firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 04 Oct 2022 16:14:34 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vQsGTVm832mI7JvGWdXviRdFEp04XnqmI078Xbz7zY4_ZYZEa4Ryig==
Age: 3310
cynaxprojects.me/
107.189.3.67200 OK 6.8 kB IP 107.189.3.67:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (395)
Hash 746121f93197922865ea2a0e87a875f8
c319f0781d52efb422cdaffc479456f4f8bbeba5
19397e87b4fd12e1c454d5c27401d2c9079a047bc481040a0916b57d23e8e32e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/7.4.30
Set-Cookie: phpbb3_l55p2_u=1; expires=Wed, 04-Oct-2023 17:09:44 GMT; path=/; domain=asdasda55.000webhostapp.com; secure; HttpOnly
phpbb3_l55p2_k=; expires=Wed, 04-Oct-2023 17:09:44 GMT; path=/; domain=asdasda55.000webhostapp.com; secure; HttpOnly
phpbb3_l55p2_sid=61d6e916a0330376b5ec23821bbbb98d; expires=Wed, 04-Oct-2023 17:09:44 GMT; path=/; domain=asdasda55.000webhostapp.com; secure; HttpOnly
Content-Type: text/html; charset=UTF-8
Cache-Control: private, no-cache="set-cookie"
Expires: Tue, 04 Oct 2022 17:09:45 GMT
Referrer-Policy: strict-origin-when-cross-origin
Content-Length: 6814
Content-Encoding: gzip
Vary: Accept-Encoding
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9955bda9c9ef64bc5700a14af0bae25e
8de7b7469e905af0374bdfcc3006bbb844f13e94
1f611155394fac39439b8ec8217d8cd493d6b588d372d264e0d66c03129c50c6
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1F611155394FAC39439B8EC8217D8CD493D6B588D372D264E0D66C03129C50C6"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8897
Expires: Tue, 04 Oct 2022 19:38:02 GMT
Date: Tue, 04 Oct 2022 17:09:45 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a1073a68ed38c8e3575e889224db944c
ee2a7a3e2da77a8540131f9ffaa0a20d4dd486bd
a9fb1f7ade7c8a79d2ee83e9b7215e66dc89ac733b11079297a8f4b9aceae1f5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2821
Expires: Tue, 04 Oct 2022 17:56:46 GMT
Date: Tue, 04 Oct 2022 17:09:45 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EwwzdxClh8FWoe5TlPE/fbfMKoULAgZs8eS3pAaq2XMfjJQ3rCLYS1E7+I8kKBZg218wJtotbnedeERycOoXtQ==
x-amz-request-id: AR529D2T6R2VR7RX
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Oct 2022 16:54:21 GMT
age: 924
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:45 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cynaxprojects.me/assets/css/font-awesome.min.css?assets_version=52
107.189.3.67200 OK 7.0 kB URL HTTP/1.1 cynaxprojects.me/assets/css/font-awesome.min.css?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with very long lines (30837)
Hash 73fafde2ed0b8af35533aef217310350
07ffb382423d12967d70ae85b36a6bbf16327678
8448460374395f6645aa937ab83a5b7eebd7b35cdc8f8e875fa4cb7a92a63eab
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/css/font-awesome.min.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:57:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6989
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
fonts.googleapis.com/css?family=Noto+Sans:400,400italic,700,700italic
142.250.74.10200 OK 849 B URL HTTP/1.1 fonts.googleapis.com/css?family=Noto+Sans:400,400italic,700,700italic
IP 142.250.74.10:0
Hash 5c0e107ce75181981f693d9e77630dc2
1cb8455cbdcc4372cf078fd9be91df93f473d8b7
d67fee9658711186e0e47be2c5d6e8a0a0f9bb982d9ff922c8157c4f781009d4
GET /css?family=Noto+Sans:400,400italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 04 Oct 2022 17:09:45 GMT
Date: Tue, 04 Oct 2022 17:09:45 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
cynaxprojects.me/ext/rmcgirr83/elonw/styles/all/theme/elonw.css?assets_version=52
107.189.3.67200 OK 203 B URL HTTP/1.1 cynaxprojects.me/ext/rmcgirr83/elonw/styles/all/theme/elonw.css?assets_version=52
IP 107.189.3.67:0
Hash 324362ba3ee229a085dd0597f638a40a
c08bdf3888a7dfbd918bc50db851f443760ed216
7f3368c84e67cc7e857950d6e3cf85759d80ba9bdd130e7d567c9420a649b825
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ext/rmcgirr83/elonw/styles/all/theme/elonw.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 12 Sep 2020 11:28:58 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 203
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/ext/vse/abbc3/styles/all/theme/abbc3_common.min.css?assets_version=52
107.189.3.67200 OK 429 B URL HTTP/1.1 cynaxprojects.me/ext/vse/abbc3/styles/all/theme/abbc3_common.min.css?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with very long lines (861), with no line terminators
Hash 3f640d4de64b4aba60fa6150d3f11032
6b7dad7098c14e9525c6caac9bcea84a53348801
bbbb79b0b63b56da330dbe9f493ab5027101450109d6f89396c3a1e1ce0bab5d
Analyzer Verdict Alert quad9 Sinkholed
GET /ext/vse/abbc3/styles/all/theme/abbc3_common.min.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Fri, 22 Jan 2021 00:14:48 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 429
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/ext/phpbb/ads/styles/all/theme/phpbbads.css?assets_version=52
107.189.3.67200 OK 549 B URL HTTP/1.1 cynaxprojects.me/ext/phpbb/ads/styles/all/theme/phpbbads.css?assets_version=52
IP 107.189.3.67:0
Hash 955e2a739c14686c0665044a09ff7582
e64127d56249a216d26505c4b0011cd24024ae31
ba8d3e68ae7c2e9ce3faa131eeff803a8ef9d92c27c1d82a7be75160404bcc27
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ext/phpbb/ads/styles/all/theme/phpbbads.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:57:56 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 549
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/template/forum_fn.js?assets_version=52
107.189.3.67200 OK 6.8 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/template/forum_fn.js?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with very long lines (337)
Hash 10df795874edb5e0f428861a285ab85a
8692113fffb602d99f442c9b5f6bc54b93d133b2
d2ad36f79f4bb9dfc9b158e1a3dc750eae0383491b85acd4e7c95d062dc8e189
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/template/forum_fn.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6761
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/assets/javascript/jquery-3.6.0.min.js?assets_version=52
107.189.3.67200 OK 31 kB URL HTTP/1.1 cynaxprojects.me/assets/javascript/jquery-3.6.0.min.js?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with very long lines (65447)
Hash d846f46dacc55fff2569a45b7f6c0113
2cce06527ffacb57e40e6613510008b5b778287c
31a95d8c285d978cd6ea959badbf1ae721a6eb023ab60e487a5430151c7bd03f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/javascript/jquery-3.6.0.min.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Feb 2022 15:57:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 30963
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/ext/vse/abbc3/styles/all/template/js/abbc3.min.js?assets_version=52
107.189.3.67200 OK 878 B URL HTTP/1.1 cynaxprojects.me/ext/vse/abbc3/styles/all/template/js/abbc3.min.js?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with very long lines (1904), with no line terminators
Hash a05d2c27f0814a4829551d5078a5b612
97cf95e7110ac395ada33aa1afdd340693bdcd48
0a903d8042cdb5f276a4ed3c2fffbf6b7d37eee88b35f299910b8c6185f4d66e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /ext/vse/abbc3/styles/all/template/js/abbc3.min.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Fri, 22 Jan 2021 00:14:48 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 878
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/template/ajax.js?assets_version=52
107.189.3.67200 OK 3.8 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/template/ajax.js?assets_version=52
IP 107.189.3.67:0
Hash 7a38ad57ca4b06d59aee34c5e38ed263
d4442eb4da1de63e02643ff22426d2fd4d84fff3
5b11d940e7b4604a5f86e4cdcc2b6b8753d5e13ec7dbfdcff8b890a5ab378156
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/template/ajax.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3817
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/template/quarto_login_popup.js?assets_version=52
107.189.3.67200 OK 588 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/template/quarto_login_popup.js?assets_version=52
IP 107.189.3.67:0
File type ASCII text, with CRLF line terminators
Hash 26bbf8fdfb98782ba6ea808fa23987fb
695fee923844aabac583890b45a9472e99d882ac
b7487b4fef4e6148e665f7967ad72ed024f0c730c529bb075c545a68ca612aa6
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/template/quarto_login_popup.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 588
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/ext/rmcgirr83/elonw/styles/all/template/js/elonw.js?assets_version=52
107.189.3.67200 OK 795 B URL HTTP/1.1 cynaxprojects.me/ext/rmcgirr83/elonw/styles/all/template/js/elonw.js?assets_version=52
IP 107.189.3.67:0
Hash 34bc23f4848b753d1e5d77345486d19b
af72f6f099cd27a3524e73537d015a817ac5b90b
89dc25ec2ac17fd3477227f3fff3e0ae2c46c23dd635a8a1657d6a1aabe92bd5
Analyzer Verdict Alert quad9 Sinkholed
GET /ext/rmcgirr83/elonw/styles/all/template/js/elonw.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 12 Sep 2020 11:28:58 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 795
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/assets/javascript/core.js?assets_version=52
107.189.3.67200 OK 14 kB URL HTTP/1.1 cynaxprojects.me/assets/javascript/core.js?assets_version=52
IP 107.189.3.67:0
Hash f8c0e147bfc6ca36cce625f11c341c64
7a6c893d70ef2c38980c45b8f804b3cb1f93143f
3dc6bec149f01c11a54b66b605cc1e7534b74f4cf8c6d6ff8d1fe8036372f9f0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/javascript/core.js?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: application/javascript
Last-Modified: Sat, 05 Feb 2022 15:57:52 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 14227
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
107.189.3.67200 OK 418 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
IP 107.189.3.67:0
Hash 8b10b826c2ed5d7349c59dcbaa0ec516
2f9a63a17c3c1f1f62190979da5a27d17cce5e64
c251ef555bb67c42a170a43cc95b3638b4292103b646aa0ff861e3a430e0cc89
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 418
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/en/stylesheet.css?assets_version=52
107.189.3.67200 OK 55 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/en/stylesheet.css?assets_version=52
IP 107.189.3.67:0
Hash 378d0a4365dc9f69d8989ce598f60aee
99dfc5e5d8c883e9888be135b228291bd0e3dc23
969f4c6909d1b69355ff513389372bcaa405c54e83b81f601306243f1ddec90a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/en/stylesheet.css?assets_version=52 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Length: 55
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/normalize.css?hash=48eb3f89
107.189.3.67200 OK 2.6 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/normalize.css?hash=48eb3f89
IP 107.189.3.67:0
Hash f325510f954cbea947742aa66fd0ebbf
c1441c9f775b3d34bd7d44de5c94d71e596fbf99
0672608408244314b610b5304153f7b256a38aeed623749a8b5a6cebefc245af
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/normalize.css?hash=48eb3f89 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2559
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/base.css?hash=3a7fafb1
107.189.3.67200 OK 970 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/base.css?hash=3a7fafb1
IP 107.189.3.67:0
Hash f853882e107026a30a73acb0f95f19fe
4acf72eca4208c12be0f3282752e3a0b481b9bf1
1d219c29a90445be028352af6d72aa9eff3efa890677e333ad130ffe1989be78
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/base.css?hash=3a7fafb1 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 970
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/utilities.css?hash=1034bac8
107.189.3.67200 OK 463 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/utilities.css?hash=1034bac8
IP 107.189.3.67:0
File type assembler source, ASCII text
Hash ed562e8a14c32bb73798ce842642bd91
6fbea581b2804c26cc7e865f57c78003d27c4fb7
9a6dc257807d7e61ddf13ed3c10162eb2a0aeb8f720dc4303ec17e60fae6102e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/utilities.css?hash=1034bac8 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 463
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/common.css?hash=70bd1301
107.189.3.67200 OK 5.3 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/common.css?hash=70bd1301
IP 107.189.3.67:0
Hash f6c6105707233415ac015fd3affdacaf
d891ce03d1b876ca5b94164901c5d311cfdd1ccf
a20b7971689a5f1a62c01bf137a89a15b04623ff290f6bad5cbfd75dc9102544
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/common.css?hash=70bd1301 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 5261
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/links.css?hash=da040ebb
107.189.3.67200 OK 1.1 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/links.css?hash=da040ebb
IP 107.189.3.67:0
Hash 8b77601d7603c9a491c6cd888cd4a39a
a2b2ef22cbb5b8e86991d9ca8d95c61144a57f7e
4e204dd5a2329468c591861edaecff170808f983794644bd223ec0af5d19348e
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/links.css?hash=da040ebb HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1113
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/content.css?hash=2ca4ae91
107.189.3.67200 OK 3.6 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/content.css?hash=2ca4ae91
IP 107.189.3.67:0
Hash 39edee3471b60a8b78ee012ee263789b
767bd88d786c50d7daab385ea6cbf6666070a5e6
8434184d1da7d32903ba326095167cb276bab759de909e983a042a6eceb0f93e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/content.css?hash=2ca4ae91 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 3560
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/buttons.css?hash=15c14833
107.189.3.67200 OK 1.1 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/buttons.css?hash=15c14833
IP 107.189.3.67:0
Hash 7bfaf69cb52670968f3ec0ab10a609ed
02df3db976ad101fbe4ea1afec89ec0d8e8a071f
684c13e4dd34d30c2ac746a876c0c7a5691220bb0dc283214efa8e2dee38c823
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/buttons.css?hash=15c14833 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1060
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/cp.css?hash=5cc9ac0c
107.189.3.67200 OK 1.6 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/cp.css?hash=5cc9ac0c
IP 107.189.3.67:0
Hash 49e26b567b5d1808056e7422c7013007
8bbb80f1138f825e9e10aa66cc7a34fc6b2929b0
0f052a29ac3650a4658e5e1e33e818d3faad2b4c08bff65fa6b756c75563b9a2
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/cp.css?hash=5cc9ac0c HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1609
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/forms.css?hash=18ee8211
107.189.3.67200 OK 2.2 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/forms.css?hash=18ee8211
IP 107.189.3.67:0
Hash c716bd765811dc736be964976ddea322
fffe949d83c17d13a6c079692c6b00c6e7087e84
0a1333e0ebce1bd7a7a3d8feff695b673269f8af71567fdd8806c409bce5348b
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/forms.css?hash=18ee8211 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2170
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/icons.css?hash=dbc0f3b9
107.189.3.67200 OK 727 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/icons.css?hash=dbc0f3b9
IP 107.189.3.67:0
Hash 785b690464879ca5c04a2afafe8f9dc7
084bff62829aef5285b774ea62b4e5a8064b9756
d51ae2c63aca3fdf30ec1e7c578886fd36372abbdb0f07d39c6fe068e6dfa51d
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/icons.css?hash=dbc0f3b9 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 727
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/colours.css?hash=3b03ccfa
107.189.3.67200 OK 5.0 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/colours.css?hash=3b03ccfa
IP 107.189.3.67:0
Hash 6179b96bcf073bcc1a0e591565827645
b8afe5ef463f37a79fb8b1f0574b65b41aa5998c
79de1a145202fb74790130a0a0ce397b4441548dec90b031eb345ea4a9612d5e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/colours.css?hash=3b03ccfa HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 4958
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/quarto-icons.css?v=3.3
107.189.3.67200 OK 453 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/quarto-icons.css?v=3.3
IP 107.189.3.67:0
Hash 5bc68e925f8d3f4fef99d1876b130d23
fcfc130fed984617832baced8fc0670b694c2913
7ae33a57cc7f888849c17e963596abb039dbbc2662ac51024fad213fd6cceb25
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/quarto-icons.css?v=3.3 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 453
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/responsive.css?hash=a1546011
107.189.3.67200 OK 2.3 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/responsive.css?hash=a1546011
IP 107.189.3.67:0
Hash 00d1590f8a87f5dc924d5d15ab682c51
6b1679f956cab3b632dbd0bfc6a37fe9c74e4802
d47b18bd364ce0bbec43fa11d611f2022302e0f65eb7ae5aca03bb611d4e510f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/responsive.css?hash=a1546011 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 2334
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/fontello.css?v=3.3
107.189.3.67200 OK 1.1 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/fontello.css?v=3.3
IP 107.189.3.67:0
Hash 43ae3578c75402ff0916ca6d516cd584
092b5cf9797a9ea4c2b1ac62ae3d23f75637b759
1e356254f6186ce6d532065f686ce6a2fc09c72bfcce92a0229d7a03498a1e5c
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/fontello.css?v=3.3 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 1061
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/quarto.css?v=3.3
107.189.3.67200 OK 6.3 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/quarto.css?v=3.3
IP 107.189.3.67:0
File type ASCII text, with very long lines (3431), with CRLF line terminators
Hash 165f586d5e46569af7912ea50275ec31
ef7883df58773939613fe17af1b946d96fa79583
63cf569f01fca9b02e8ede71a84eaa40fbaa430f7ef2a17fef3d63faf2e58be5
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/quarto.css?v=3.3 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/stylesheet.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: text/css
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 6303
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
216.58.207.195200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12860, version 1.0\012- data
Hash ab21c24efd75543e16e34807ebc6cdec
eb2562f9729079333fbcbbe94868695669dd3301
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
GET /s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cynaxprojects.me
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12860
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 04 Oct 2022 16:28:25 GMT
Expires: Wed, 04 Oct 2023 16:28:25 GMT
Cache-Control: public, max-age=31536000
Age: 2480
Last-Modified: Mon, 09 May 2022 18:27:55 GMT
Content-Type: font/woff2
cynaxprojects.me/styles/quarto_dark_cyan/theme/images/forum_read.svg
107.189.3.67200 OK 450 B URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/images/forum_read.svg
IP 107.189.3.67:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (840), with no line terminators
Hash f26c0ce13dd64c5e7f38f77fba5fff91
6b2fd5c3d5b7c5d664f2a901baeccfe593930c5b
4ca5a077c193bf905fa26c951c377156930c4e1532eded64ab342c851bee9b8c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/images/forum_read.svg HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/colours.css?hash=3b03ccfa
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: image/svg+xml
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Length: 450
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/styles/quarto_dark_cyan/theme/images/site_logo.png
107.189.3.67200 OK 11 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/theme/images/site_logo.png
IP 107.189.3.67:0
File type PNG image data, 447 x 39, 8-bit/color RGB, non-interlaced\012- data
Hash ac33757301a0a852d44aae28caa83acd
38da227fb5dea5066a3831de597a5db9de7c6dc9
6ac88f80b1c4e215ac7f050a34c81fe6fe05f69a22b4d718bb2f63b76c08e72a
Analyzer Verdict Alert quad9 Sinkholed
GET /styles/quarto_dark_cyan/theme/images/site_logo.png HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/colours.css?hash=3b03ccfa
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: image/png
Last-Modified: Sat, 05 Feb 2022 15:58:04 GMT
Accept-Ranges: bytes
Content-Length: 10593
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
216.58.207.195200 OK 13 kB URL HTTP/1.1 fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 12684, version 1.0\012- data
Hash 0c235386bcf6af06f67e6c89fd19e434
10720574d4609322023984a761f32f9518c07bc4
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
GET /s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cynaxprojects.me
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 12684
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 17:14:28 GMT
Expires: Wed, 27 Sep 2023 17:14:28 GMT
Cache-Control: public, max-age=31536000
Age: 604517
Last-Modified: Mon, 09 May 2022 18:28:04 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
216.58.207.195200 OK 12 kB URL HTTP/1.1 fonts.gstatic.com/s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 11652, version 1.0\012- data
Hash d1b0aea75c4773f68be694232b84ec08
e7ff8ee25eb37275a0c1d9add046297674ce9f84
420f8e3b772990108a7a5e260b53420123a1bd22a82848984595452c9355ab1f
GET /s/notosans/v27/o-0OIpQlx3QUlC5A4PNr4ARCQ_k.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://cynaxprojects.me
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 11652
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Sun, 02 Oct 2022 02:00:40 GMT
Expires: Mon, 02 Oct 2023 02:00:40 GMT
Cache-Control: public, max-age=31536000
Last-Modified: Mon, 09 May 2022 18:27:33 GMT
Content-Type: font/woff2
Age: 227345
cynaxprojects.me/styles/quarto_dark_cyan/fonts/fontello.woff?8927606
107.189.3.67200 OK 7.5 kB URL HTTP/1.1 cynaxprojects.me/styles/quarto_dark_cyan/fonts/fontello.woff?8927606
IP 107.189.3.67:0
File type Web Open Font Format, TrueType, length 7524, version 1.0\012- data
Hash 26ace6ad5cac5d844f414cc44d54707c
1a57d584475ca1d6fbb90bbed1a98209e41823e2
508423e1e7d957877f6c10ef3d1f5e993b9fe99930345f662db895bbe94852f9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /styles/quarto_dark_cyan/fonts/fontello.woff?8927606 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cynaxprojects.me/styles/quarto_dark_cyan/theme/fontello.css?v=3.3
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: font/woff
Last-Modified: Sat, 05 Feb 2022 15:58:03 GMT
Accept-Ranges: bytes
Content-Length: 7524
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
cynaxprojects.me/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
107.189.3.67200 OK 77 kB URL HTTP/1.1 cynaxprojects.me/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 107.189.3.67:0
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://cynaxprojects.me/assets/css/font-awesome.min.css?assets_version=52
HTTP/1.1 200 OK
Connection: Keep-Alive
Cache-Control: public, max-age=604800
Expires: Tue, 11 Oct 2022 17:09:45 GMT
Content-Type: font/woff2
Last-Modified: Sat, 05 Feb 2022 15:57:52 GMT
Accept-Ranges: bytes
Content-Length: 77160
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Tue, 04 Oct 2022 16:29:33 GMT
Expires: Tue, 04 Oct 2022 16:31:38 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: UJqzmGd6BfQE2h-gvrQBy5-FESifTiibtAXuSUE6G5LtR6zurBIF1g==
Age: 2412
cynaxprojects.me/app.php/cron/cron.task.core.tidy_sessions?sid=61d6e916a0330376b5ec23821bbbb98d
107.189.3.67200 OK 43 B URL HTTP/1.1 cynaxprojects.me/app.php/cron/cron.task.core.tidy_sessions?sid=61d6e916a0330376b5ec23821bbbb98d
IP 107.189.3.67:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /app.php/cron/cron.task.core.tidy_sessions?sid=61d6e916a0330376b5ec23821bbbb98d HTTP/1.1
Host: cynaxprojects.me
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cynaxprojects.me/
Connection: keep-alive
HTTP/1.1 200 OK
Connection: Keep-Alive
X-Powered-By: PHP/7.4.30
Cache-Control: no-cache, private
Content-Type: image/gif
Content-Length: 43
Date: Tue, 04 Oct 2022 17:09:45 GMT
Server: LiteSpeed
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 95b2ccff47d4c16e07a05c44dc1862f2
3c73ffb2da43ce4b7347a51170a39118c7233055
875c0d8b702ac85bd2c6261b20075164ac6b8f508b9bd7bbefa4732183cfa936
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "875C0D8B702AC85BD2C6261B20075164AC6B8F508B9BD7BBEFA4732183CFA936"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2458
Expires: Tue, 04 Oct 2022 17:50:43 GMT
Date: Tue, 04 Oct 2022 17:09:45 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 16ebfb2aa621547ecf581e26fc828a7d
f78993331f6f5b8af6409a9ad2fc50b77070f68a
0f81fd1d6be9ccc04b74f0348aafe642c7b9ab7dffb7e8a679b5d67cc2e5fac3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1048
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 04 Oct 2022 17:09:45 GMT
Last-Modified: Tue, 04 Oct 2022 16:52:17 GMT
Server: ECS (ska/F707)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 73134943db809146079792845777f01f
ab7fc581a9669737b54379d9ea19a05b817be481
df87c6295224f3c9ec88ff691490f096c0cce60f5c76ccf581285d50147d407e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF87C6295224F3C9EC88FF691490F096C0CCE60F5C76CCF581285D50147D407E"
Last-Modified: Sun, 02 Oct 2022 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2675
Expires: Tue, 04 Oct 2022 17:54:21 GMT
Date: Tue, 04 Oct 2022 17:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d04c540429c3f793dad284333467eb2e
4dd0059325a288e5d864acb9c8233610ed12b4c4
57126d070d8945f4032415f7b6a3df41ff87235447a50ba98ea39decf3614561
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "57126D070D8945F4032415F7B6A3DF41FF87235447A50BA98EA39DECF3614561"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8397
Expires: Tue, 04 Oct 2022 19:29:43 GMT
Date: Tue, 04 Oct 2022 17:09:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 7b3883efbf6b1ebfd2b9d500a53565b6
fbfe38a1e77b898a14162c12c9890ab4eee413d7
faebac558f57097efe1a5855b3a9ce6982f22fba91395fef28d669a8c25aecc2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FAEBAC558F57097EFE1A5855B3A9CE6982F22FBA91395FEF28D669A8C25AECC2"
Last-Modified: Sun, 02 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7521
Expires: Tue, 04 Oct 2022 19:15:07 GMT
Date: Tue, 04 Oct 2022 17:09:46 GMT
Connection: keep-alive
push.services.mozilla.com/
54.191.210.155101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.191.210.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: BWxqvaVIA3+AjWZwg7sqng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: IkS8ITZp1DVwJ9grFa9Um0uSOoA=
pseepsie.com/zone?pub=0&zone_id=4840767&is_mobile=false&domain=cynaxprojects.me&var=&ymid=&var_3=
139.45.197.250200 OK 664 B URL HTTP/2 pseepsie.com/zone?pub=0&zone_id=4840767&is_mobile=false&domain=cynaxprojects.me&var=&ymid=&var_3=
IP 139.45.197.250:0
File type JSON data\012- , ASCII text, with very long lines (663)
Hash 452c347bf2caa67950c738f7981f6f30
b8cc4f4d0ffd5d62994344daebea6455230e3283
d9a70c61cb04b872c9a08e265aec88ea02f24c0e9311da7d50cdb0330ff714af
GET /zone?pub=0&zone_id=4840767&is_mobile=false&domain=cynaxprojects.me&var=&ymid=&var_3= HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json; charset=utf-8
content-length: 664
x-trace-id: d61ccc7501f5ae4b34911141b0bb1d53
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
bedrapiona.com/5/4840768/?oo=1&js_build=iclick-v1.431.0
139.45.197.234200 OK 5.6 kB URL HTTP/2 bedrapiona.com/5/4840768/?oo=1&js_build=iclick-v1.431.0
IP 139.45.197.234:0
File type JSON data\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (2922)
Hash 6a204a12ba89518f77d14f7de0c1a030
a6393e2df508e4de0787a666f1f37613d95ba093
7ccadf11036e689d7833a9a1b0dfa8cb70d1caa688db887b08b1e959629c1925
GET /5/4840768/?oo=1&js_build=iclick-v1.431.0 HTTP/1.1
Host: bedrapiona.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:45 GMT
content-type: application/json
x-trace-id: 13a051570e8e28261d8418f70fff6fdb
link: <https://my.rtmark.net>; rel="preconnect dns-prefetch",<https://propeller-tracking.com>; rel="preconnect dns-prefetch",<https://diromalxx.com>; rel="preconnect dns-prefetch"
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
timing-allow-origin: *
set-cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:45 GMT; path=/; secure; SameSite=None
oaidts=1664903385; expires=Wed, 04 Oct 2023 17:09:45 GMT; path=/; secure; SameSite=None
syncedCookie=; expires=Tue, 10 Nov 2009 23:00:00 GMT
pragma: no-cache, no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT, Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/400/4840765
139.45.197.237200 OK 31 kB URL HTTP/2 dozubatan.com/400/4840765
IP 139.45.197.237:0
Hash 0a8ead662f80d83b7284fea53b1c8ffe
b1d7821a6dc872496708e4f9ee5f9322686e2ab1
df203e64c8754ebbb3778a5b69366bd0f9bd891cdf3eec02822c20f96bf441fd
GET /400/4840765 HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
x-trace-id: 41ce20cac43b18ced81ddf35a648e39d
pragma: no-cache
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=ad8f5ef69a4a4e5f9b8527f81307c0fd; expires=Wed, 04 Oct 2023 17:09:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 0a25532c4133886e22a425cacca9c027
41a1b476967aed6ac227717098cd8be3209b45b3
f50b860d2b3b4d59df90ad6b36c84639141ca9dd9530a74e07fd79fd9387f52e
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 04 Oct 2022 17:09:46 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 03 Oct 2022 06:25:20 GMT
Expires: Mon, 10 Oct 2022 06:25:19 GMT
Etag: "41a1b476967aed6ac227717098cd8be3209b45b3"
Cache-Control: max-age=479132,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 754f86f2cacd0b3d-OSL
my.rtmark.net/gid.js?userId=96e098cd7ed04cf281af4bf42a84c8a9
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?userId=96e098cd7ed04cf281af4bf42a84c8a9
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3d2e12be29f97b282749e44480d633be
ef164040374b1a6406c3382f0ad471835fc74a09
4822415d38d0ce0a0885dd14d3953bade18a285e1d570e4f4921750f6bdff000
GET /gid.js?userId=96e098cd7ed04cf281af4bf42a84c8a9 HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
tovanillitechan.com/42/38?z=4840766
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/42/38?z=4840766
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /42/38?z=4840766 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Cookie: scm=1; OAID=9dbe88b570df40ba8e2085ff2c7e94f4; oaidts=1664903386
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: dec2be05c1e54d016edb26df4bea6d0e
access-control-expose-headers: X-Sc
set-cookie: OAID=9dbe88b570df40ba8e2085ff2c7e94f4; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
oaidts=1664903386; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 0 B IP 139.45.197.250:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
OPTIONS /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization-Token
access-control-max-age: 86400
X-Firefox-Spdy: h2
tovanillitechan.com/1?z=4840766
139.45.197.239200 OK 3.5 kB URL HTTP/2 tovanillitechan.com/1?z=4840766
IP 139.45.197.239:0
File type ASCII text, with very long lines (7767)
Hash b9932f258d630f30a989def17c6ca882
eec0cfb999d7dacac5ddaa069d65e03e2d36e797
d31028a161530195d44e0632f7775ab63d369f6d5a45ec902983b718a8bcbef6
GET /1?z=4840766 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: text/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: 2cb7f03ea391be0e239e89ca8168d9a8
access-control-expose-headers: X-Sc
x-sc: 6Yhg84kKJdo78Aaquiv_Cdg4fi71p0hSMaO7-t1TCuM4-zWJdFQBB0v4kv4GSctKmsVM998-_iOgu8-T_yW_Zoc2IBA=
set-cookie: scm=1; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
OAID=9dbe88b570df40ba8e2085ff2c7e94f4; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
oaidts=1664903386; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
my.rtmark.net/gid.js?pub=0&userId=3b1e72acaed244d7984c542decf9b849&zoneId=4840767&checkDuplicate=true&ymid=&var=
139.45.195.8200 OK 65 B URL HTTP/2 my.rtmark.net/gid.js?pub=0&userId=3b1e72acaed244d7984c542decf9b849&zoneId=4840767&checkDuplicate=true&ymid=&var=
IP 139.45.195.8:0
File type JSON data\012- , ASCII text
Hash 3d2e12be29f97b282749e44480d633be
ef164040374b1a6406c3382f0ad471835fc74a09
4822415d38d0ce0a0885dd14d3953bade18a285e1d570e4f4921750f6bdff000
GET /gid.js?pub=0&userId=3b1e72acaed244d7984c542decf9b849&zoneId=4840767&checkDuplicate=true&ymid=&var= HTTP/1.1
Host: my.rtmark.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Cookie: ID=96e098cd7ed04cf281af4bf42a84c8a9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json; charset=utf-8
content-length: 65
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
set-cookie: ID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Content-Type: application/json
Origin: http://cynaxprojects.me
Content-Length: 637
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: 6e293e3eb98fd582257e66f6dea9c1f9
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
tovanillitechan.com/27/e4c52a2a22e338d5fa62b02322413d8c
139.45.197.239200 OK 131 kB URL HTTP/2 tovanillitechan.com/27/e4c52a2a22e338d5fa62b02322413d8c
IP 139.45.197.239:0
Size 131 kB (131228 bytes)
Hash 608c374721f292b807534662d9cb4ec3
0eb8c36257a46a596d393c3bf34750a2866aa661
4052683c697a07e381d7123db993082e68c6b2d2fd0c0ae124806125b7fe339a
GET /27/e4c52a2a22e338d5fa62b02322413d8c HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Cookie: scm=1; OAID=9dbe88b570df40ba8e2085ff2c7e94f4; oaidts=1664903386
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
access-control-allow-credentials: true
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
cache-control: max-age:290304000, public
last-modified: Tue, 04 Oct 2022 06:44:34 GMT
expires: Tue, 03 Nov 2082 06:44:34 GMT
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9
139.45.197.239204 No Content 0 B URL HTTP/2 tovanillitechan.com/9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9
IP 139.45.197.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
access-control-allow-credentials: true
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
X-Firefox-Spdy: h2
pseepsie.com/custom
139.45.197.250200 OK 39 B IP 139.45.197.250:0
File type JSON data\012- , ASCII text
Hash 058b158c2be925f556454ef762d93538
cc6fc563b4b6baee880fdbc7fcfaa134978e33c9
ff752c1c79bb2c0347c5a8b7f069fa2772047324dbbadf77d21cec4b26ee3881
Analyzer Verdict Alert fortinet Malware
POST /custom HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Content-Type: application/json
Origin: http://cynaxprojects.me
Content-Length: 365
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json; charset=utf-8
content-length: 39
x-trace-id: bcae19ea62e3f232dfa411541367df7c
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
strict-transport-security: max-age=1
x-content-type-options: nosniff
X-Firefox-Spdy: h2
offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
172.67.22.216200 OK 66 kB URL HTTP/2 offerimage.com/www/images/3d08aacb36c7474e0d13b60f8f4adc14.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3d08aacb36c7474e0d13b60f8f4adc14
e4af2de372b5e3a2211579a5973ef7ed160e7be4
54b0569cf052e12dd373e86031009d0a54a893275a21c2ef863277a9a978ab1c
GET /www/images/3d08aacb36c7474e0d13b60f8f4adc14.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: image/png
content-length: 66121
last-modified: Mon, 12 Oct 2020 05:50:58 GMT
etag: "5f83eec2-10249"
expires: Wed, 05 Oct 2022 14:18:34 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 10272
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f86f6991f0b51-OSL
X-Firefox-Spdy: h2
dozubatan.com/500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 1.2 kB URL HTTP/2 dozubatan.com/500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1427), with no line terminators
Hash 22713d9511995cec4db6a3527c9ccd0a
575c944e9d6f4c8a9bc978db7812727e13e3b12e
09681bd30da99c2b6b1e38d09f3493a0c1aecc66965a27bd1b409412964ffd9a
GET /500/4840765?excludes=&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Content-Type: application/json
Origin: http://cynaxprojects.me
Connection: keep-alive
Cookie: OAID=ad8f5ef69a4a4e5f9b8527f81307c0fd
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
x-trace-id: e66227ecad00fc44082cccd89945795b
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://cynaxprojects.me
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:46 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55dd11a1c5a24dcaf0691d927dee3cf8
d1dba9eceb044cb79ef42477806f61690df9112d
8cd4fb2f7e337c4c1cecc6fdde851f62d6d691e210eb83bfb8bba413726c40f2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8CD4FB2F7E337C4C1CECC6FDDE851F62D6D691E210EB83BFB8BBA413726C40F2"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2809
Expires: Tue, 04 Oct 2022 17:56:35 GMT
Date: Tue, 04 Oct 2022 17:09:46 GMT
Connection: keep-alive
interstitial-07.com/contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg
139.45.197.152200 OK 19 kB URL HTTP/2 interstitial-07.com/contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg
IP 139.45.197.152:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x256, components 3\012- data
Hash 591887696d730a6449b8b7387d630f8c
6d3270da32d09e8456956eb63a22f4ddb8c7d1d1
bc664179d3ed921f7a6c959a125faf1cb25a03de68f0b19adf80c92560d0bae4
GET /contents/s/59/18/87/696d730a6449b8b7387d630f8c/01605255030712.jpeg HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D838768849%26z%3D4840766%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D-2oaUYWJA-1jyCIZkaKH_GzKgzr6T8d_dai-WKkx40Uhku0qxCw5tA_wsuPCyp-GPyFJAam6xEhGzik1N4WW1ALsgdqfEMJfC1OCxJZ6VrkzB8nO-NckqWZH0WRci0vmR0VJHMeOEe75K-R5Q4uSrBJvz3l-4kc2gdgsAuc20XhWHYHq-OLGpoQU8S89FPzL7MfV7HYq8HOaN2KY2Hi6DcGmWMjHvNiJNDUvVGIlHhMajOFlrRZwLcvoHwzSmCSlXJioucP0oIDYAWZ0JzEYvAYJFzZvLHVVPtS6VSPXmKn3n7YYTAZW2YXgsT_4l7LHPssaFvVxUTzYAaivAiBGJCvVgUTbCMx5FLjhYrzV5hNQP7BERZ68fLDYPZS9BlMHdSLI34zH8D2YJuOzzd-rtUpwzsw4MpK80ukpsV21CXgX9hLGk-A5CzEsUklTgehKEA_0RffQjoOmLcDpkX4G9ANYZDE62VU3C5PbY0K34--s_5GUoa8_s7LURbAIWWualIBXKWFmTImiMVD8vpnRxsUHn1JKGbO4yXdJBngevBYLdkmry74Q0oC47IyrLFBpyhNBfrbCmsvovrwF9gzzZbNycakUw476oo-Co2iZqtWm3S3wgBQE31j3wyG0LaPOHTWtqD78tXwA1gcR%26bag%3Dfau4SF9FownNcHj8beUzeA%3D%3D%26ruid%3D62328936-7230-4da1-8a8f-1c6979371ceb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcynaxprojects.me%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: image/jpeg
content-length: 19158
last-modified: Tue, 10 May 2022 15:13:46 GMT
etag: "627a812a-4ad6"
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 0ddeb4b1ab878411b55810da24ab0948
f4bf0728915865a780fca039442aa639e0ddf2b7
78035601b8cec78a70caff04f801954319f0a987a0535d2dfb2beb171fc7a24a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "78035601B8CEC78A70CAFF04F801954319F0A987A0535D2DFB2BEB171FC7A24A"
Last-Modified: Sun, 02 Oct 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=1924
Expires: Tue, 04 Oct 2022 17:41:50 GMT
Date: Tue, 04 Oct 2022 17:09:46 GMT
Connection: keep-alive
interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D838768849%26z%3D4840766%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D-2oaUYWJA-1jyCIZkaKH_GzKgzr6T8d_dai-WKkx40Uhku0qxCw5tA_wsuPCyp-GPyFJAam6xEhGzik1N4WW1ALsgdqfEMJfC1OCxJZ6VrkzB8nO-NckqWZH0WRci0vmR0VJHMeOEe75K-R5Q4uSrBJvz3l-4kc2gdgsAuc20XhWHYHq-OLGpoQU8S89FPzL7MfV7HYq8HOaN2KY2Hi6DcGmWMjHvNiJNDUvVGIlHhMajOFlrRZwLcvoHwzSmCSlXJioucP0oIDYAWZ0JzEYvAYJFzZvLHVVPtS6VSPXmKn3n7YYTAZW2YXgsT_4l7LHPssaFvVxUTzYAaivAiBGJCvVgUTbCMx5FLjhYrzV5hNQP7BERZ68fLDYPZS9BlMHdSLI34zH8D2YJuOzzd-rtUpwzsw4MpK80ukpsV21CXgX9hLGk-A5CzEsUklTgehKEA_0RffQjoOmLcDpkX4G9ANYZDE62VU3C5PbY0K34--s_5GUoa8_s7LURbAIWWualIBXKWFmTImiMVD8vpnRxsUHn1JKGbO4yXdJBngevBYLdkmry74Q0oC47IyrLFBpyhNBfrbCmsvovrwF9gzzZbNycakUw476oo-Co2iZqtWm3S3wgBQE31j3wyG0LaPOHTWtqD78tXwA1gcR%26bag%3Dfau4SF9FownNcHj8beUzeA%3D%3D%26ruid%3D62328936-7230-4da1-8a8f-1c6979371ceb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcynaxprojects.me%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
139.45.197.152200 OK 35 kB URL HTTP/2 interstitial-07.com/?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D838768849%26z%3D4840766%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D-2oaUYWJA-1jyCIZkaKH_GzKgzr6T8d_dai-WKkx40Uhku0qxCw5tA_wsuPCyp-GPyFJAam6xEhGzik1N4WW1ALsgdqfEMJfC1OCxJZ6VrkzB8nO-NckqWZH0WRci0vmR0VJHMeOEe75K-R5Q4uSrBJvz3l-4kc2gdgsAuc20XhWHYHq-OLGpoQU8S89FPzL7MfV7HYq8HOaN2KY2Hi6DcGmWMjHvNiJNDUvVGIlHhMajOFlrRZwLcvoHwzSmCSlXJioucP0oIDYAWZ0JzEYvAYJFzZvLHVVPtS6VSPXmKn3n7YYTAZW2YXgsT_4l7LHPssaFvVxUTzYAaivAiBGJCvVgUTbCMx5FLjhYrzV5hNQP7BERZ68fLDYPZS9BlMHdSLI34zH8D2YJuOzzd-rtUpwzsw4MpK80ukpsV21CXgX9hLGk-A5CzEsUklTgehKEA_0RffQjoOmLcDpkX4G9ANYZDE62VU3C5PbY0K34--s_5GUoa8_s7LURbAIWWualIBXKWFmTImiMVD8vpnRxsUHn1JKGbO4yXdJBngevBYLdkmry74Q0oC47IyrLFBpyhNBfrbCmsvovrwF9gzzZbNycakUw476oo-Co2iZqtWm3S3wgBQE31j3wyG0LaPOHTWtqD78tXwA1gcR%26bag%3Dfau4SF9FownNcHj8beUzeA%3D%3D%26ruid%3D62328936-7230-4da1-8a8f-1c6979371ceb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcynaxprojects.me%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0
IP 139.45.197.152:0
Hash 0c5e6524fcf56b850766a74079364f12
174a470eabb6e4acb8ffc22015baf3fc98edc08a
e48334ab229a79a51df184b28df70d76676896c687c7806781c315c1bb50f4e9
GET /?l=CmsCpewTVJwbeFa&cd_meta_crid=50535&trkintimp&target_url=https%3A%2F%2Ftovanillitechan.com%2F12%3Frnd%3D838768849%26z%3D4840766%26b%3D14505328%26c%3D5990211%26var%3D%26d%3Dhttp%253A%252F%252Ftryhardnow.com%252Fbase.php%253Fc%253D350%2526key%253D2c1f9aa01554345b3025ac0d005c7bea%2526zoneid%253D%257Bzoneid%257D%2526banner%253D%257Bbannerid%257D%26cln%3D1%26btp%3D7%26rb%3D-2oaUYWJA-1jyCIZkaKH_GzKgzr6T8d_dai-WKkx40Uhku0qxCw5tA_wsuPCyp-GPyFJAam6xEhGzik1N4WW1ALsgdqfEMJfC1OCxJZ6VrkzB8nO-NckqWZH0WRci0vmR0VJHMeOEe75K-R5Q4uSrBJvz3l-4kc2gdgsAuc20XhWHYHq-OLGpoQU8S89FPzL7MfV7HYq8HOaN2KY2Hi6DcGmWMjHvNiJNDUvVGIlHhMajOFlrRZwLcvoHwzSmCSlXJioucP0oIDYAWZ0JzEYvAYJFzZvLHVVPtS6VSPXmKn3n7YYTAZW2YXgsT_4l7LHPssaFvVxUTzYAaivAiBGJCvVgUTbCMx5FLjhYrzV5hNQP7BERZ68fLDYPZS9BlMHdSLI34zH8D2YJuOzzd-rtUpwzsw4MpK80ukpsV21CXgX9hLGk-A5CzEsUklTgehKEA_0RffQjoOmLcDpkX4G9ANYZDE62VU3C5PbY0K34--s_5GUoa8_s7LURbAIWWualIBXKWFmTImiMVD8vpnRxsUHn1JKGbO4yXdJBngevBYLdkmry74Q0oC47IyrLFBpyhNBfrbCmsvovrwF9gzzZbNycakUw476oo-Co2iZqtWm3S3wgBQE31j3wyG0LaPOHTWtqD78tXwA1gcR%26bag%3Dfau4SF9FownNcHj8beUzeA%3D%3D%26ruid%3D62328936-7230-4da1-8a8f-1c6979371ceb%26ng%3D1%26ix%3D0%26pt%3D0%26np%3D1%26gp%3D-1%26bp%3D-1%26nw%3D1%26nb%3D1%26sw%3D1280%26sh%3D1024%26pl%3Dhttp%253A%252F%252Fcynaxprojects.me%252F%26wy%3D0%26wx%3D0%26ww%3D1280%26wh%3D1024%26cw%3D1268%26wiw%3D1280%26wih%3D939%26wfc%3D0%26sah%3D1002%26drf%3D%26hil%3D1%26ist%3D0%26tbc%3D0 HTTP/1.1
Host: interstitial-07.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.4.26
set-cookie: reverse=CARCivq_Yo-JVgtv63qGKi2MRJO47qBpJPiE7NmecJQ; expires=Tue, 04-Oct-2022 18:09:46 GMT; Max-Age=3600; path=/
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS, HEAD
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
content-encoding: gzip
X-Firefox-Spdy: h2
unphionetor.com/vctx?t=72747
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vctx?t=72747
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /vctx?t=72747 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 04 Oct 2022 17:09:47 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 2f03d3c7d5ddc7a8f29754326bb5cdb2
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
139.45.197.236204 No Content 0 B URL HTTP/2 unphionetor.com/vbl?t=72747&bid=undefined&aid=undefined
IP 139.45.197.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
POST /vbl?t=72747&bid=undefined&aid=undefined HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://interstitial-07.com
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
server: nginx
date: Tue, 04 Oct 2022 17:09:47 GMT
access-control-allow-origin: https://interstitial-07.com
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 342297dd7b20629778a6323b78be96eb
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:09:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:09:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:09:47 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 55331c1dc7e7ebbf456220986278469d
d69a62ee47b03fde68db666512417dda2ae5ad13
a09c835aa140c7b4220194e940f54de09ca3b7ea470feb7c4c5be574643086d5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19627
Expires: Tue, 04 Oct 2022 22:36:54 GMT
Date: Tue, 04 Oct 2022 17:09:47 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 54b3ef7aa50273b78b59c24511b0c1f9
e2ea2ef6805e391c497e62e101e76a0bdecfce64
296e8954022d5160137b3e02ab5085a15cee7c23cd6d4ca61b36880706062457
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fec31ab6c-46f2-4d77-a807-9f14bb5073bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11955
x-amzn-requestid: ce6bbe93-95b0-4b6e-a8bc-012796485e67
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zcqb9FUtoAMF0WQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b577f-59dc0a18523f900a059aa5df;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:43:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 44jC1Ww19YUJjZHw9_3cSSR5Y7nw5df412G-RxWFTcbRz1XDKaT3zQ==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:35 GMT
age: 69912
etag: "e2ea2ef6805e391c497e62e101e76a0bdecfce64"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d8c08f8066cc732de8befd6ccd629a95
22aab05208a01ae5def4d63dc145085630f57bcb
f8a560a0563518d992d0bd2655d2b5c406435a18e874ca00b51374d2ff901770
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F545190f2-96f3-40f8-bd46-cebe7171aee7.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9917
x-amzn-requestid: 2dff93d9-795d-4885-9b82-610b0d235a82
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTGEnIAMF1zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-117afa703663ada75627792c;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: DOS5kVEVqBrCVMKRw07fX-6HDgWVb9lJwkVM2pXs0PQHys6CBJUVfQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 69927
etag: "22aab05208a01ae5def4d63dc145085630f57bcb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6c6882c60d7ca6f918c77104e3ad1d52
20ef861be49c652a938e0145e4ca3a60159367e2
861f5870990fbd2939d151ae18384cf311e87067ca9a50818efe0c2d51b83088
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8641c47a-9aff-4f73-bb07-6770cbbcc8d6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5504
x-amzn-requestid: 37405eb0-5c75-46a9-84c0-e8ed726995d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpHvHPvoAMF3mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5564-77fd550b58af612525e74761;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:34:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: O1yNc4H21kixhUEE7099oNqs7a5ZnJBBjlZbsbmLvaXyzXzrK0dL3w==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 b36bf2c460ac693ce304817aed073112.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:33 GMT
age: 69914
etag: "20ef861be49c652a938e0145e4ca3a60159367e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 206fb65e75dbadf119512f71e0b78402
58ff0bf8ce7528b303d28bab01a80ad721705569
56c8d5f3b3060ee54bf81995269b86c070855d8c33bf437161339a45b309703f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F180dee10-1cde-4fbe-8a74-62b7b3bdb1e2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6315
x-amzn-requestid: 6aa75b16-32e4-48a7-9fb0-9e3d5528c2d5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZWSdsHUnIAMFXtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6338cabd-742d8a436403683e0cd9368f;Sampled=0
x-amzn-remapped-date: Sat, 01 Oct 2022 23:18:21 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: 5sAzc5Ewv4g6Wqq6JJiLylG3Jyy_nlWrr5Oteeo6ebEgq7Rvss4XaQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Oct 2022 04:42:51 GMT
age: 44816
etag: "58ff0bf8ce7528b303d28bab01a80ad721705569"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
34.120.237.76200 OK 4.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6779181f9c06975f2a662da743893939
585e7146fd24cdc2496b05baafea04091dc541e2
8e9a9f92fd89b7cdce77884ccd76b83ab82d28f125ebfc1cb0d371d4046b7985
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9a61745f-0c9b-404a-ba22-0a69cf2f0383.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4858
x-amzn-requestid: fb21c414-2994-444a-a838-e643fd05b171
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZcpvTEfPoAMFfeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633b5661-593dd8043b0490e7301cac0d;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 21:38:41 GMT
x-amz-cf-pop: SFO5-P2, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: SGeDEPoXxsTV5UwkZnn3MJPbjhHhrKSsueHPxVapV_7Icl6daFk3oA==
via: 1.1 773ca14e6bd4bf9244988cb69fc9dca8.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Mon, 03 Oct 2022 21:44:20 GMT
age: 69927
etag: "585e7146fd24cdc2496b05baafea04091dc541e2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
unphionetor.com/fv.js?t=72747&cb=1424503698
139.45.197.236200 OK 6.3 kB URL HTTP/2 unphionetor.com/fv.js?t=72747&cb=1424503698
IP 139.45.197.236:0
Hash e8127c7c86dcb0a3cf17549debb95e26
9c3c60a64de6cf0a24d7805f648eeb2746b51a89
fbfecf9b20294e4b68293414e9c5243b1e79b92311270bef913568b119d306a9
Analyzer Verdict Alert quad9 Sinkholed
GET /fv.js?t=72747&cb=1424503698 HTTP/1.1
Host: unphionetor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://interstitial-07.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:47 GMT
content-type: text/javascript; charset=utf8
access-control-allow-origin:
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-expose-headers: Authorization
access-control-allow-credentials: true
pragma: no-cache
cache-control: no-transform, no-store, no-cache, must-revalidate, max-age=0
expires: Tue, 11 Jan 1994 10:00:00 GMT
x-trace-id: 5d58c695f22f1b8046e5b4d48e9d3f1f
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
dozubatan.com/impression/56m1LEmPLbqSKdTBNcwMqsG9NsGMNyPJAZFP0dA4bKzq5q26TbQbKauGsLrS2OVIqImkeyWAEp7cFtsEPRJ3C-D9wCRTJI7qg20nd8diltmS9CjS1Y4Iu3alo22lLkF-AucY1G4vCk45zVNsxkv0J3OyJqfcZ1GppQiWWScbr2gn92H5sg0gOeOexL3CFwn0BAVQ_tCwLmRPZAIVF3Q8OeyqthUu_QrnPHIvo_QIET_2rVRDZqP93ol9nEYQd4ol2BBHusKzCg2SuSAZC7tuKIv2qv1VVnCSzWuiE5vF_2xH14PeA0mYbN1iMf_LxAZfStoC8RxxHW7tymv-K1CYNTLRUfhucOB5bD0Q2udUwfu9sCtxDER4Ky67W8OWMvF433Y4Pe_aB16p5ypNS06b0m-Ce_4whrHCSuMRreKaFG8V3QUIPDj3kVpceJhS3K37Gzbqtatu-QkAkndhhIv8yhj9ldqu0saxacFJU0BkT_E10BiytSCQObfaKB9wRF1OYasDilrXwRj14WZyFs0Z6tTNj4b9kwml7a-6jy1pcIWEZbouH3nTNlgaa3iXHlTXJyuI5T9p3ZaU4oAJSf5p2rGE7klGToUJ?_z=4840765&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 43 B URL HTTP/2 dozubatan.com/impression/56m1LEmPLbqSKdTBNcwMqsG9NsGMNyPJAZFP0dA4bKzq5q26TbQbKauGsLrS2OVIqImkeyWAEp7cFtsEPRJ3C-D9wCRTJI7qg20nd8diltmS9CjS1Y4Iu3alo22lLkF-AucY1G4vCk45zVNsxkv0J3OyJqfcZ1GppQiWWScbr2gn92H5sg0gOeOexL3CFwn0BAVQ_tCwLmRPZAIVF3Q8OeyqthUu_QrnPHIvo_QIET_2rVRDZqP93ol9nEYQd4ol2BBHusKzCg2SuSAZC7tuKIv2qv1VVnCSzWuiE5vF_2xH14PeA0mYbN1iMf_LxAZfStoC8RxxHW7tymv-K1CYNTLRUfhucOB5bD0Q2udUwfu9sCtxDER4Ky67W8OWMvF433Y4Pe_aB16p5ypNS06b0m-Ce_4whrHCSuMRreKaFG8V3QUIPDj3kVpceJhS3K37Gzbqtatu-QkAkndhhIv8yhj9ldqu0saxacFJU0BkT_E10BiytSCQObfaKB9wRF1OYasDilrXwRj14WZyFs0Z6tTNj4b9kwml7a-6jy1pcIWEZbouH3nTNlgaa3iXHlTXJyuI5T9p3ZaU4oAJSf5p2rGE7klGToUJ?_z=4840765&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash b4491705564909da7f9eaf749dbbfbb1
279315d507855c6a4351e1e2c2f39dd9cd2fccd8
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
GET /impression/56m1LEmPLbqSKdTBNcwMqsG9NsGMNyPJAZFP0dA4bKzq5q26TbQbKauGsLrS2OVIqImkeyWAEp7cFtsEPRJ3C-D9wCRTJI7qg20nd8diltmS9CjS1Y4Iu3alo22lLkF-AucY1G4vCk45zVNsxkv0J3OyJqfcZ1GppQiWWScbr2gn92H5sg0gOeOexL3CFwn0BAVQ_tCwLmRPZAIVF3Q8OeyqthUu_QrnPHIvo_QIET_2rVRDZqP93ol9nEYQd4ol2BBHusKzCg2SuSAZC7tuKIv2qv1VVnCSzWuiE5vF_2xH14PeA0mYbN1iMf_LxAZfStoC8RxxHW7tymv-K1CYNTLRUfhucOB5bD0Q2udUwfu9sCtxDER4Ky67W8OWMvF433Y4Pe_aB16p5ypNS06b0m-Ce_4whrHCSuMRreKaFG8V3QUIPDj3kVpceJhS3K37Gzbqtatu-QkAkndhhIv8yhj9ldqu0saxacFJU0BkT_E10BiytSCQObfaKB9wRF1OYasDilrXwRj14WZyFs0Z6tTNj4b9kwml7a-6jy1pcIWEZbouH3nTNlgaa3iXHlTXJyuI5T9p3ZaU4oAJSf5p2rGE7klGToUJ?_z=4840765&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=2&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:51 GMT
content-type: image/gif
content-length: 43
x-trace-id: c55186465e139a7214ee7a82de4d44f1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: *
access-control-expose-headers: Link
access-control-allow-credentials: true
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
X-Firefox-Spdy: h2
dozubatan.com/500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:51 GMT
content-length: 0
allow: GET, OPTIONS
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-allow-credentials: true
access-control-max-age: 600
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *
X-Firefox-Spdy: h2
offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
172.67.22.216200 OK 97 kB URL HTTP/2 offerimage.com/www/images/3ef316842349308dfa69b2337a1f2f26.png
IP 172.67.22.216:0
File type PNG image data, 192 x 192, 8-bit/color RGBA, non-interlaced\012- data
Hash 3ef316842349308dfa69b2337a1f2f26
cfb295c74af7d2432c8f0dde1819e1aa35b2ab89
88d7d3964d36d102797d185fb23dab82ac6142c12a5119497b95d2dc018c5bcd
GET /www/images/3ef316842349308dfa69b2337a1f2f26.png HTTP/1.1
Host: offerimage.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 04 Oct 2022 17:09:51 GMT
content-type: image/png
content-length: 96644
last-modified: Fri, 06 Nov 2020 13:23:01 GMT
etag: "5fa54e35-17984"
expires: Tue, 04 Oct 2022 18:22:26 GMT
cache-control: max-age=86400
timing-allow-origin: *
cf-cache-status: HIT
age: 82045
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f8715ce8a0b51-OSL
X-Firefox-Spdy: h2
dozubatan.com/500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
139.45.197.237200 OK 0 B URL HTTP/2 dozubatan.com/500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false
IP 139.45.197.237:0
GET /500/4840765?excludes=10242829&oaid=96e098cd7ed04cf281af4bf42a84c8a9&fs=0&cf=0&sw=1280&sh=1024&sah=1002&wx=0&wy=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=3&pl=http%3A%2F%2Fcynaxprojects.me%2F&drf=&np=0&pt=0&nb=1&ng=1&ix=0&nw=1&tb=false HTTP/1.1
Host: dozubatan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Content-Type: application/json
Origin: http://cynaxprojects.me
Connection: keep-alive
Cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:51 GMT
content-type: application/javascript
x-trace-id: 1e2b1c92535b2152bdf7824b1a5becc1
expires: Tue, 11 Jan 1994 10:00:00 GMT
cache-control: no-cache, no-store, no-transform, must-revalidate, private, max-age=0
pragma: no-cache
vary: Origin
access-control-allow-origin: http://cynaxprojects.me
access-control-expose-headers: Link
access-control-allow-credentials: true
set-cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:51 GMT; path=/; secure; SameSite=None
strict-transport-security: max-age=1
x-content-type-options: nosniff
timing-allow-origin: *, *
content-encoding: gzip
X-Firefox-Spdy: h2
tovanillitechan.com/9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9
139.45.197.239200 OK 0 B URL HTTP/2 tovanillitechan.com/9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9
IP 139.45.197.239:0
POST /9?z=4840766&ng=1&ix=0&pt=0&np=1&gp=-1&bp=-1&nw=1&nb=1&sw=1280&sh=1024&pl=http%3A%2F%2Fcynaxprojects.me%2F&wy=0&wx=0&ww=1280&wh=1024&cw=1268&wiw=1280&wih=939&wfc=0&sah=1002&drf=&hil=1&ist=0&oaid=96e098cd7ed04cf281af4bf42a84c8a9 HTTP/1.1
Host: tovanillitechan.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Content-Type: application/json
Content-Length: 97
Origin: http://cynaxprojects.me
Connection: keep-alive
Cookie: scm=1; OAID=9dbe88b570df40ba8e2085ff2c7e94f4; oaidts=1664903386
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding, X-Sc, CVERSION, VERSION
x-trace-id: c798f06bdc51e4eea9804ff0e8e56d63
access-control-expose-headers: X-Sc
set-cookie: OAID=96e098cd7ed04cf281af4bf42a84c8a9; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
oaidts=1664903386; expires=Wed, 04 Oct 2023 17:09:46 GMT; secure; SameSite=None
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, max-age=0
expires: Mon, 26 Jul 1997 05:00:00 GMT
content-encoding: gzip
X-Firefox-Spdy: h2
iclickcdn.com/tag.min.js
172.67.75.9200 OK 0 B IP 172.67.75.9:0
GET /tag.min.js HTTP/1.1
Host: iclickcdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 17:09:45 GMT
content-type: text/javascript; charset=utf-8
x-trace-id: edde603f00e482c14f5f2652de64dd3b
cache-control: max-age=86400
last-modified: Wed, 28 Sep 2022 07:57:59 GMT
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, Content-Length, Accept-Encoding
access-control-max-age: 86400
pragma: no-cache
expires: Wed, 05 Oct 2022 01:16:17 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 57208
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZXr%2BIvJrI1BptJwbG7OtfEeu9PjjJSBPFqcpNvakjYIljzuU6qyuGmeourcIAAF27vO62mz%2BZNk7CX%2FDK0K%2B9DZOeD%2FuAh4vKK1mmbSTpDXUL2qug8qTNQOGTdw9HWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f86efc88fb512-OSL
content-encoding: br
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/defaultSkin.min.js
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/defaultSkin.min.js
IP 139.45.197.250:0
Analyzer Verdict Alert fortinet Malware
GET /pfe/current/defaultSkin.min.js HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Origin: http://cynaxprojects.me
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-df63"
access-control-allow-origin: http://cynaxprojects.me
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2
tzegilo.com/stattag.js
172.64.164.33200 OK 0 B IP 172.64.164.33:0
GET /stattag.js HTTP/1.1
Host: tzegilo.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
last-modified: Thu, 04 Aug 2022 15:18:11 GMT
etag: W/"62ebe333-8007"
link: <https://flerap.com/>; rel=preconnect; crossorigin, <https://fleraprt.com/>; rel=preconnect; crossorigin
cache-control: max-age=14400
cf-cache-status: HIT
age: 1001
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FG3pOKykavx5RIiVrjR3zYNDcp6tQh0l5UrUbhWfPMBSU2C0%2BusVYJ12lr0Pi1P%2ByTm65i3RE5QyxyLySRG0qvFC9W%2FwCYy4fmIMZ%2Fl5SrK7nDMc6sAwnIrgqTlGTg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 754f86f29b107738-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pseepsie.com/pfe/current/tag.min.js?z=4840767
139.45.197.250200 OK 0 B URL HTTP/2 pseepsie.com/pfe/current/tag.min.js?z=4840767
IP 139.45.197.250:0
GET /pfe/current/tag.min.js?z=4840767 HTTP/1.1
Host: pseepsie.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://cynaxprojects.me/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 04 Oct 2022 17:09:46 GMT
content-type: application/javascript
last-modified: Tue, 27 Sep 2022 13:19:37 GMT
etag: W/"6332f869-39be"
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2