Fri, 14 Oct 2022 23:17:23 GMT
Date: Fri, 14 Oct 2022 17:18:05 GMT
Connection: keep-alive

0.shar-pei.top/l99ea0f0d.js

185.177.92.29

200 OK

61 B

URL HTTP/2
0.shar-pei.top/l99ea0f0d.js
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type
ASCII text, with no line terminators
Size
61 B (61 bytes)
Hash
08206b778e25d9f33e060b8557706744
abd767a3d2b7a41b49dcea82a98a6b0775b73d54
96b96c7aef801a81b6a62271b45368576b0282fd112e25c9032498818797a2eb

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /l99ea0f0d.js HTTP/1.1
Host: 0.shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9; uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: application/javascript; charset=utf-8
content-length: 61
last-modified: Fri, 14 Oct 2022 13:33:11 GMT
etag: "63496517-3d"
access-control-allow-origin: *
accept-ranges: bytes
X-Firefox-Spdy: h2

shar-pei.top/img/9/1.png

185.177.92.29

404 Not Found

146 B

URL HTTP/2
shar-pei.top/img/9/1.png
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
146 B (146 bytes)
Hash
8eec510e57f5f732fd2cce73df7b73ef
3c0af39ecb3753c5fee3b53d063c7286019eac3b
55f7d9e99b8e2d4e0e193b2f0275501e6d9c1ebd29cadbea6a0da48a8587e3e0

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/9/1.png HTTP/1.1
Host: shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.shar-pei.top/
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 404 Not Found
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: text/html; charset=utf-8
content-length: 146
X-Firefox-Spdy: h2

shar-pei.top/img/9/2.png

185.177.92.29

200 OK

4.1 kB

URL HTTP/2
shar-pei.top/img/9/2.png
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type
PNG image data, 256 x 256, 8-bit colormap, non-interlaced\012- data
Size
4.1 kB (4081 bytes)
Hash
1d91a1a850f02d73ecffe7a76f44fc1e
78870dfa7fce35d124f6b0869e4eec838bf80877
f2f01ed95e450a4a83987c3caf7faaac7e3f5b320dd0f5b3034b64ae7d67b62e

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /img/9/2.png HTTP/1.1
Host: shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.shar-pei.top/
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: image/png
content-length: 4081
last-modified: Mon, 25 Nov 2019 16:34:00 GMT
etag: "5ddc0278-ff1"
expires: Sun, 13 Nov 2022 17:18:05 GMT
cache-control: max-age=2592000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
accept-ranges: bytes
X-Firefox-Spdy: h2

0.shar-pei.top/favicon.ico

185.177.92.29

204 No Content

0 B

URL HTTP/2
0.shar-pei.top/favicon.ico
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: 0.shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9; uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.77.32

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.77.32:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
e9059156f2e2546064bc2a1d4ff362d7
37e265b4344461240b09e5de84673c6f44972202
145f65d4ec1fb440fc65a86236cada884d8d4eda2458422af3148db1eb041c30

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "145F65D4EC1FB440FC65A86236CADA884D8D4EDA2458422AF3148DB1EB041C30"
Last-Modified: Thu, 13 Oct 2022 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11645
Expires: Fri, 14 Oct 2022 20:32:10 GMT
Date: Fri, 14 Oct 2022 17:18:05 GMT
Connection: keep-alive

di4.biz/favicon.ico

185.177.92.179

204 No Content

0 B

URL HTTP/2
di4.biz/favicon.ico
IP
185.177.92.179:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://di4.biz/?auf=hfrwczbumy5dinzvf4ztkmrphexwkmdgmvrgizbxf4zdilzrgy3dknzwg44dqni&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
Cookie: uuid=ac1c911b-b0b8-417a-a700-1fdfe2abf552
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 204 No Content
server: nginx
date: Fri, 14 Oct 2022 17:18:06 GMT
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe601c322-0073-4b24-8118-55869adbeb98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12311 bytes)
Hash
a9c5be9ddedaa70a8e03c2caa6612e50
aee7bccc46ab5f49f91f469058958c38b957564a
d2c07961af9586fd776ab456b37516d0da1512bd511411f025c6e624442ec334

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe601c322-0073-4b24-8118-55869adbeb98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 12311
x-amzn-requestid: ea7249c5-3474-468f-95da-f72348359496
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Z3yJEFDGoAMFo8g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634630a0-7e14ca5f47e01f696db40261;Sampled=0
x-amzn-remapped-date: Wed, 12 Oct 2022 03:12:32 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Ob3vdgFus0FNjPIM2kFx4W-lUaeoajDM4CmrcrJH3VP3Qs3yJcji_A==
via: 1.1 8f22423015641505b8c857a37450d6c0.cloudfront.net (CloudFront), 1.1 01147dcc35d57fc0238a3c1700c13f16.cloudfront.net (CloudFront), 1.1 google
date: Fri, 14 Oct 2022 04:01:44 GMT
age: 47785
etag: "aee7bccc46ab5f49f91f469058958c38b957564a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

saint-petersburg.top/sw/lib.js

51.15.19.93

200 OK

0 B

URL HTTP/2
saint-petersburg.top/sw/lib.js
IP
51.15.19.93:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/lib.js HTTP/1.1
Host: saint-petersburg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.shar-pei.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 14 Oct 2023 17:18:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

di4.biz/?auf=hfrwczbumy5dinzvf4ztkmrphexwkmdgmvrgizbxf4zdilzrgy3dknzwg44dqni&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0

185.177.92.179

200 OK

0 B

URL HTTP/2
di4.biz/?auf=hfrwczbumy5dinzvf4ztkmrphexwkmdgmvrgizbxf4zdilzrgy3dknzwg44dqni&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0
IP
185.177.92.179:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /?auf=hfrwczbumy5dinzvf4ztkmrphexwkmdgmvrgizbxf4zdilzrgy3dknzwg44dqni&p=l&sub1=&sub2=&sub3=&sub4=&cpc=0&cpm=0 HTTP/1.1
Host: di4.biz
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://0.shar-pei.top/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:06 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=ac1c911b-b0b8-417a-a700-1fdfe2abf552; expires=Sun, 13-Nov-2022 17:18:05 GMT; Max-Age=2592000; path=/
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

godentalcare.com.au/ga/queeaiuq

104.21.25.192

200 OK

0 B

URL HTTP/2
godentalcare.com.au/ga/queeaiuq
IP
104.21.25.192:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Malware
quad9	Sinkholed

HTTP Headers

GET /ga/queeaiuq HTTP/1.1
Host: godentalcare.com.au
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Fri, 14 Oct 2022 17:18:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s40wtkd7huAE15gbzSNdZQTFRYf6KIcfc7KpmWiQvXjsku4nsX0S68yWcCmisNBDdOq77KR19tQFBM%2FI7WYROllitwb27BhgR3rqsObOOLQO0jF5RFXOs2Y%2FBlveqh75QAh5liLm"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 75a1f8c65c42b500-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

shar-pei.top/go/mu2gknlgme5dgnjs

185.177.92.29

200 OK

0 B

URL HTTP/2
shar-pei.top/go/mu2gknlgme5dgnjs
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
quad9	Sinkholed

HTTP Headers

GET /go/mu2gknlgme5dgnjs HTTP/1.1
Host: shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://away.bettershitecolumn.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9; expires=Sun, 13-Nov-2022 17:18:04 GMT; Max-Age=2592000; path=/; domain=shar-pei.top
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

saint-petersburg.top/sw/lib.js

51.15.19.93

200 OK

0 B

URL HTTP/2
saint-petersburg.top/sw/lib.js
IP
51.15.19.93:0
ASN
#12876 Online S.a.s.

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /sw/lib.js HTTP/1.1
Host: saint-petersburg.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shar-pei.top/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
expires: Sat, 14 Oct 2023 17:18:05 GMT
cache-control: max-age=31536000
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs

185.177.92.29

200 OK

0 B

URL HTTP/2
0.shar-pei.top/index.php?p=mu2gknlgme5dgnjs
IP
185.177.92.29:0
ASN
#39572 DataWeb Global Group B.V.

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing
quad9	Sinkholed

HTTP Headers

GET /index.php?p=mu2gknlgme5dgnjs HTTP/1.1
Host: 0.shar-pei.top
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://shar-pei.top/
Cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site

HTTP/2 200 OK
server: nginx
date: Fri, 14 Oct 2022 17:18:05 GMT
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
set-cookie: uuid=87e42713-9a46-48ad-87aa-5c90dbe5d2f9; expires=Sun, 13-Nov-2022 17:18:05 GMT; Max-Age=2592000; path=/; domain=0.shar-pei.top
strict-transport-security: max-age=31536000
content-security-policy: img-src https: data:; upgrade-insecure-requests
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (16)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations