firefox.settings.services.mozilla.com/v1/
143.204.55.27200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Type, Alert, Backoff, Retry-After, Content-Length
Cache-Control: max-stale=0
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 27 Sep 2022 13:02:49 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: F7GT0vrj7dxJjEC7RHTkHDeCPGOeddxig7QRwr17EkKUybWwOiOqxA==
Age: 780
159.65.180.64/
159.65.180.64200 OK 2.0 kB IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (438)
Hash afd7094ea1e7aa14eea97a20e65241a0
f4103be7258448a200454d55f9605dbbe23e3b39
469972db10c87bbff0bac979b68dbfc8a34ea15a2724d2b88a7b8404e5425f8b
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"1533-4U0McBy9PU3LJhAPizwDLA"
set-cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0; Path=/; HttpOnly
Content-Encoding: gzip
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d2560f62890e75b8de444fed96c22f52
334ce0c48e606ee029f31eeb1463af87b1024bb9
4397e6b45b5822fbab9b83abe0b96ee70efba7cd2160b51936159865ede5fdb1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4397E6B45B5822FBAB9B83ABE0B96EE70EFBA7CD2160B51936159865EDE5FDB1"
Last-Modified: Sun, 25 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5747
Expires: Tue, 27 Sep 2022 14:51:36 GMT
Date: Tue, 27 Sep 2022 13:15:49 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1017811d25642601e984edc1676d118d
c177c4f7a897584bf91347fa4990c83d6bfd0321
f35bb3a8c877dd8d3c5920f3c917722f12b157aff398e2ec30fab51fa6caa2ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F35BB3A8C877DD8D3C5920F3C917722F12B157AFF398E2EC30FAB51FA6CAA2EF"
Last-Modified: Mon, 26 Sep 2022 06:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3240
Expires: Tue, 27 Sep 2022 14:09:49 GMT
Date: Tue, 27 Sep 2022 13:15:49 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: l6+ee42O5SpuCjiO1iOCU/ZbgrHfka5cPg6mVBGDYa8medv6VplLq982ZwZYGvla0CsBX+aMvfU=
x-amz-request-id: 1BY5HS3JANN1NGCE
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 27 Sep 2022 12:46:50 GMT
age: 1739
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
etag: "6113f8408c59aebe188d6af273b90743"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 27 Sep 2022 13:15:49 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
159.65.180.64/assets/vendor/font-awesome/css/font-awesome.min.css
159.65.180.64200 OK 31 kB URL HTTP/1.1 159.65.180.64/assets/vendor/font-awesome/css/font-awesome.min.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (30837)
Hash 269550530cc127b6aa5a35925a7de6ce
512c7d79033e3028a9be61b540cf1a6870c896f8
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
GET /assets/vendor/font-awesome/css/font-awesome.min.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 31000
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"7918-161a44599c2"
159.65.180.64/assets/vendor/et-line-font/style.css
159.65.180.64200 OK 7.1 kB URL HTTP/1.1 159.65.180.64/assets/vendor/et-line-font/style.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1512)
Hash ab69035489cb1a5c9107b80936095850
35a14b9b309cf88613e8998a7edca51bc3e7ae0d
2825ae20a82200da9952c8a255b982d5d308abd682fb5f78b5a1cf83f55adb2a
GET /assets/vendor/et-line-font/style.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 7053
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1b8d-161a44599c2"
set-cookie: connect.sid=s%3A3BFwSw4iU2aEbj33JfO_CAQ8Ynxrczqy.EeJvEPFHppawEnrRPt%2Fc%2FoUGC3owLphL%2FSPeyHnEvEI; Path=/; HttpOnly
159.65.180.64/assets/vendor/owl/assets/owl.carousel.min.css
159.65.180.64200 OK 3.0 kB URL HTTP/1.1 159.65.180.64/assets/vendor/owl/assets/owl.carousel.min.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (2854)
Hash e0422f812aba45254cf47f9a3c96504c
e009863352e7e464712dd23e6160d2318333a1da
ca6300d7f9068654315e7d2af431731d1b77548635121ec125c11f33723cf1ae
GET /assets/vendor/owl/assets/owl.carousel.min.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 3011
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"bc3-161a44599ce"
159.65.180.64/assets/vendor/magnific-popup/magnific-popup.css
159.65.180.64200 OK 7.8 kB URL HTTP/1.1 159.65.180.64/assets/vendor/magnific-popup/magnific-popup.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 310cc74c020b29bfa0a43478d3b3ae1a
13a6c8ac7532ad0b8a165128363ad682af87cc23
b3c469cde1662f9a81d43b39999c14744065d069cfc382d4f85ac809d412894c
GET /assets/vendor/magnific-popup/magnific-popup.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 7793
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1e71-161a44599ce"
159.65.180.64/assets/vendor/owl/assets/owl.theme.default.min.css
159.65.180.64200 OK 1.0 kB URL HTTP/1.1 159.65.180.64/assets/vendor/owl/assets/owl.theme.default.min.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (846)
Hash 03d666e0fa14a395029971d586e3a785
653f4b6cd316f0ea08ff39b1183f20c4b3e8f2eb
b3aa6f4f3ac99330dd993d392ebd1c259a355a283d9b9002f0897adee725df55
GET /assets/vendor/owl/assets/owl.theme.default.min.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 1003
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"3eb-161a44599ce"
set-cookie: connect.sid=s%3AK-Dbut43VLSZqDEiG8sgYf0zjb75ulqQ.eO7amml6X08TbeqmgOyaIh1jkyYx2cqKE9VeelFwxec; Path=/; HttpOnly
159.65.180.64/angular-block-ui/dist/angular-block-ui.css
159.65.180.64200 OK 1.8 kB URL HTTP/1.1 159.65.180.64/angular-block-ui/dist/angular-block-ui.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 4940ab4e01f9551082deed624e38f35d
d9e80c2f3ebe238b5dab53af56c75321c69df8b7
44aed204467ddf3ac2df5f202b5027be38d37982a97952e1323b4f5024a41a08
GET /angular-block-ui/dist/angular-block-ui.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 1822
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2015 14:55:37 GMT
ETag: W/"71e-150c8b24228"
159.65.180.64/angular-ui-switch/angular-ui-switch.min.css
159.65.180.64200 OK 1.0 kB URL HTTP/1.1 159.65.180.64/angular-ui-switch/angular-ui-switch.min.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1019)
Hash 4e361d62fb0e6b16c07f98f5a6cd5538
34cbbc961f887623029e33fdb79b1540cecde906
df1a075fbde6e8f6bbf63c6776013625bd4d0bcdfbbc918bc68a8c34f0c1d9ff
GET /angular-ui-switch/angular-ui-switch.min.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 1020
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Sep 2015 20:51:29 GMT
ETag: W/"3fc-14fd2c6d068"
set-cookie: connect.sid=s%3A5sNXpyqsjGQtAXeq5842QomwVmuZhTRk.uTH%2B261OovbdeQi5ed7k7jxlAB%2FHpBbmwDcj1znS7zE; Path=/; HttpOnly
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.65.180.64/assets/vendor/animate.css
159.65.180.64200 OK 72 kB URL HTTP/1.1 159.65.180.64/assets/vendor/animate.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 07f146141537e04ee282a965d8053198
5bac0162dbfcfd0c701b8d0848411a288c27a2c2
d34c3af0d3b74cbb878ca4472668ebae02410ed1bfe8e85b244bb582d1dcb2ea
GET /assets/vendor/animate.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 72259
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"11a43-161a44599b6"
159.65.180.64/assets/vendor/bs/css/bootstrap.min.css
159.65.180.64200 OK 121 kB URL HTTP/1.1 159.65.180.64/assets/vendor/bs/css/bootstrap.min.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65371)
Size 121 kB (121200 bytes)
Hash ec3bb52a00e176a7181d454dffaea219
6527d8bf3e1e9368bab8c7b60f56bc01fa3afd68
f75e846cc83bd11432f4b1e21a45f31bc85283d11d372f7b19accd1bf6a2635c
GET /assets/vendor/bs/css/bootstrap.min.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 121200
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1d970-161a44599be"
set-cookie: connect.sid=s%3AWL3rFhcTxwSknRpijh0kYM_wcBaJBFXU.14bgxNkyHAXauwJcwlkPmhR8FC%2FXWbd3X0udDGmP19Y; Path=/; HttpOnly
159.65.180.64/aos/dist/aos.css
159.65.180.64200 OK 26 kB URL HTTP/1.1 159.65.180.64/aos/dist/aos.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (26053), with no line terminators
Hash 847da8fca8060ca1a70f976aab1210b9
0557d37454b67f42f2cb101e57e5070fb1193570
1aa8845fd06e475aefe733d4e55b36a92fcd487975049c8172341827ac9cc03e
GET /aos/dist/aos.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 26053
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 03 Oct 2018 22:14:14 GMT
ETag: W/"65c5-1663bfeeaf0"
set-cookie: connect.sid=s%3AvZWHU0-va0VpyyB-cBxtAO_lIg60SABx.aqVhI0e6Sh78UfZ8GSpSuUtYCreFrIkQTvdWHwq5W58; Path=/; HttpOnly
www.googletagmanager.com/gtag/js?id=UA-111271987-1
142.250.74.72200 OK 43 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-111271987-1
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 9f6b329d2c49b6070a8428901f167596
3042013e167b8bd9100222b92c4a2064920c5cae
8f5c6653b6b1ffce5b7b080c9d6de41e0e2ccb957da8a55a5ee9def2d67fc83f
GET /gtag/js?id=UA-111271987-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 27 Sep 2022 13:15:49 GMT
expires: Tue, 27 Sep 2022 13:15:49 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43281
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash c939f97c8bcbfea356e92036803714bc
608c795e7c4fb943a4db49a4e4533c41ea717023
b05b38c78c15c259720bfc6783ac65ab60ceb1e6037b45b08113f183554f08cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.65.180.64/bootstrap-sass/assets/javascripts/bootstrap.js
159.65.180.64200 OK 76 kB URL HTTP/1.1 159.65.180.64/bootstrap-sass/assets/javascripts/bootstrap.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 894d79839facf38d9fd672bdbe57443d
11277f4e04cf070a350e566b053ef2215993720c
dbd2a35e72edc7d6bde483481a912f1c38aa57fab2747d9b071d317339ee03a2
Analyzer Verdict Alert fortinet Malware
GET /bootstrap-sass/assets/javascripts/bootstrap.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 75484
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 13 Feb 2019 18:58:58 GMT
ETag: W/"126dc-168e839f150"
set-cookie: connect.sid=s%3A-O5ZPkeDtbYbWt_loh_bii3ahwdxAIBO.5hQu87iqzDLc5KOTZzHWF5zol45e6nzQxUeILAOyfiA; Path=/; HttpOnly
159.65.180.64/angular-ui-router/release/angular-ui-router.min.js
159.65.180.64200 OK 34 kB URL HTTP/1.1 159.65.180.64/angular-ui-router/release/angular-ui-router.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (33642)
Hash 1f33a4658268b2e87515fe680a0f966d
012a5852e5de3ce8839ee35f57e5f188d4516243
396c4ad3d6c4a78e47b29a1d8e526bc83a72b61ead1b14b297752af2e8ab1005
Analyzer Verdict Alert fortinet Malware
GET /angular-ui-router/release/angular-ui-router.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 33809
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 05 Oct 2017 00:43:35 GMT
ETag: W/"8411-15ee9fcd6d8"
159.65.180.64/angular-resource/angular-resource.min.js
159.65.180.64200 OK 4.6 kB URL HTTP/1.1 159.65.180.64/angular-resource/angular-resource.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (760)
Hash b9aec6fae36f0d86203490ea52861719
3afab59eaab1c6b9a0e9845481c1f5eb2348f92a
4a5139560d78db256291dc5aec53832413b4dd7bc64069d345c3b64e4db7328c
Analyzer Verdict Alert fortinet Malware
GET /angular-resource/angular-resource.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 4567
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 11 Mar 2019 11:40:49 GMT
ETag: W/"11d7-1696c8e25e8"
set-cookie: connect.sid=s%3A4xIGATYENMvdQgnu_nl-8Lh8J4iig1Q5.L6OOxtVjA9VzZ7Ap6Zf3byFOeeBKppLr2f07FVAGdLM; Path=/; HttpOnly
159.65.180.64/jquery/dist/jquery.min.js
159.65.180.64200 OK 88 kB URL HTTP/1.1 159.65.180.64/jquery/dist/jquery.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65451)
Hash 220afd743d9e9643852e31a135a9f3ae
88523924351bac0b5d560fe0c5781e2556e7693d
0925e8ad7bd971391a8b1e98be8e87a6971919eb5b60c196485941c3c1df089a
Analyzer Verdict Alert fortinet Malware
GET /jquery/dist/jquery.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 88145
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 01 May 2019 21:19:28 GMT
ETag: W/"15851-16a75443f00"
159.65.180.64/angular-sanitize/angular-sanitize.min.js
159.65.180.64200 OK 6.9 kB URL HTTP/1.1 159.65.180.64/angular-sanitize/angular-sanitize.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (1253)
Hash 337cb810793e337cff921a292de44935
d67e1ec66dc19fa14530bba4b72544b5365906d9
ae40b761a08ab5b2e8b60f25429c6a6248be0c33955e3700e704d2c634652341
Analyzer Verdict Alert fortinet Malware
GET /angular-sanitize/angular-sanitize.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 6930
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 11 Mar 2019 11:40:49 GMT
ETag: W/"1b12-1696c8e25e8"
159.65.180.64/lodash/dist/lodash.min.js
159.65.180.64200 OK 73 kB URL HTTP/1.1 159.65.180.64/lodash/dist/lodash.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (4233)
Hash 62acde2a2687c63954bee264a1a2f86d
dce5d3dbc9bbecf2ca748de381b483eb9080e4fa
effca8652df9e3c7d74915ea73fc58ce3b26b96dec14aceebce087774e8f9a9b
Analyzer Verdict Alert fortinet Malware
GET /lodash/dist/lodash.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 73229
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 12 Sep 2018 17:44:07 GMT
ETag: W/"11e0d-165cee21258"
set-cookie: connect.sid=s%3A4YrNuon7A2jjzPCm7XTKJSnN_qNX_cst.PB9mNdeC8zkah5caW%2FapXy10t4SOjpvQSTBREGRATec; Path=/; HttpOnly
159.65.180.64/async/dist/async.min.js
159.65.180.64200 OK 24 kB URL HTTP/1.1 159.65.180.64/async/dist/async.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (23964)
Hash e78f6c116e7f0547e6ca430874efa2dc
67fe2a14c096816dc579dc1d9e93861d5d5d04d5
41144709cdf133418d66f4c2be2d2f9b67fdcdd3a23a9b40cbac46abba8de612
Analyzer Verdict Alert fortinet Malware
GET /async/dist/async.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 23999
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 12 Feb 2019 22:35:46 GMT
ETag: W/"5dbf-168e3da11d0"
159.65.180.64/angular-block-ui/dist/angular-block-ui.min.js
159.65.180.64200 OK 7.0 kB URL HTTP/1.1 159.65.180.64/angular-block-ui/dist/angular-block-ui.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (6826)
Hash 9c535814e1470b2e37a360b2d815b4a5
fb5f1c38e7e35556270b81579323ab0a6125781f
9f34767a50d2bb2b022f3f3f702b23ae2cc8b2df52567dae32cf16f3421e7394
Analyzer Verdict Alert fortinet Malware
GET /angular-block-ui/dist/angular-block-ui.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 6994
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 02 Nov 2015 14:55:37 GMT
ETag: W/"1b52-150c8b24228"
set-cookie: connect.sid=s%3Aa0ond90e6Fw8pL6-k4OJmi75tPtmtZEy.vxz8pB2TnhjR3wpF8tYBhmLzbPlbUaDZjUejFziMgmU; Path=/; HttpOnly
159.65.180.64/ng-file-upload/ng-file-upload.min.js
159.65.180.64200 OK 38 kB URL HTTP/1.1 159.65.180.64/ng-file-upload/ng-file-upload.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32041)
Hash b465220e106409f10e4b9e7c4ae7066c
c8db5052c6a161041e83f9ab70732b85d8ca838e
4eab581e0ebf8b4ea36809ea554d2dc1057b75139aed49bc0a9a849732bdd36e
Analyzer Verdict Alert fortinet Malware
GET /ng-file-upload/ng-file-upload.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 37495
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 05 Nov 2016 04:30:52 GMT
ETag: W/"9277-15832c0e460"
set-cookie: connect.sid=s%3AO_rMRzSzjTuVGcQVndHGLKjPRq-CrdoW.aEpH0hT8%2Bvn%2BZvDIjmJkhOL99hEg6B67oMWBurOWLJM; Path=/; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.27200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.27:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Tue, 27 Sep 2022 13:10:46 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Tue, 27 Sep 2022 14:05:16 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: rihdVlelC1ahpfd9To6aKuOLMCfWWYH5LdBhoh_UAqAsb3T0h3GxHw==
Age: 304
159.65.180.64/oclazyload/dist/ocLazyLoad.min.js
159.65.180.64200 OK 16 kB URL HTTP/1.1 159.65.180.64/oclazyload/dist/ocLazyLoad.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (15300)
Hash f2d4908265b909369078aed0cfafffa3
2d19edef03246ca520c6b3d658e75fad0d791695
a5f7c8f4292aba0f63174bbb86fef9e919d97ed72f80857e83065c66ddbcb5a4
Analyzer Verdict Alert fortinet Malware
GET /oclazyload/dist/ocLazyLoad.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 15507
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 03 Feb 2017 09:11:26 GMT
ETag: W/"3c93-15a033e1a30"
set-cookie: connect.sid=s%3AKyixIK0oQ9CtvC7eRAAVWT5wXdAr8hOb.4bnsofs4iJ7V8IT%2BqQfFOIONcaLcWiCKWXFSCdWwrWo; Path=/; HttpOnly
159.65.180.64/angular-img-cropper/dist/angular-img-cropper.min.js
159.65.180.64200 OK 25 kB URL HTTP/1.1 159.65.180.64/angular-img-cropper/dist/angular-img-cropper.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (24785)
Hash cf4168ff3f27b10cf87ad9678c0d9bb4
16a962dccb6e862d726b18945b734a606cf07b8a
87723f0f686e0329f301ec82d07c414a0f332b62e7bf10c5dca233799d9341d1
Analyzer Verdict Alert fortinet Malware
GET /angular-img-cropper/dist/angular-img-cropper.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 24823
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 05 Jun 2015 07:37:00 GMT
ETag: W/"60f7-14dc2a6c960"
159.65.180.64/angular-datatables/dist/angular-datatables.min.js
159.65.180.64200 OK 14 kB URL HTTP/1.1 159.65.180.64/angular-datatables/dist/angular-datatables.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (14185)
Hash ede83d411c0caebbad79b67e1101c4af
17bb593606131c7d74e3e5d045d1cf6c0f43483a
026ed312ef5de4bd9a5477559cf5ab7b0e096572c0d21cccf8c0515e1076e142
Analyzer Verdict Alert fortinet Malware
GET /angular-datatables/dist/angular-datatables.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 14287
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 09 Dec 2016 09:02:54 GMT
ETag: W/"37cf-158e2d22a30"
159.65.180.64/datatables.net/js/jquery.dataTables.min.js
159.65.180.64200 OK 82 kB URL HTTP/1.1 159.65.180.64/datatables.net/js/jquery.dataTables.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (585)
Hash 97fd6a774fc6211e7619aca9a61ca804
05a9a9b5d60d874fee8ef4eef2125379628b25cb
b796504d9b1b422f0dc6ccc2d740ac78a8c9e5078cc3934836d39742b1121925
Analyzer Verdict Alert fortinet Malware
GET /datatables.net/js/jquery.dataTables.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 82411
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 22 Jun 2018 14:16:04 GMT
ETag: W/"141eb-16427da20a0"
set-cookie: connect.sid=s%3A1WkIxv1EK8LzzozS0DFvOnAJicloytYJ.d9%2FJC0LPCeT4ULUQskePaKOp86bbUjL1pfO3fXMppFs; Path=/; HttpOnly
159.65.180.64/angular-bootstrap/ui-bootstrap-tpls.min.js
159.65.180.64200 OK 126 kB URL HTTP/1.1 159.65.180.64/angular-bootstrap/ui-bootstrap-tpls.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type Unicode text, UTF-8 text, with very long lines (32051)
Size 126 kB (125728 bytes)
Hash c572f42d057f681abb138e2c2c966157
f692082f69c296cc7635b01e1fef8173c27dac54
b727d65b62ed250348fa5dc5d21eb10d5fe28fa31f9fc97048a1d63ac9848173
Analyzer Verdict Alert fortinet Malware
GET /angular-bootstrap/ui-bootstrap-tpls.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 125728
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 28 Jan 2017 13:32:59 GMT
ETag: W/"1eb20-159e54766f8"
159.65.180.64/angular-ui-switch/angular-ui-switch.min.js
159.65.180.64200 OK 737 B URL HTTP/1.1 159.65.180.64/angular-ui-switch/angular-ui-switch.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (737), with no line terminators
Hash ed47c4808456077dd911ec4cb85c8a4d
0c650c1c508e0edf68c0cb15c27a07d087443d1c
abf00cfad51bc93967071487806ee9c1be6ab75b232c4b547c28b062484270d7
Analyzer Verdict Alert fortinet Malware
GET /angular-ui-switch/angular-ui-switch.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 737
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Sep 2015 20:51:29 GMT
ETag: W/"2e1-14fd2c6d068"
set-cookie: connect.sid=s%3AZg39RUCkvvJADUQdUpaBotOk-Y8EtYPy.YnJxHKa4WSk5oUq2qMTFIqJPPivK1LOezIS5WZ5P3dg; Path=/; HttpOnly
159.65.180.64/remarkable-bootstrap-notify/bootstrap-notify.min.js
159.65.180.64200 OK 8.1 kB URL HTTP/1.1 159.65.180.64/remarkable-bootstrap-notify/bootstrap-notify.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, ASCII text, with very long lines (7883)
Hash 35eb2c2185524eecb2b772b667552014
a9edf0014d98a9cb514c61b34d2a4babb4a1d4c9
2db9de4f5fc27837d4295df39d94c34ccc336c31d02322f7f7cad69ae8e338da
Analyzer Verdict Alert fortinet Malware
GET /remarkable-bootstrap-notify/bootstrap-notify.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 8122
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 29 Apr 2015 14:43:04 GMT
ETag: W/"1fba-14d05a190c0"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash c18823050f86339eaa73ddb1bf80d64c
ac4ee81f59f706cee8a74458d498bbc20d8d351a
9a505647517bd02d8ff994fd4ad98dc2f4b519916145b0c327691420c1084c46
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6326
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:50 GMT
Last-Modified: Tue, 27 Sep 2022 11:30:24 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
159.65.180.64/angular-isotope/dist/angular-isotope.js
159.65.180.64200 OK 14 kB URL HTTP/1.1 159.65.180.64/angular-isotope/dist/angular-isotope.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 6e4b09ff31070d819d1d1d0970ef6a64
099f40f8f7e11c1fa3fbf4bdcb57a84019c372a7
2289c1e07500f5e647509d633803901ff92ddafa12efa8da52071a7d2dac8ada
Analyzer Verdict Alert fortinet Malware
GET /angular-isotope/dist/angular-isotope.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 13452
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 13 Apr 2014 04:04:26 GMT
ETag: W/"348c-1455941f510"
set-cookie: connect.sid=s%3AhJtnILI7EeFd0Tomiwbbe0MNw7E4_P8l.OO8jBCYz%2FueYkoNacMKGvyykC8uUJP%2BYemHEU2dDtc4; Path=/; HttpOnly
159.65.180.64/moment/moment.js
159.65.180.64200 OK 151 kB URL HTTP/1.1 159.65.180.64/moment/moment.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type Algol 68 source text\012- Pascal source, ASCII text
Size 151 kB (150941 bytes)
Hash 0941fc7ec3988352c959e5b3da86f666
f5ff9e6fdcddb2951851412bc021015b6b59054c
1fd8c0cfffd02e40cecbf9f313d1b86988a342d90bb7d16f1a67544f0064ea0b
Analyzer Verdict Alert fortinet Malware
GET /moment/moment.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 150941
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 21 Jan 2019 20:59:53 GMT
ETag: W/"24d9d-16872366128"
159.65.180.64/js/fitApp.js
159.65.180.64200 OK 42 kB URL HTTP/1.1 159.65.180.64/js/fitApp.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1f49f8f7c82097bdb1fc882cab805db1
c0aad8c7885fc1ebd5c78a1c5bf5e44608992fcf
ef78fe3dc8f2cfc90ed56bd55ddd8668c539cce6b5a87be0cbdbd97101863eff
Analyzer Verdict Alert fortinet Malware
GET /js/fitApp.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 41611
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 24 Apr 2020 12:11:40 GMT
ETag: W/"a28b-171ac19befe"
159.65.180.64/js/services/utils.js
159.65.180.64200 OK 8.4 kB URL HTTP/1.1 159.65.180.64/js/services/utils.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 714ebe0d4024a60e7e8acf66d6358691
3f641b69097c97abc84365e9f03fb0ba49249b6b
6ee0647335a161d6722707bbcb334ff14fd2487611b8fb42ae90f742c70f398d
Analyzer Verdict Alert fortinet Malware
GET /js/services/utils.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 8374
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 05 Sep 2018 19:03:50 GMT
ETag: W/"20b6-165ab1e8b33"
159.65.180.64/js/general/common.js
159.65.180.64200 OK 378 B URL HTTP/1.1 159.65.180.64/js/general/common.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 8a1a025cd5e9ce14d7118c54f9d1c9df
51e1f600ba16ccf627da7f129ec7545e4c3b9bc9
a21aab285a74af9e588ae3bc1fe4514729fdb4bb1d5ef9288791d59a80fe551e
Analyzer Verdict Alert fortinet Malware
GET /js/general/common.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 378
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"17a-161a4459a22"
set-cookie: connect.sid=s%3A2LKr27bUWxxKfRxaZnVzjxV1BC_9fWIH.%2FvuL%2BK%2FmmKQdM6nTuw9C1FBsI7rlAQrKBFkMKoJBMPY; Path=/; HttpOnly
159.65.180.64/js-xlsx/dist/xlsx.core.min.js
159.65.180.64200 OK 450 kB URL HTTP/1.1 159.65.180.64/js-xlsx/dist/xlsx.core.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Size 450 kB (450360 bytes)
Hash 33db6fc3a9df3d1c5b9a3e0c37f48ae5
6525d333226ed5933dc7936e82e91f7353c66513
a0d2d2255b3890f35ce1f978a2f1b5cdeb371edb312a679270453907d936276d
Analyzer Verdict Alert fortinet Malware
GET /js-xlsx/dist/xlsx.core.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 450360
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 03 Feb 2018 20:46:32 GMT
ETag: W/"6df38-1615d6ba840"
159.65.180.64/js/services/serviceAuthentication.js
159.65.180.64200 OK 2.0 kB URL HTTP/1.1 159.65.180.64/js/services/serviceAuthentication.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 934d24577af263c6a46acf82fb13262c
f65598caed1835d6ba05331cec805482e9bb3236
85744e01a294385c660fdb3487b4500cd0ff713a68ccee5c6d3914cb30f97e53
Analyzer Verdict Alert fortinet Malware
GET /js/services/serviceAuthentication.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 2007
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 03 Oct 2018 13:45:36 GMT
ETag: W/"7d7-1663a2d404d"
set-cookie: connect.sid=s%3A4dhVNzL2BI5EbPoIxL81uHLVHKP-KsH7.EPXnpUTvKJOuDcOZek6rREKH8MaFGH97o8cX9FpVpC8; Path=/; HttpOnly
push.services.mozilla.com/
44.242.41.15101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.242.41.15:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: DZZIr8Is3WJ9FVSDEHb2sA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tZptpuW+ZvWQmQDH2HETfJGoLlw=
159.65.180.64/js/services/utils.js
159.65.180.64304 Not Modified 0 B URL HTTP/1.1 159.65.180.64/js/services/utils.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/services/utils.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3A4dhVNzL2BI5EbPoIxL81uHLVHKP-KsH7.EPXnpUTvKJOuDcOZek6rREKH8MaFGH97o8cX9FpVpC8; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
If-Modified-Since: Wed, 05 Sep 2018 19:03:50 GMT
If-None-Match: W/"20b6-165ab1e8b33"
HTTP/1.1 304 Not Modified
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 05 Sep 2018 19:03:50 GMT
ETag: W/"20b6-165ab1e8b33"
set-cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; Path=/; HttpOnly
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 19826
date: Tue, 27 Sep 2022 12:41:09 GMT
expires: Tue, 27 Sep 2022 14:41:09 GMT
cache-control: public, max-age=7200
age: 2081
last-modified: Sun, 11 Sep 2022 13:50:09 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.65.180.64/assets/img/favicon.png
159.65.180.64200 OK 4.0 kB URL HTTP/1.1 159.65.180.64/assets/img/favicon.png
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced\012- data
Hash b8f560054f92daf86a4bd558b39a39ab
1bae7f1f883ee0d6acb7da516d31cfe581070f7b
19575f19f42219bbb14fb30823e90951a80c6b7b41766a13ee74f595cc74dedd
GET /assets/img/favicon.png HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: image/png
Content-Length: 3959
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"f77-161a445999a"
maps.googleapis.com/maps/api/js?key=AIzaSyBS0h162rIxKkn4hC1MTnyRvhTGgJ93zN4&libraries=places
216.58.207.234200 OK 56 kB URL HTTP/2 maps.googleapis.com/maps/api/js?key=AIzaSyBS0h162rIxKkn4hC1MTnyRvhTGgJ93zN4&libraries=places
IP 216.58.207.234:0
File type ASCII text, with very long lines (2459)
Hash c1f8df292a47e25fe634f134bee8344d
2e9d2d79cdaa121153d80337743c7804ee01e869
39db3b2d7fdd5a911f041aa0d9e415e7a02d8d4eee2f1779607c316a84916f3f
GET /maps/api/js?key=AIzaSyBS0h162rIxKkn4hC1MTnyRvhTGgJ93zN4&libraries=places HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
date: Tue, 27 Sep 2022 13:15:50 GMT
expires: Tue, 27 Sep 2022 13:45:50 GMT
cache-control: public, max-age=1800
vary: Accept-Language
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-encoding: gzip
server: mafe
content-length: 56265
x-xss-protection: 0
x-frame-options: SAMEORIGIN
server-timing: gfet4t7; dur=25
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bfc8c650e23854f708a3dd54fca4393f
b54c061cf5a5306a68112d403471914e839a68c8
84b8c36947944ea94b27e053f2abb944e6951157e256991f8b1523b9cacfe362
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.65.180.64/assets/img/favicon-114x114.png
159.65.180.64200 OK 8.0 kB URL HTTP/1.1 159.65.180.64/assets/img/favicon-114x114.png
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 114 x 114, 8-bit/color RGBA, non-interlaced\012- data
Hash b88a7b2805bc1dce8599e390373340b8
a0718a7756a12273dc079afa1fe19e3e733c9238
06a4dcf515f12030efd43b6e8759252f37f668b4b1aff1efdf11aefee3808097
GET /assets/img/favicon-114x114.png HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: image/png
Content-Length: 7981
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1f2d-161a445999a"
set-cookie: connect.sid=s%3A1EwQfBTIsBXpxK0xfZ_DTv_8SZ2FUGS-.gD2X8JYId%2Fl3RhJdmVUof5FL6JrLzagmKNNnZFQaGZY; Path=/; HttpOnly
159.65.180.64/js/directives/topLogin.drv.js
159.65.180.64200 OK 4.0 kB URL HTTP/1.1 159.65.180.64/js/directives/topLogin.drv.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash f69d02042a513a2c93e9d2ab5606e787
59a9edbe47fe42f9aa09f32469053122cd7f19f2
54e25b3e22fe4ffdf597a272f55652a7243f95ad68aeefcb41a0c2cece37e29e
Analyzer Verdict Alert fortinet Malware
GET /js/directives/topLogin.drv.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 4017
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 23 Apr 2020 20:14:08 GMT
ETag: W/"fb1-171a8ad1838"
region1.google-analytics.com/g/collect?v=2&tid=G-CD2QRE3E1M>m=2oe9l0&_p=1474151002&cid=1585467701.1664284548&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664284548&sct=1&seg=0&dl=http%3A%2F%2F159.65.180.64%2F&dt=Connect%20To%20Fit&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.google-analytics.com/g/collect?v=2&tid=G-CD2QRE3E1M>m=2oe9l0&_p=1474151002&cid=1585467701.1664284548&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664284548&sct=1&seg=0&dl=http%3A%2F%2F159.65.180.64%2F&dt=Connect%20To%20Fit&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-CD2QRE3E1M>m=2oe9l0&_p=1474151002&cid=1585467701.1664284548&ul=en-us&sr=1280x1024&_z=ccd.v9B&_s=1&sid=1664284548&sct=1&seg=0&dl=http%3A%2F%2F159.65.180.64%2F&dt=Connect%20To%20Fit&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://159.65.180.64
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: http://159.65.180.64
date: Tue, 27 Sep 2022 13:15:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
159.65.180.64/js/directives/footer.drv.js
159.65.180.64200 OK 171 B URL HTTP/1.1 159.65.180.64/js/directives/footer.drv.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash ad90ef4f9e5d99fb8eedf9e9a429358a
5e962cc6f39755fc7a2483120ce5bace89af93dd
bef08f409194ee5daccbe609c0a791ffe3b63c4545b6b38c3abb130318eb7c02
Analyzer Verdict Alert fortinet Malware
GET /js/directives/footer.drv.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 171
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"ab-161a4459a22"
159.65.180.64/js/services/utils.js
159.65.180.64304 Not Modified 0 B URL HTTP/1.1 159.65.180.64/js/services/utils.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
GET /js/services/utils.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
If-Modified-Since: Wed, 05 Sep 2018 19:03:50 GMT
If-None-Match: W/"20b6-165ab1e8b33"
HTTP/1.1 304 Not Modified
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 05 Sep 2018 19:03:50 GMT
ETag: W/"20b6-165ab1e8b33"
159.65.180.64/js/services/userService.js
159.65.180.64200 OK 13 kB URL HTTP/1.1 159.65.180.64/js/services/userService.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 2059eb305c57bee9cd288e3ede7b6e25
831c7d86ff1b2eb3af2d203808ff60cb1659264a
6d434c97f3dbdab5d914073e950cbd43fdb52630a7acba648d160b00487125c5
Analyzer Verdict Alert fortinet Malware
GET /js/services/userService.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 12625
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 23 Apr 2020 20:14:08 GMT
ETag: W/"3151-171a8ad1838"
159.65.180.64/js/controllers/homeCtrl.js
159.65.180.64200 OK 4.4 kB URL HTTP/1.1 159.65.180.64/js/controllers/homeCtrl.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash b5a146c4c81130b050f0611e8769f732
c354a049527a4c07c88165b2109fdb7dc6145866
578740ab7dbf6e2e2586e26f4c919eaa12d11db578472b876fd9c5be0a850567
Analyzer Verdict Alert fortinet Malware
GET /js/controllers/homeCtrl.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 4382
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 23 Apr 2020 20:14:08 GMT
ETag: W/"111e-171a8ad1838"
159.65.180.64/js/directives/header.drv.js
159.65.180.64200 OK 1.0 kB URL HTTP/1.1 159.65.180.64/js/directives/header.drv.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 12e839131f808afb7d535c499029f259
14cb74c215a5205ba5a2c36d4ef236d87ed1e87a
9429cb705453109f9da3e77a2ab7a27da7a985cabbf21dfba0181eef219e73ed
Analyzer Verdict Alert fortinet Malware
GET /js/directives/header.drv.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 1041
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 24 Apr 2020 12:11:40 GMT
ETag: W/"411-171ac19befe"
set-cookie: connect.sid=s%3AKx7q9dgm9aLK6HlYzWdMK2DFGHMVL6t1.C6VQt4%2FQZ3zOM1Pv8F7eNBYOcKnkjT7nrdHLHe5P6AE; Path=/; HttpOnly
159.65.180.64/js/services/contentService.js
159.65.180.64200 OK 7.0 kB URL HTTP/1.1 159.65.180.64/js/services/contentService.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 430054daf6bed95a47271953a5ea835e
8cabcc64112be5ac484e24588a6a62f441a59f26
78082133c61a524fd40da290e4b95c2e765e70bc98afd2c3d1ebedc3e8620b81
Analyzer Verdict Alert fortinet Malware
GET /js/services/contentService.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AaWymnqtZrOvOmtZ6doT0-WqGV9fXvWn4.yXiZBZ4I%2BC7fsIndRBRnlMLd9E6lGlPtCcKH8zbCBlA; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:50 GMT
Content-Type: application/javascript
Content-Length: 6950
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1b26-161a4459a22"
set-cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; Path=/; HttpOnly
maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
216.58.207.234200 OK 23 B URL HTTP/2 maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true
IP 216.58.207.234:0
File type JSON data\012- , ASCII text
Hash e3981ca10169a319d5aa062bf43a5fa1
2c6ed584767b65688ce99b1ebe1a3b7448a67421
8b0b8749aba12de93f3cf5d86f9fac9d6de7cac400a17473718f182a34ebb7e9
GET /maps/api/mapsjs/gen_204?csp_test=true HTTP/1.1
Host: maps.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://159.65.180.64
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Tue, 27 Sep 2022 13:15:51 GMT
server: scaffolding on HTTPServer2
cache-control: private
content-length: 23
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: http://159.65.180.64
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
159.65.180.64/assets/vendor/jquery.nav.js
159.65.180.64200 OK 5.1 kB URL HTTP/1.1 159.65.180.64/assets/vendor/jquery.nav.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash a33571eb2591514e45765696e5d92c9f
e680863a86670bf2d8e0b1f5b33c267f0ddc5cd1
707a967916ff7ca8411b995ff078ee44fcbb627bbb11f067643f7a6ab7f99806
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/jquery.nav.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 5138
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1412-161a44599ce"
set-cookie: connect.sid=s%3AWilfhmlLrnx26_KE6OvA-SYSyMGozhvS.R351JgFKvz24wSOqzxQ9cZ4M6vnBQb4z3D7Nwj%2BnrJ0; Path=/; HttpOnly
159.65.180.64/assets/vendor/owl/owl.carousel.min.js
159.65.180.64200 OK 43 kB URL HTTP/1.1 159.65.180.64/assets/vendor/owl/owl.carousel.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (32012)
Hash 6473747d818f47587036ccde48050d82
75560ff8e721a6344a927f369debcf80004c9d24
63c97e11ea143afafc4aa123fe04f28c16fc0aa86dac0e8653d3f8c81fb8d5c1
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/owl/owl.carousel.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 42854
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"a766-161a44599ce"
159.65.180.64/assets/vendor/isotope.js
159.65.180.64200 OK 43 kB URL HTTP/1.1 159.65.180.64/assets/vendor/isotope.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- HTML document, ASCII text
Hash 6d47cccc7cb377fb74a9a0379d35545c
58348b0b4a8db35b1f26cd86788a9a67305b67c6
4c340f0f17fd71d40512e47a9450c81728d8b30b08f78e4487e30b62447f0bcb
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/isotope.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 43330
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"a942-161a44599ce"
set-cookie: connect.sid=s%3AmQZ5O9eCloHk5yBmjQygRK3hYpm3ZWBW.Kj1JZnhn2MjFuU%2F608%2B5AhRcZRP4yvLS5fEnc7OBqyU; Path=/; HttpOnly
159.65.180.64/assets/vendor/jquery.animateNumber.min.js
159.65.180.64200 OK 1.4 kB URL HTTP/1.1 159.65.180.64/assets/vendor/jquery.animateNumber.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (512)
Hash e82859530187f47412f6cf5538079889
ffcb559258c8c7dd99432d91b44d766ee591dce3
2b84b8afa65c22a729e86ad914cfdeae311256b86d12be99c12cd610d14e65a1
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/jquery.animateNumber.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 1353
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"549-161a44599ce"
159.65.180.64/assets/vendor/wow.min.js
159.65.180.64200 OK 8.2 kB URL HTTP/1.1 159.65.180.64/assets/vendor/wow.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (8099)
Hash 21fe90eedcbaafb4ed529d78418d30bd
a16375b80220d315151f57bab2d4ee03c9fe1d20
7852a22b72ead62cfc4a1b1ca32874b3e222f232a991a6d1432313572f534135
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/wow.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 8155
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1fdb-161a44599d2"
159.65.180.64/assets/vendor/visible.js
159.65.180.64200 OK 3.0 kB URL HTTP/1.1 159.65.180.64/assets/vendor/visible.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 1445df021b5154ffec6f0e070c938ff2
bc68fd2c2770b4262cf98ce5c65b32b26c564520
ed9ba5661a0553852c04aeee9ae19229d8302ed189480dad42af5c52164906b9
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/visible.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 2964
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"b94-161a44599ce"
set-cookie: connect.sid=s%3AMEPUh5ra9Kpyy92-QDGPTS7Tor4gDY10.qUyvD4dKrzEQCk5mCPOgQukuyVCcz%2BMl8hK%2FSqglZGs; Path=/; HttpOnly
159.65.180.64/assets/vendor/imagesloaded.pkgd.js
159.65.180.64200 OK 27 kB URL HTTP/1.1 159.65.180.64/assets/vendor/imagesloaded.pkgd.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 12d2c160b8058f1186689a95a620e1de
8ae8abe633d6d6fe61a092628592fa7fe3ab1b74
2713181ed9083342e0127e9507bff990de4e3b28c43de5ff5b04ee75e4aa45f3
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/imagesloaded.pkgd.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 26643
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"6813-161a44599ce"
set-cookie: connect.sid=s%3AsIGMWMo7vgJlQ8QpnqEqwNUYPGk2t9IU.D2ga%2BoBFUc8c0ANm5PWMKZJkOHl9V9YWKSJsJ%2BTfi0A; Path=/; HttpOnly
159.65.180.64/assets/vendor/magnific-popup/jquery.magnific-popup.min.js
159.65.180.64200 OK 21 kB URL HTTP/1.1 159.65.180.64/assets/vendor/magnific-popup/jquery.magnific-popup.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (21014)
Hash be3333626c57af03599abcb59b325e09
3824067348f6485d6b07d3a43660804e3731b21a
ecbef0f33e8ccedd2c605816e052cfff778abcc0e30a80b874c097a5fddd24fc
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/magnific-popup/jquery.magnific-popup.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 21143
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"5297-161a44599ce"
159.65.180.64/aos/dist/aos.js
159.65.180.64200 OK 15 kB URL HTTP/1.1 159.65.180.64/aos/dist/aos.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (14690), with no line terminators
Hash d3718e34eeb0355be8e3179a2e2bccb7
850ee2e5c9fba610840137c6c4e92b5abbc428fe
a5005b2e414770fd5ccb40bc221a12771966d02b5c1f9c89da48bd8e3811d377
Analyzer Verdict Alert fortinet Malware
GET /aos/dist/aos.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 14690
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 03 Oct 2018 22:14:14 GMT
ETag: W/"3962-1663bfeeaf0"
159.65.180.64/views/home.html
159.65.180.64200 OK 3.1 kB URL HTTP/1.1 159.65.180.64/views/home.html
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type exported SGML document, ASCII text
Hash 75b0db352b698c58b36c8deec8cb0020
a9d258e0e868d6c9cf7abe5856bd637d01c46a10
dd0e05ea72fcee6b66b0938c7d487a16cd8c52f54318017ad3962942bfa86eb3
Analyzer Verdict Alert fortinet Malware
GET /views/home.html HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Last-Modified: Tue, 14 May 2019 19:51:48 GMT
ETag: W/"2872-16ab7e6a85a"
set-cookie: connect.sid=s%3AJLy1FBBRu9iniP-ZXdJXbhrev0k5X8vq.sQhI%2FXRks1HZBF80JrilN8WPb8MRrsPpEXc2nBoutYA; Path=/; HttpOnly
Content-Encoding: gzip
159.65.180.64/assets/vendor/side.js
159.65.180.64200 OK 1.6 kB URL HTTP/1.1 159.65.180.64/assets/vendor/side.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash ca2a82eb8e3839afd09a79a245f5c68a
fd553c062ad8cabbe4cebba582f1038c4ca004b2
d2dcd1cad02123e38184677871fb26f7cef8e8e9c21f055c0599da7690876091
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/side.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3Az9xJgbTLrNkF1WtdW13BxVdYZIJzI1NC.H13f2S8lpcGGdhCSD1dz9%2B%2BXbEXEtjF5dqT3oYpCsyI; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 1577
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"629-161a44599ce"
set-cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; Path=/; HttpOnly
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&gjid=866764391&_gid=2053816364.1664284549&_u=YADAAUAAAAAAAC~&z=1394867220
64.233.162.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&gjid=866764391&_gid=2053816364.1664284549&_u=YADAAUAAAAAAAC~&z=1394867220
IP 64.233.162.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&gjid=866764391&_gid=2053816364.1664284549&_u=YADAAUAAAAAAAC~&z=1394867220 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://159.65.180.64
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://159.65.180.64
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 27 Sep 2022 13:15:51 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
159.65.180.64/assets/js/scripts.js
159.65.180.64200 OK 5.4 kB URL HTTP/1.1 159.65.180.64/assets/js/scripts.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 397dcc944d909ba1f0c85bb5d3ec9c0c
afd6fe77ddc77974fe224694259ac983e1ae43f1
95430b02c469406c6d8691832f4298205d12fb8e31174b17c81b3526254cb904
Analyzer Verdict Alert fortinet Malware
GET /assets/js/scripts.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/javascript
Content-Length: 5401
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"1519-161a44599b6"
set-cookie: connect.sid=s%3AKwU3nPAQui17bPJdhjz-zmm8fu_F4An0.Bzgm2VO8HGKX0lJDQH2Fxk4VCdSiC5968oelj%2BnLWgU; Path=/; HttpOnly
159.65.180.64/views/tpl/header.tpl.html
159.65.180.64200 OK 527 B URL HTTP/1.1 159.65.180.64/views/tpl/header.tpl.html
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- exported SGML document, ASCII text
Hash 1609981f8c414eabf580fc1fca3153dd
427da7a62a9a3aa1f0674f483cead02cdfb5ed47
2437da30e9f31b654e39f873065a7fa950cc0cd93a3884123261884326087aa7
Analyzer Verdict Alert fortinet Malware
GET /views/tpl/header.tpl.html HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Last-Modified: Mon, 13 Apr 2020 13:27:52 GMT
ETag: W/"528-17173b98e7a"
Content-Encoding: gzip
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 002d49bafbcc428a44fe523322ad9e05
b39aad0d1e941121f28af8f9b6d76f19216800d5
59a10c7762be219b689cd518aea4d034aa725c6a632b7f866989dcf984b5e007
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:51 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
159.65.180.64/styles/main.css
159.65.180.64200 OK 95 kB URL HTTP/1.1 159.65.180.64/styles/main.css
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (362)
Hash 663ee4fb7095f658547322a612af8055
ed96475efaaba2088ab58cac3a600a918b868c1f
ac8287c2f0cc2ee8461eafa0c7fa00438d59f3b35ae5eda8c12b20191c51a9ca
GET /styles/main.css HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/css; charset=UTF-8
Content-Length: 95266
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 20 Mar 2019 21:17:23 GMT
ETag: W/"17422-1699cf74148"
set-cookie: connect.sid=s%3ANajO4xrYh9TnQtSPfLyzglN2vp34o0kq.C5W1EJnWqJ9doLkxEpFSIRl8dxtGaiBWmsB3ymczilk; Path=/; HttpOnly
159.65.180.64/views/tpl/footer.tpl.html
159.65.180.64200 OK 514 B URL HTTP/1.1 159.65.180.64/views/tpl/footer.tpl.html
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document, Unicode text, UTF-8 text
Hash 22435bf2c736b050adc95e74d81f1478
3c3f41a99f2c6905b2411ee433d2b9c48d71da5a
94a8eab4940d843c1c6777a221c2a015cbb373f3857d361622772b7f6d733611
Analyzer Verdict Alert fortinet Malware
GET /views/tpl/footer.tpl.html HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Last-Modified: Sun, 04 Nov 2018 22:32:27 GMT
ETag: W/"4f2-166e0db1bec"
set-cookie: connect.sid=s%3AcG74VGuXJOwyrK36CLVkAAiW-sPRvIQw.Ucv9CsKrU1GILACaIts0neR9kSkIhNYCv3KGX72jxO4; Path=/; HttpOnly
Content-Encoding: gzip
159.65.180.64/views/tpl/topLoginBox.html
159.65.180.64200 OK 1.0 kB URL HTTP/1.1 159.65.180.64/views/tpl/topLoginBox.html
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type HTML document text\012- exported SGML document, ASCII text
Hash 6ad77b3ac490194c06e31991dbe66b33
50f61f1649c5db079152e46be859062f5d655f1c
e54de0d03d251fcfaebfa0b333a89bcc21714b346c226f0b6efbf4b8ad27f107
Analyzer Verdict Alert fortinet Malware
GET /views/tpl/topLoginBox.html HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Last-Modified: Wed, 03 Oct 2018 13:45:36 GMT
ETag: W/"a56-1663a2d4055"
Content-Encoding: gzip
fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Oswald:400,300,700
142.250.74.10200 OK 903 B URL HTTP/1.1 fonts.googleapis.com/css?family=Open+Sans:400,300,600,700,800|Oswald:400,300,700
IP 142.250.74.10:0
Hash 8b37a40733938b8a12d534a246f5b8df
320db1d4975d6d5af69751da80f57cc280418701
86aba8fa20997afc219f510b2e8c93a5c45f417f987a2c406011babb2760b8c2
GET /css?family=Open+Sans:400,300,600,700,800|Oswald:400,300,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 27 Sep 2022 13:15:51 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin-allow-popups
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
159.65.180.64/content/getQuote
159.65.180.64200 OK 195 B URL HTTP/1.1 159.65.180.64/content/getQuote
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash a37dfbb0cb2b81ac2873b9fa32a3baee
49fd32199dd8009f2d183d8d9b3acf4893c08336
581e4bab50d20edf9a5aa23d4e4344f5309b3a57a8992eee3e4ff1c70b39db5e
Analyzer Verdict Alert fortinet Malware
GET /content/getQuote HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 195
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"c3-o337sMsrgawoc7n6MqO67g"
159.65.180.64/content/getAboutUs
159.65.180.64200 OK 1.5 kB URL HTTP/1.1 159.65.180.64/content/getAboutUs
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (1509), with no line terminators
Hash a363fe5bb0bc4220f994c60ca95a2cb2
6823110bf7e71bef9cfe2569748b5e279582cd4d
b67e0537be833701e285a7949359304cca2c69fcd2ad8abc7fb2088012d7f331
Analyzer Verdict Alert fortinet Malware
GET /content/getAboutUs HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 1511
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"5e7-o2P+W7C8QiD5lMYMqVossg"
159.65.180.64/content/getOurServices
159.65.180.64200 OK 34 kB URL HTTP/1.1 159.65.180.64/content/getOurServices
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (33772), with no line terminators
Hash 1e9d0c6c136572e052b6044c9b79fbf7
0aa323674dfe1cfe35bb349472607b776f30866a
b9211785e28ad19db088dbe623d201a9a1f917676363f46461f487b3b219f62f
Analyzer Verdict Alert fortinet Malware
GET /content/getOurServices HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 33772
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"83ec-Hp0MbBNlcuBStgRMm3n79w"
set-cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; Path=/; HttpOnly
159.65.180.64/content/getContactUsInfo
159.65.180.64200 OK 292 B URL HTTP/1.1 159.65.180.64/content/getContactUsInfo
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash b43362123712426d0c5ac0bebad0c9f2
0399125f31f2fd4a2e05e78f90f6392143320a57
60c95f6bd82833caa930b89aa19e900c2e1666f18f0a6352732c1d85c16c11f2
Analyzer Verdict Alert fortinet Malware
GET /content/getContactUsInfo HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 292
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"124-tDNiEjcSQm0MWsC+utDJ8g"
159.65.180.64/angular/angular.min.js
159.65.180.64200 OK 21 kB URL HTTP/1.1 159.65.180.64/angular/angular.min.js
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (21336), with no line terminators
Hash 4639840f7bf12b9484dd2f4bedf964ca
ac8365253682bf669102e33444635d4ed5870f6b
0c06c1337244b0a39dc199c3d44c63e95d1814b7abbb48b19cb9d0f4a59584bf
Analyzer Verdict Alert fortinet Malware
GET /angular/angular.min.js HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AlUExqrwwkHtCQSk8pMz1Q7HpZ4dfJFEv.r%2BS00rxTsFTjDBUPT2py%2FD%2Fg7U3s9rkusYzohsYmEa0
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:49 GMT
Content-Type: application/javascript
Content-Length: 174741
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 08 Aug 2018 19:12:33 GMT
ETag: W/"2aa95-1651af474e8"
159.65.180.64/content/getSocialLinks
159.65.180.64200 OK 286 B URL HTTP/1.1 159.65.180.64/content/getSocialLinks
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with no line terminators
Hash 21d042587ec5a02767127f186dc2687d
da81e546b296b08dbf8048b47b67e69fc836cda1
2f8df96f0370bec0f5f8b2ce29a533f6bd603ad66d5e3e059ae56e321d6cbceb
Analyzer Verdict Alert fortinet Malware
GET /content/getSocialLinks HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 286
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"11e-IdBCWH7FoCdnEn8YbcJofQ"
set-cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; Path=/; HttpOnly
159.65.180.64/content/getGoals
159.65.180.64200 OK 22 kB URL HTTP/1.1 159.65.180.64/content/getGoals
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (22515), with no line terminators
Hash 3440ec9a4f33f8d7361fffd7b6add0b6
dee4cd6c032cf3827ee3f9539a57a78260e5e4a8
b1e36cf900502f65cd28365cd410a554d10672e71904067f474404670e8386b2
Analyzer Verdict Alert fortinet Malware
GET /content/getGoals HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 22515
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"57f3-NEDsmk8z+Nc2H//Xtq3Qtg"
set-cookie: connect.sid=s%3A89Tp7yUIrc3NhT6uUZNRLqU4TtsNr984.9L7JSjCTU5z8M8Kob51vb2v4%2BsQwYuLvEqwy%2FVj5ekk; Path=/; HttpOnly
159.65.180.64/content/getTopSliders
159.65.180.64200 OK 3.9 kB URL HTTP/1.1 159.65.180.64/content/getTopSliders
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , ASCII text, with very long lines (3896), with no line terminators
Hash 07c27762ce1e0f3e0981033fe89d2311
c4500db323f8085131173c11f9c6cd0a0d16a263
d8a6355b0135863575f232e03dae58b1626b8f190425cf26dddd302c33e61793
Analyzer Verdict Alert fortinet Malware
GET /content/getTopSliders HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 3896
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"f38-B8J3Ys4eDz4JgQM/6J0jEQ"
159.65.180.64/content/getHowCTFWork
159.65.180.64200 OK 12 kB URL HTTP/1.1 159.65.180.64/content/getHowCTFWork
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (11491), with no line terminators
Hash 80b96159d6b3c6ccb07634c18c07c746
0d09865ecd238b1fed179008b9d5df8dfd9503aa
a84c03af480da98781de26e4021dad64295bdf17de50825cbdb05708ee5b5448
Analyzer Verdict Alert fortinet Malware
GET /content/getHowCTFWork HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/json; charset=utf-8
Content-Length: 11493
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
ETag: W/"2ce5-gLlhWdazxsywdjTBjAfHRg"
set-cookie: connect.sid=s%3ASxYvawyiWPwGkeOk_JIxU10w8jW6a3xp.I1HNi9tUS4v%2BPoAfAClrM23k0HcWIpr44PQdOhhVOy8; Path=/; HttpOnly
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
142.250.74.163200 OK 25 kB URL HTTP/1.1 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://159.65.180.64
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 25372
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 27 Sep 2022 03:43:56 GMT
Expires: Wed, 27 Sep 2023 03:43:56 GMT
Cache-Control: public, max-age=31536000
Age: 34315
Last-Modified: Mon, 18 Jul 2022 19:24:05 GMT
Content-Type: font/woff2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
142.250.74.163200 OK 45 kB URL HTTP/1.1 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://159.65.180.64
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 44856
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 26 Sep 2022 21:39:32 GMT
Expires: Tue, 26 Sep 2023 21:39:32 GMT
Cache-Control: public, max-age=31536000
Age: 56179
Last-Modified: Mon, 15 Aug 2022 18:20:18 GMT
Content-Type: font/woff2
159.65.180.64/views/tpl/topLogin.html
159.65.180.64200 OK 112 B URL HTTP/1.1 159.65.180.64/views/tpl/topLogin.html
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
Hash 24289c27b3be760c5c251cd56f07ef93
458b76b7548e82dfb625387eb6b081af0f2554c1
95754aac8587af03349aa6dc22230bab607ade6f2de3867c0f8f2cfbe23de27e
Analyzer Verdict Alert fortinet Malware
GET /views/tpl/topLogin.html HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AKwU3nPAQui17bPJdhjz-zmm8fu_F4An0.Bzgm2VO8HGKX0lJDQH2Fxk4VCdSiC5968oelj%2BnLWgU; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"7a-161a4459a26"
set-cookie: connect.sid=s%3AOGctJ1x-FvOX5BUUq4omN8m8UegbfmGY.jlcq0i0WWy32pFUJqNlXBwPR7SQFbKL9cD1BM%2F9xy%2FA; Path=/; HttpOnly
Content-Encoding: gzip
159.65.180.64/img/logo.svg
159.65.180.64200 OK 51 kB URL HTTP/1.1 159.65.180.64/img/logo.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash ae8ae4077f65b4239c23289c72e11747
66e278fef47f1c6af0a4f5418eb6c93e21d5d694
9d832f214cde117db4ca57997776673a1f992c0a8574d55fc0621b6f703b2015
Analyzer Verdict Alert fortinet Malware
GET /img/logo.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/svg+xml
Content-Length: 50567
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"c587-161a44599de"
159.65.180.64/assets/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
159.65.180.64200 OK 77 kB URL HTTP/1.1 159.65.180.64/assets/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type Web Open Font Format (Version 2), TrueType, length 77160, version 4.459\012- data
Hash af7ae505a9eed503f8b8e6982036873e
d6f48cba7d076fb6f2fd6ba993a75b9dc1ecbf0c
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
Analyzer Verdict Alert fortinet Malware
GET /assets/vendor/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0 HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://159.65.180.64/assets/vendor/font-awesome/css/font-awesome.min.css
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: application/font-woff2
Content-Length: 77160
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"12d68-161a44599ca"
set-cookie: connect.sid=s%3ApiD1SzBy1qAK4T4Ya-TDwYOo64bFOavD.8g1UnfS7DPZ03ItOWFOjZ4MYZz%2FdrBIop3tT%2F7FDSdY; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3234
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a90590f26bae9ad9e95ffdfbfb7dd21d
cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3
33fe3394213e01d11c3e005cb5a678ba74511704d4132fc2bd9f7ad4e1b7dbfc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdc9985e6-5fe2-4d64-8060-3ea9e7ea528d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10318
x-amzn-requestid: 6a205445-8a9e-4f25-b144-ba6e6934d383
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZCSlhFNAIAMFmBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6330caef-61ecbf9154cd56131b940ac0;Sampled=0
x-amzn-remapped-date: Sun, 25 Sep 2022 21:41:04 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: qP5-TglQAoTGc78-rIK27mKRTS_WthN0OpiiMqSF-y2rmWxVOyfNVw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 5fe5f2a3903f1378941d92eceaf3fa16.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:02:24 GMT
age: 58407
etag: "cde7845f38c4c077f1f1cfda1d1e3b00065d3ac3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 62e68c3cd08dd94d910507512a67e85f
3d4fa8701f17e8818c25584ef5f04bfbee8440cd
058d798963f83f5fb88ab728185f755c5353fa981d93e1b6ff869089f501586b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79631135-a10c-43bf-85d2-fa2236b96883.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 13213
x-amzn-requestid: 09f8fee2-6830-4bec-af40-f2fb6547bc63
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFkreH5poAMFdxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321b16-0afbf5e01a013e6f0db53da1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:35:18 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: CwkfEPDseHez7mArqwz8tmC3WHFwXAZF1OSColucaQ5vG2hvBIDWOg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:42:47 GMT
age: 55984
etag: "3d4fa8701f17e8818c25584ef5f04bfbee8440cd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
159.65.180.64/img/loading.gif
159.65.180.64200 OK 77 kB URL HTTP/1.1 159.65.180.64/img/loading.gif
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type GIF image data, version 89a, 120 x 120\012- data
Hash b17d79baa472b388f3ab71b37fa3b5a5
81606ac092b87d1ab8022ab8b828f6afee129147
b89271b299877168530cbc66cd2abd7dfd42906072c7a3f1300045ed21d6111f
GET /img/loading.gif HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/gif
Content-Length: 77268
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"12dd4-161a44599da"
set-cookie: connect.sid=s%3Abf1Dur7tgehMadJHhzOpr3xD6tlA2-fq.DbSuQF58BLMHmgiHIRHOHcCVFsmKZ51DvN%2FjJhf20lo; Path=/; HttpOnly
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash deb8d1e3b6d7fbc8c8ba478269621676
84f5a4c8b38acde814bc790e5b514347718d5bb9
ed14fa766f0708b4166e83b61f160db5671af430917b7c67184bf18d9208742b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1bfe3adc-1955-4f21-9e44-c0bc53a4edc5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9163
x-amzn-requestid: 8ccd9b1f-bef9-4591-be32-e6dd98f4ee78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZFlKpEZrIAMFS1Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63321bdd-4a40b9c8281b64c725fec0f1;Sampled=0
x-amzn-remapped-date: Mon, 26 Sep 2022 21:38:37 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: Lf6qqokEw32egp3ofmJGtUTAt3RD2f9rVq5gskbhrk_VFGweeo0oCQ==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 09331f0822fc98eebaf04130a83dbd44.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:49:18 GMT
age: 55593
etag: "84f5a4c8b38acde814bc790e5b514347718d5bb9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3234
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
34.120.237.76200 OK 6.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14218a43c5e5bbce546735a780c8ccce
61676358cdbb2373bc644e66f8a84fbc8cc5daf6
905b1c30a2273aef69904f2eb1451c756fc1fdba02e86ea5c957629dd056aeda
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F658e1cdd-3e54-47dd-9724-ec65659721ea.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6390
x-amzn-requestid: b2681ff8-ab83-41e6-adef-3e6772c93c3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGFJ6Gc_oAMF44g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63324f0c-3dbf9f4e2047567b5abdbe74;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 01:17:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 8JXEBo_L_xKuKdeoOXEJ6FO7ZVsZVQzUmQFe7fYcxaHRQNEq1HWp6w==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:25:52 GMT
age: 42599
etag: "61676358cdbb2373bc644e66f8a84fbc8cc5daf6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 347dca206e13a3b13953f0ab398310b4
be60bbc96c832ae385cc9ae5828bd32703011b21
f6da888a54a0c6c73466f2c2a72dd875514a39d81b760a6b0116b4dd56ef31dd
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F171029d0-40d4-47b3-8936-8ba3b16b3212.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 10211
x-amzn-requestid: 3ea4ac84-2465-4bd1-8ade-863de3c9576e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YbfSuGoQoAMF9oQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632145aa-7843b82728ead9a053c689d1;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 03:08:26 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: MMrek5LO9ukZjB6VV-5McuE_maDzwTOihucz0kwxuaTJMNOpTchoJA==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e80693c02cfdfd081110512210d57840.cloudfront.net (CloudFront), 1.1 google
date: Mon, 26 Sep 2022 21:52:00 GMT
age: 55431
etag: "be60bbc96c832ae385cc9ae5828bd32703011b21"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5274e770cb5a704916c8965659709f4a
1a26007f761e439db575fb80fb403031260aecf4
e36e8be75c92feb9b416a46c5918356d8f9694894a799b7c10de21034d33d5ef
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2517fd65-65c6-43b1-93a6-b1205ba3f0f8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 7455
x-amzn-requestid: 0887cd56-f324-46cf-a086-709e1c66f354
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZGBTdHmhoAMFvIw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633248e2-42391706084f335228fe3994;Sampled=0
x-amzn-remapped-date: Tue, 27 Sep 2022 00:50:42 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: vx-yM_jeJvOaa1UizK5OoDJFkvKnajg2ezLF2l2qnN_OhdTE6I4taQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b13f158bdf9805ca47e07c0c35870c12.cloudfront.net (CloudFront), 1.1 google
date: Tue, 27 Sep 2022 01:05:55 GMT
etag: "1a26007f761e439db575fb80fb403031260aecf4"
content-type: image/jpeg
age: 43796
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3234
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Connection: keep-alive
159.65.180.64/img/orngL.svg
159.65.180.64200 OK 558 B URL HTTP/1.1 159.65.180.64/img/orngL.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 83692627c97ea07ea02e2accce462288
bd488e07f4c75979ea7f26e8353a7661e2af48f6
6e76d4a80f735925abcb1b53b56b85cc9dc762f1c0a4a7a5bdfd42f56ebf9c5b
Analyzer Verdict Alert fortinet Malware
GET /img/orngL.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/svg+xml
Content-Length: 558
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"22e-16b769e4eca"
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3234
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Connection: keep-alive
159.65.180.64/img/sportA.svg
159.65.180.64200 OK 32 kB URL HTTP/1.1 159.65.180.64/img/sportA.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 9c6e71e93d818b9dedb563a315e84453
bccbeb6cc968db54d1a60bb507ce2e8946258845
7fba83f806e3bc572b4d77e1df1ad77dcf3e960ab7b0fb2e1fa74d0dfbf815e1
Analyzer Verdict Alert fortinet Malware
GET /img/sportA.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/svg+xml
Content-Length: 31513
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"7b19-16b769e4eca"
set-cookie: connect.sid=s%3ArSuDEFm5IPkdZr4oyqaK4fZ6CaJRVdr5.OuprpnmQcauQatYEMY7XkaXCLJTvQHhjMNU5li58XgQ; Path=/; HttpOnly
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5a6097201b7da81f6e9a6d99a7353a0c
d4240fe80c76013b9f7b6fd09963aa47151b8d6a
519e9b47ddfa1e1fe047f4dc7df88e3011817f88144fcc3853a7984a781c2070
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "519E9B47DDFA1E1FE047F4DC7DF88E3011817F88144FCC3853A7984A781C2070"
Last-Modified: Sun, 25 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3234
Expires: Tue, 27 Sep 2022 14:09:45 GMT
Date: Tue, 27 Sep 2022 13:15:51 GMT
Connection: keep-alive
159.65.180.64/assets/img/slider/sprot4.png
159.65.180.64200 OK 222 kB URL HTTP/1.1 159.65.180.64/assets/img/slider/sprot4.png
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 819 x 648, 8-bit/color RGBA, non-interlaced\012- data
Size 222 kB (222502 bytes)
Hash 95328b78a6db29ce2eff6b011649eec9
1e985aeab2b164a343810ad083d157b195ea107b
e6f51d9916fe23fb94f16e21a2af4077fc80d7cf52f4c5e51c46e4a956656fc6
GET /assets/img/slider/sprot4.png HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/png
Content-Length: 222502
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"36526-161a44599b6"
159.65.180.64/img/orngL2.svg
159.65.180.64200 OK 560 B URL HTTP/1.1 159.65.180.64/img/orngL2.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 3d0ae81e436354cc764d83c8bfe5c861
0b3ad519a6029e064f77681ed1748de3f4cb5252
e98ae1b41401ee988842f9ed32f28dce27c117f4b95a3699dde11b76379c574e
Analyzer Verdict Alert fortinet Malware
GET /img/orngL2.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/svg+xml
Content-Length: 560
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"230-16b769e4eca"
set-cookie: connect.sid=s%3ANLQ73oAMfHhaklWl02IpPFjpV03O385g.tzfA1tw%2B87RmXfql6vjqPw8kJiIToDc1Fl%2FEnUxcYoA; Path=/; HttpOnly
159.65.180.64/img/blues-blue.svg
159.65.180.64200 OK 556 B URL HTTP/1.1 159.65.180.64/img/blues-blue.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 280dd78d9eaedd8dd1f71aafa69a97a3
2e6f365911ebe39ee5a5b44272700c2e5b81d3ea
f01a14d314267c57c45b83efa49dafa19d76af6e64a563998c86d77563f37771
Analyzer Verdict Alert fortinet Malware
GET /img/blues-blue.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/svg+xml
Content-Length: 556
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"22c-16b769e4ec2"
159.65.180.64/img/slider/contact.jpg
159.65.180.64200 OK 17 kB URL HTTP/1.1 159.65.180.64/img/slider/contact.jpg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CS6 (Macintosh), datetime=2017-03-16T16:44:49+04:00], progressive, precision 8, 1920x896, components 3\012- data
Hash e925b193d5aac31ac0a1d039d5a4248e
b38be78dd15c895b85e08616ef7564c8081ee658
2415be9d84fc801b8b7c736682a0a0a0dba064e6c59c7fa21b66fab0a1667d99
GET /img/slider/contact.jpg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/jpeg
Content-Length: 16715
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"414b-161a44599fa"
159.65.180.64/img/slider/slider-5.jpg
159.65.180.64200 OK 171 kB URL HTTP/1.1 159.65.180.64/img/slider/slider-5.jpg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=3, software=Adobe Photoshop CS6 (Macintosh), datetime=2017-03-13T18:42:38+04:00], progressive, precision 8, 1568x1024, components 3\012- data
Size 171 kB (170916 bytes)
Hash ced0cbaeb1e49e11aaefe66de0d060d9
085594b4a3428073d68b1c232ec116e0811a58b9
304aa55a19176dec87d0b1c93d6efb557c5bd96d4dacc5b09e77ec1de6523348
GET /img/slider/slider-5.jpg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/jpeg
Content-Length: 170916
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"29ba4-161a4459a1a"
set-cookie: connect.sid=s%3APvkf1GTe3YMhs_FOmD5u9E7WXi2gInpQ.dLjYzgJ7GBCRKAfhHb9%2BslXea9bKuX81XOYCytvZKWg; Path=/; HttpOnly
159.65.180.64/img/parallax/parallax-1.jpg
159.65.180.64200 OK 400 kB URL HTTP/1.1 159.65.180.64/img/parallax/parallax-1.jpg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=8, orientation=upper-left, xresolution=110, yresolution=118, resolutionunit=2, software=Adobe Photoshop CS6 (Macintosh), datetime=2017-11-05T23:31:43+20:00], progressive, precision 8, 1920x1080, components 3\012- data
Size 400 kB (399961 bytes)
Hash 468669e13cfaa4acde032a9918a8febd
bddf19f2c5734a34e8b3001e4e491ef0b28aa62c
4c02f6d7d0e55ee12562734031e6372c5d954600f283821d16b51bbcdff27372
GET /img/parallax/parallax-1.jpg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/jpeg
Content-Length: 399961
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"61a59-161a44599f2"
159.65.180.64/img/menu.svg
159.65.180.64200 OK 2.6 kB URL HTTP/1.1 159.65.180.64/img/menu.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 3773d8cff96254e92f8b4ae7dc902281
b3f87097c914e6d92bbe944005d43cb45b48d062
d9d1c32a298582f1ba93f9136bc8bc13200d552785062bbaf8cf75032c49efa9
Analyzer Verdict Alert fortinet Malware
GET /img/menu.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AVbcwA3n1TQYECmnlJVEUR1DK3LkV0_lU.QZYyCV1m1cO9iZqXP1NOZAM6LW85eHvXEo5OyPm%2Bu%2BM; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 2623
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"a3f-16b769e4eca"
set-cookie: connect.sid=s%3AvMpiUiwc6ySDH3Un9sMVVgjaPI-d9xF5.ybaN3rlru2jB5aV3k6lTpnSURzXQDVTH%2F7tm7rfTouk; Path=/; HttpOnly
159.65.180.64/assets/img/slider/man.png
159.65.180.64200 OK 806 kB URL HTTP/1.1 159.65.180.64/assets/img/slider/man.png
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 781 x 996, 8-bit/color RGBA, non-interlaced\012- data
Size 806 kB (805780 bytes)
Hash ff5587b91424530d8f5949ea43bdc295
38417793fde2832f2b89fbd6cd168d3497d08b08
57b137e473caf9f8c659ad2fae44d32c940b89bc312badfb57baa4046d4d4ab1
GET /assets/img/slider/man.png HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/png
Content-Length: 805780
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"c4b94-161a44599ae"
set-cookie: connect.sid=s%3AVbcwA3n1TQYECmnlJVEUR1DK3LkV0_lU.QZYyCV1m1cO9iZqXP1NOZAM6LW85eHvXEo5OyPm%2Bu%2BM; Path=/; HttpOnly
159.65.180.64/assets/img/Hlogo.svg
159.65.180.64200 OK 23 kB URL HTTP/1.1 159.65.180.64/assets/img/Hlogo.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 9c405117a4b8cb70c4a9b25f147e4e17
d2a6683f5dcefb4a9421785db17bc42e1e13cc1f
b1901e9d1a53f08109eced205a67ebec9c78aec6b15754c034af8ea89018b617
Analyzer Verdict Alert fortinet Malware
GET /assets/img/Hlogo.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AcG74VGuXJOwyrK36CLVkAAiW-sPRvIQw.Ucv9CsKrU1GILACaIts0neR9kSkIhNYCv3KGX72jxO4; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 23235
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"5ac3-161a445999a"
159.65.180.64/img/footerornge.svg
159.65.180.64200 OK 549 B URL HTTP/1.1 159.65.180.64/img/footerornge.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 62ce8ad594660e5e362efebee9c4f5d0
9e18cb6a408b70b8f51b40f6a47484d672359465
d93e70ef81c877523978bbf2b42ce10a3d78a529a41622359ef58756d83338e1
Analyzer Verdict Alert fortinet Malware
GET /img/footerornge.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 549
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"225-16b769e4ec2"
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash af8c60bc2d64be6d02ec891bf12431a1
fd4d50dde1369e2b2f4d9481098dc509f033c7a0
7620af1e027f76c59e17aff54a47c9161f748ee6641a348340a654256f2d341b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 13:06:14 GMT
Server: ECS (nyb/1D07)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: AWSFqNQjXnWWl2wCvh1GG3kE4CoQWE3Sfb3xudw3LvgzyRmHRug1xQ==
Age: 578
159.65.180.64/img/users.svg
159.65.180.64200 OK 1.8 kB URL HTTP/1.1 159.65.180.64/img/users.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 95f4f2c018e889f4190d28a856c8457b
712abf130b3272ab9c3e50f705b017962c0160b8
80c5453f375acff394fec5a74bd6bd3bee3282cbcdbd49af86352ef88b1a3cd8
Analyzer Verdict Alert fortinet Malware
GET /img/users.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 1834
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"72a-16b769e4eca"
set-cookie: connect.sid=s%3AwHBUJZGwdMsOvq2sQVQ462rutxFFi5Jj.iAsoV7ow09YywZc4ElpmpaZCfVlNHQenRoSUfO8FNRk; Path=/; HttpOnly
159.65.180.64/img/lock.svg
159.65.180.64200 OK 1.6 kB URL HTTP/1.1 159.65.180.64/img/lock.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash bf55ef67438b797523d14f31056c4191
26568e7bd4e57e1c367de726b88dc2ca6a3b0438
98ccb224f473b2b7bc958f105ee4cee8e7da3f4fb46890c9459671f4d874a96c
Analyzer Verdict Alert fortinet Malware
GET /img/lock.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3A6XiynYdcRIYjBW6DMb-6kAW-ZDUK1aGd.UCqKST%2F%2Bh0RUqwzJ71uT3hrbWx7scqsB3nHjRlK4JSg; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 1554
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"612-16b769e4ec6"
159.65.180.64/assets/img/Hlogo2.svg
159.65.180.64200 OK 25 kB URL HTTP/1.1 159.65.180.64/assets/img/Hlogo2.svg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 054181291ffe15013854be838d5db46e
1887e18c1e6f7442ab3d706b6a4b81f06ee51353
9226851b291c1e307f216f0ea12b00527c3a86a8f992becff9d472eed41d24c5
Analyzer Verdict Alert fortinet Malware
GET /assets/img/Hlogo2.svg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3AcG74VGuXJOwyrK36CLVkAAiW-sPRvIQw.Ucv9CsKrU1GILACaIts0neR9kSkIhNYCv3KGX72jxO4; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/svg+xml
Content-Length: 25121
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Thu, 20 Jun 2019 20:40:14 GMT
ETag: W/"6221-16b769e4ec2"
set-cookie: connect.sid=s%3Ambc4eFMTB49QirZiHyVP1H2ChM_f-xmz.f104Pkzrr3nNoPrzbaXvDOJDCo9U0tPgkcDfKxSMVow; Path=/; HttpOnly
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash af8c60bc2d64be6d02ec891bf12431a1
fd4d50dde1369e2b2f4d9481098dc509f033c7a0
7620af1e027f76c59e17aff54a47c9161f748ee6641a348340a654256f2d341b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 11:37:14 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d-QDQ5SvSi1fVrDhgIcS4voazvbqamkVMH5M6HzbTnn3DWB1FaMwbQ==
Age: 5919
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash af8c60bc2d64be6d02ec891bf12431a1
fd4d50dde1369e2b2f4d9481098dc509f033c7a0
7620af1e027f76c59e17aff54a47c9161f748ee6641a348340a654256f2d341b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 12:25:20 GMT
Server: ECS (nyb/1D14)
X-Cache: Miss from cloudfront
Via: 1.1 814e8c24454087e83cd261a6cf477166.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: uZPmaZ0VZLPlt2qjM-b7Lh_idtqisHyU3qALxEXlUyfkJUurkI6oFg==
Age: 3032
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash af8c60bc2d64be6d02ec891bf12431a1
fd4d50dde1369e2b2f4d9481098dc509f033c7a0
7620af1e027f76c59e17aff54a47c9161f748ee6641a348340a654256f2d341b
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 12:37:28 GMT
Server: ECS (nyb/1D0E)
X-Cache: Miss from cloudfront
Via: 1.1 095562e8748e634f880ee3c4ada2b6d0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: d95ySXLDHhyL27ljFsIretagoSS4TaoA3lvs1wZ8VoVAe1rFcpemJQ==
Age: 2304
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 5b0295885b9dd38adc9d7caa4af14a52
4f3d7251601658363c9f2ec78b86a59440a7f9b4
2b55aa9678bf30f4c9568302631775c22feff862377c4c389e5f199d2c1e8b96
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 11:54:36 GMT
Server: ECS (nyb/1D25)
X-Cache: Miss from cloudfront
Via: 1.1 9ede9483eb891e14681c7c693b47c862.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ZTO8E5FY99109gFF4cNvVkIr8NL_2NOVW7q4d4_lcZAU10rkilWRHA==
Age: 4876
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 5b0295885b9dd38adc9d7caa4af14a52
4f3d7251601658363c9f2ec78b86a59440a7f9b4
2b55aa9678bf30f4c9568302631775c22feff862377c4c389e5f199d2c1e8b96
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Tue, 27 Sep 2022 13:15:52 GMT
Last-Modified: Tue, 27 Sep 2022 11:59:42 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: -skjDM8Jf9nX0XWh5x6kyB7pj9IaK0cOSjakUNjduHAEGnHbpto_aA==
Age: 4570
159.65.180.64/img/slider/slider-9.jpg
159.65.180.64200 OK 568 kB URL HTTP/1.1 159.65.180.64/img/slider/slider-9.jpg
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=12, height=1024, bps=158, PhotometricIntepretation=RGB, orientation=upper-left, width=1568], baseline, precision 8, 1568x1024, components 3\012- data
Size 568 kB (567681 bytes)
Hash e5fe1f1dbf9ab240e0388512b65a486e
f4765c5e981ffef0c0884500311cf4b48fab9b34
16c5c88b4543ecee719c645d95e9bb0c2b7f5998e985fbd36def85fe54c910f3
GET /img/slider/slider-9.jpg HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/styles/main.css
Cookie: connect.sid=s%3AQY-F8XfqjyBgyhcgy-ywoykhr--jVo_w.e3TsbMGlBwSKK%2B1%2BJZ2q3genwPaQW0s5KS1HfuLUg%2Bc; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:51 GMT
Content-Type: image/jpeg
Content-Length: 567681
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"8a981-161a4459a1e"
set-cookie: connect.sid=s%3AmjKrDp4GcpyCJIPC4BlCFT9CvOmnlmIT.CiJnWNAsbp%2FjthThkOS54Udh2fS6bMhuh%2BUYyRPH1vU; Path=/; HttpOnly
159.65.180.64/assets/img/slider/leftman.png
159.65.180.64200 OK 622 kB URL HTTP/1.1 159.65.180.64/assets/img/slider/leftman.png
IP 159.65.180.64:0
ASN #14061 DIGITALOCEAN-ASN
File type PNG image data, 891 x 917, 8-bit/color RGBA, non-interlaced\012- data
Size 622 kB (621809 bytes)
Hash df880b2cd5aa5d4790441c0b2fc5de5e
4025260a55507d2855999f9f36c5d163c6aca16b
e4c0847bafbc1c8e19511f497efcbcbf1453ca73f9e2002dcfd8a961d3cb389a
GET /assets/img/slider/leftman.png HTTP/1.1
Host: 159.65.180.64
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://159.65.180.64/
Cookie: connect.sid=s%3ALsyBPXz5sd6cjvWkL4FTBWoWrJePS95-.G2rZQvNniuX9jibj%2B5SooZTqrD2IZcPcFpH925O3An0; _ga_CD2QRE3E1M=GS1.1.1664284548.1.0.1664284548.0.0.0; _ga=GA1.1.1585467701.1664284548; _gid=GA1.1.2053816364.1664284549; _gat_gtag_UA_111271987_1=1
HTTP/1.1 200 OK
Server: nginx/1.10.3 (Ubuntu)
Date: Tue, 27 Sep 2022 13:15:52 GMT
Content-Type: image/png
Content-Length: 621809
Connection: keep-alive
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sat, 17 Feb 2018 14:58:00 GMT
ETag: W/"97cf1-161a44599aa"
connecttofit-web.s3.amazonaws.com/BkeCmmVBXDimages
52.92.194.193200 OK 1.9 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/BkeCmmVBXDimages
IP 52.92.194.193:0
File type PNG image data, 266 x 190, 8-bit colormap, non-interlaced\012- data
Hash d5323f9914d75bd1b0cc68fc388abfca
f77857b81be759ef29d2a55d204731eb7ea42dda
bdbd5222d0e8780fabad28b0c3a6706cdbc268a7280c9cacb58d7e250718aac0
GET /BkeCmmVBXDimages HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: D/SsVG119DhTKf7tEcDOKEzlwqKCpVSp2vQey78FZ6LZe99xQRdab2wzofoMnC+pnppN/6V9iQw=
x-amz-request-id: RPXJDKDE7S72VCXM
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Thu, 27 Aug 2020 13:20:42 GMT
ETag: "d5323f9914d75bd1b0cc68fc388abfca"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 1851
connecttofit-web.s3.amazonaws.com/rkeOWOkda-kids
52.92.194.193200 OK 16 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/rkeOWOkda-kids
IP 52.92.194.193:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash 0ff053bde2e3f72f5c8ebb377d3177c1
2ba6d10010e29bf4839d84b9f7beba4cb8eab510
687224eeb63bedcb09a943308fe376f69e162c72c3073e2aa1b0b13f4c5c8cb3
GET /rkeOWOkda-kids HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: S4Puon8y90+3rg3sScbufgcCZUScjTqUA0Ox9vCmoHXeOKAV0Li/Yph6/JCcmoHKcwk8RscJc/o=
x-amz-request-id: RPXV8RV83TJT3WRQ
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:17:57 GMT
ETag: "0ff053bde2e3f72f5c8ebb377d3177c1"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 16154
connecttofit-web.s3-us-west-2.amazonaws.com/SJxQeFJ_6Zyoga
3.5.79.191200 OK 13 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/SJxQeFJ_6Zyoga
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash 958cd69ea295dcf13062b7bf31aa8ece
7d7f3bbaa1c8ab6fefc6aff125b93edfbaa26367
6d039db35b870b2e5fee2d0f19a1652695a562211d2d08fc48b41ef60864b6e9
GET /SJxQeFJ_6Zyoga HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: L5gHf26P0Ebdr+TFUw7OnRbr9kbKk/4PHC4FuUCnMSGgV2R+oTyIwY0Y7yr2QJE371DELz68jXNX+R3qJ1IX1A==
x-amz-request-id: RPXKDYJ1RZAPFA9M
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:21:49 GMT
ETag: "958cd69ea295dcf13062b7bf31aa8ece"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 12617
connecttofit-web.s3-us-west-2.amazonaws.com/B1xidDJO6W123
3.5.79.191200 OK 16 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/B1xidDJO6W123
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash cb80580accdb48a652880eaae4d6e6e3
a55b6e6198d11941231d1fe5af50aca56bdf5260
5ebcf0ea227dbdc4df8dbc060fa0d23322c9cb31b820a7922c03f3b138bf0c40
GET /B1xidDJO6W123 HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: RmdNv/lMinf9xExNxjhENtFH7v1LwaeNPQD8LQM2ILElqACMM/vYywslW03P6d2//VY8mqwfFE/6M1Qon4fu7g==
x-amz-request-id: RPXH7FCC2K8QT8CT
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:15:34 GMT
ETag: "cb80580accdb48a652880eaae4d6e6e3"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 16274
connecttofit-web.s3.amazonaws.com/ryxPZDtda-SS
52.92.194.193200 OK 11 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/ryxPZDtda-SS
IP 52.92.194.193:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash c95c36923d2ff8777587f9f2501c59ad
680c294009cbed2ef9dc7e118ff2ba5491e8fb4d
b51afe72e9ed59cb27ecbd8c56c06b20b18454622fb3d61cfd4dd8efcfec0406
GET /ryxPZDtda-SS HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: G6xE62xnPgqI4KhS5H7vgLNwLJk9YkDTHIQhSUhopDnZZPA4eNTm9P9FZivGWjbO3NubmkLg8WI=
x-amz-request-id: RPXJF9A21RPBFKNV
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sat, 21 Oct 2017 08:36:19 GMT
ETag: "c95c36923d2ff8777587f9f2501c59ad"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 11034
connecttofit-web.s3.amazonaws.com/rJx4FKJOTbylas
52.92.194.193200 OK 13 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/rJx4FKJOTbylas
IP 52.92.194.193:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash d6dce9cad64232e99ac21657c15f9211
38b02683f403abaaf160ff3e79fac942ab325109
b3cf07c4c402625f900ab0226f0a499e95a167742c1a1d349a432234aaf279cd
GET /rJx4FKJOTbylas HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: X+DPXzxQ87OJU8JCkK2lheBz/k4wN6NbSqaLRpaGaU71biFkShiLBaNbSLxefsbCo12LqpCxJcE=
x-amz-request-id: RPXP4CYAHJCBK1DZ
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:24:17 GMT
ETag: "d6dce9cad64232e99ac21657c15f9211"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 12981
connecttofit-web.s3-us-west-2.amazonaws.com/Hke3Nc1_6-dnaces
3.5.79.191200 OK 11 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/Hke3Nc1_6-dnaces
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash 88569374ad93027b46ba17bb41e095fd
33312bd89bc9177563968118c1ff256df109a415
9196ec462b212aa462dc89e2ed33c011e7e9c59ef1f5991cd5ae7d54bb6f57b4
GET /Hke3Nc1_6-dnaces HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: skQF7V6Kx3sOjWZhYsJuxKt7OK1I5z9FCOKrvpFF42yEJngoFdJecOMsqXWD0O8/cU5og4nz1knRM4cCjlvhNQ==
x-amz-request-id: RPXNGP52HY8HVNPC
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:27:19 GMT
ETag: "88569374ad93027b46ba17bb41e095fd"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 11174
connecttofit-web.s3-us-west-2.amazonaws.com/BJegKhKupbbyspec
3.5.79.191200 OK 11 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/BJegKhKupbbyspec
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash fbbc118ba58c84737b6b52fef1b9b7f3
29f51244727e9a7caf28d5f72e7fdb6f61db9cce
5f83ac0fbf2bc13baa4e4e13c211ed9a48a9fdc65aa4d92c4101615c808a808a
GET /BJegKhKupbbyspec HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: KYRNkorwa9g3Ivqe4of5EHFjzO9GWLbUAezNLHihRfSgdp9p85KYDXd1miz07RVG47DjFqrRX7NTXySmByTsIA==
x-amz-request-id: RPXGN2E3M3KTZJE4
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sat, 21 Oct 2017 08:59:37 GMT
ETag: "fbbc118ba58c84737b6b52fef1b9b7f3"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 11171
connecttofit-web.s3-us-west-2.amazonaws.com/ryl9ddKdaZdsdsdvcx
3.5.79.191200 OK 14 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/ryl9ddKdaZdsdsdvcx
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash e2b9e0572e86f6edf5a28eaa2a16a90b
ab4efb6986603922d99bbfd2a1be249e8ad9e640
b719943572733bba747faf779086176524eaccc487a15ab5aafcc091f63076a4
GET /ryl9ddKdaZdsdsdvcx HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: UnljzvWOG2YKirtIMnJXbU+UFmRwlt80rgW/3aBWGJt2MmyOIJQWnfnPat6jLjwcU8+Hv3ZZD6QGtcNPK9N7Mw==
x-amz-request-id: RPXX2W0931FGFHD2
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sat, 21 Oct 2017 08:42:27 GMT
ETag: "e2b9e0572e86f6edf5a28eaa2a16a90b"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 14055
connecttofit-web.s3.amazonaws.com/H1xK6vhOJzwsa
52.92.194.193200 OK 9.3 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/H1xK6vhOJzwsa
IP 52.92.194.193:0
File type PNG image data, 200 x 200, 8-bit/color RGBA, non-interlaced\012- data
Hash 9284cf3bc38b809b92b169b288240e7e
29a30c0f2c711e6b0f97fc4a1a1d0c9643d76419
721c38bb9ebe3f81e0e7ae59924343dca07c6911388dc09d5ee486888490d48f
GET /H1xK6vhOJzwsa HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: olzrsg5hBJND9p2mVdD/bPS5uXt0MzQsm+2chz8K3TrI+tJLPQ5RdNSDFb/4Z0/j1w19zYHefn8=
x-amz-request-id: RPXQ4SG541X61NSG
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Tue, 14 Nov 2017 18:36:53 GMT
ETag: "9284cf3bc38b809b92b169b288240e7e"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 9287
connecttofit-web.s3.amazonaws.com/B1gPjdJuT-mart
52.92.194.193200 OK 18 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/B1gPjdJuT-mart
IP 52.92.194.193:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash aaf66976cca27b51efe1278b703802aa
ce6077170d2cd262ce52282643ec4ef93ee0d847
1fea11404d43f45bfabd4fcfe74a5c4835b0d3f06fb683b22291bfa7e8d3b826
GET /B1gPjdJuT-mart HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: VXkySGbk9RdzuwQGiEH+t/NLu0HgZp2rQnRrVR1Q5DDvFxtmZfOO7ByVnT4+GS72syPk9SsPnds=
x-amz-request-id: RPXTCFVE79SXXM9G
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:20:36 GMT
ETag: "aaf66976cca27b51efe1278b703802aa"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 18465
connecttofit-web.s3-us-west-2.amazonaws.com/rketAFkupbswim
3.5.79.191200 OK 13 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/rketAFkupbswim
IP 3.5.79.191:0
File type PNG image data, 473 x 473, 8-bit/color RGBA, non-interlaced\012- data
Hash bad0f0631b9a9ed05b2a74f8e151f712
06d5391ae2894a5c9abc91ff5da5ae2d1bbfff01
030a237fc56b65f5caca6446795753ac9e15723e531bc9d0c06fe1e6533a1f2a
GET /rketAFkupbswim HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ob4UXoZRZpMPEOrwrMiyTtT5KXFgu2yMmshsfeuSxV+wpGuBlvhtaPbAN7gdfQJV8SfE+R6dxAWSAFFufzqXsw==
x-amz-request-id: RPXPTY216RX6MH7X
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Fri, 20 Oct 2017 21:25:40 GMT
ETag: "bad0f0631b9a9ed05b2a74f8e151f712"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 12738
connecttofit-web.s3.amazonaws.com/S1xK2oDnhQsss
52.92.194.193200 OK 59 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/S1xK2oDnhQsss
IP 52.92.194.193:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1568x1024, components 3\012- data
Hash 224433b17c5a39f6e2ee1d188fe18ede
faac12d9c41dc537bc86807b31567bfd36e42a9a
343f28d27681d952b27f3552dae65b8a8bae2a3fabddf9f1acba873321130432
GET /S1xK2oDnhQsss HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: HaBJT1Ud6wRsU1tFQX5G8av5sOyRCVsQay6l+cMd0p8pH/VTCT2kgkcK6tD8Kg29eqBZ+HijO1M=
x-amz-request-id: RPXWJBKYD47QKBXR
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sun, 04 Nov 2018 12:53:16 GMT
ETag: "224433b17c5a39f6e2ee1d188fe18ede"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: jpg
Server: AmazonS3
Content-Length: 59378
connecttofit-web.s3.amazonaws.com/r1lU12vh27ryxnzTXqkGH1eGpp7T0Z2234
52.92.194.193200 OK 110 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/r1lU12vh27ryxnzTXqkGH1eGpp7T0Z2234
IP 52.92.194.193:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1568x1024, components 3\012- data
Size 110 kB (109774 bytes)
Hash 0d63978b0a0afd4613be62a0b1ba765a
b87b1fbeb93540eb7fbea3b5ecc83323bc1fb63d
1108c3c62862b795d4cf573f329bb250fa0948b459e905f3dbd9af39b8b12a8e
GET /r1lU12vh27ryxnzTXqkGH1eGpp7T0Z2234 HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: wgzqSxt0NOTHsXsT83ECVIzDIINqv+O0q723Aa3LUyuFGk+dYGKzag73BkZlPJFbD9FwH1hSyss=
x-amz-request-id: RPXR8R6SFB2KKJV7
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sun, 04 Nov 2018 12:54:03 GMT
ETag: "0d63978b0a0afd4613be62a0b1ba765a"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: jpg
Server: AmazonS3
Content-Length: 109774
connecttofit-web.s3.amazonaws.com/Sylre6m91GSklJH9m6Cbhome2_01
52.92.194.193200 OK 54 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/Sylre6m91GSklJH9m6Cbhome2_01
IP 52.92.194.193:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS6 (Macintosh), datetime=2017-11-15T21:05:08+20:00], progressive, precision 8, 1920x890, components 3\012- data
Hash 8e4ba300c6fc70abe34498106e7d659c
e6a986c0138bcaa79f5ef94ecc7df43dcac7c66f
6be54047d267d2f699962882b54c7ee434574a19ade71a348bce8587ae60ea9b
GET /Sylre6m91GSklJH9m6Cbhome2_01 HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: hWp4f7/xGqthkWVskpeol7sjRZ5UsrqnwtpdoiHhGOZcdTIDgYGkW7qFpVChskYFkEFd+AvN1jw=
x-amz-request-id: RPXZQ98FVD05X3R3
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Wed, 15 Nov 2017 21:09:10 GMT
ETag: "8e4ba300c6fc70abe34498106e7d659c"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: jpg
Server: AmazonS3
Content-Length: 53973
connecttofit-web.s3.amazonaws.com/SJghg3wh2mB1eqQaQqyzHkgE61VT0-2234ds
52.92.194.193200 OK 59 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/SJghg3wh2mB1eqQaQqyzHkgE61VT0-2234ds
IP 52.92.194.193:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1568x1024, components 3\012- data
Hash a4b8bbbd197d5e66ba7e398b429473d5
d52a4b41710b076aa018fd728bbbaf0e672f7312
89951510c082e59f9f35db140e58f903edc1fb2f88da92134e14955ae5f5f166
GET /SJghg3wh2mB1eqQaQqyzHkgE61VT0-2234ds HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: AeiNPunbbYdqb2FCPK9va2R1bYETFEVQfjZyQhqwSzB5i46LoXG/GxeCMCYgTia4Q7ZfiYS+qvA=
x-amz-request-id: RPXS2A9W4XK97B3M
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Sun, 04 Nov 2018 12:54:22 GMT
ETag: "a4b8bbbd197d5e66ba7e398b429473d5"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: jpg
Server: AmazonS3
Content-Length: 58872
connecttofit-web.s3-us-west-2.amazonaws.com/HkeGwjQpCbsasa
3.5.79.191200 OK 195 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/HkeGwjQpCbsasa
IP 3.5.79.191:0
File type PNG image data, 920 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size 195 kB (195231 bytes)
Hash 01a42f7a95ff297270e0ae10d1963abd
10132e7421f961c807e7a82377cac37c60dd8a5b
7e9a7e8e2750657811b15c6bd9fd11e3c49c50e434d008e758366053838a4f76
GET /HkeGwjQpCbsasa HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: /9WVCo8iR8UaxWCtSWLEk24pYDfK1Ww6cnHCjPOJI44hD8voW/Nm7C0tACVBDzUXyvcANNqbe0RnpPks5Pdw+g==
x-amz-request-id: RPXH1149C2GWYVVB
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Mon, 06 Nov 2017 00:22:57 GMT
ETag: "01a42f7a95ff297270e0ae10d1963abd"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 195231
connecttofit-web.s3-us-west-2.amazonaws.com/B1gC_fETRZsasa
3.5.79.191200 OK 234 kB URL HTTP/1.1 connecttofit-web.s3-us-west-2.amazonaws.com/B1gC_fETRZsasa
IP 3.5.79.191:0
File type PNG image data, 920 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size 234 kB (233930 bytes)
Hash eea97df8d3f25a52d9db39d3f91d0d64
15a80e59ec6ee49587a7abc91305fbabda03e0b6
f8f228a971a1edf96d03ab04cc3705e443b87fb911cf5629bfe51abdfae92ecd
GET /B1gC_fETRZsasa HTTP/1.1
Host: connecttofit-web.s3-us-west-2.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: tSNJ9dJxS3lkbj4Fw/U9hB6I1QRnhr8lgP2SqSmnQn9eqTRS60e3W5Nf4TWBoanmADF0+gx21sczMcg4eg6e1A==
x-amz-request-id: RPXNQHDZQSAKMXVB
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Mon, 06 Nov 2017 00:53:15 GMT
ETag: "eea97df8d3f25a52d9db39d3f91d0d64"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 233930
connecttofit-web.s3.amazonaws.com/S1eHBGDq1Gbbbn
52.92.194.193200 OK 404 kB URL HTTP/1.1 connecttofit-web.s3.amazonaws.com/S1eHBGDq1Gbbbn
IP 52.92.194.193:0
File type PNG image data, 920 x 767, 8-bit/color RGBA, non-interlaced\012- data
Size 404 kB (404224 bytes)
Hash 1358955e598fe51638095c7209518cee
ac4d9dfabd2ba522aeadea91161da002ec750d28
d50b57fff2e5e43b6be6c6baffa7b28ab27cb9b0fb045bba1adc2a8f41d2a0f4
GET /S1eHBGDq1Gbbbn HTTP/1.1
Host: connecttofit-web.s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: Ljc5VB9wntqrimPmonVORjg/ixyb4yNd/CyDYj+bulsvFal5U44Iiw1RIUcofRSeQnoSH/YKyz4=
x-amz-request-id: RPXGTY7AS94C85DE
Date: Tue, 27 Sep 2022 13:15:53 GMT
Last-Modified: Thu, 16 Nov 2017 00:56:44 GMT
ETag: "1358955e598fe51638095c7209518cee"
Content-Encoding: base64
Accept-Ranges: bytes
Content-Type: png
Server: AmazonS3
Content-Length: 404224
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 5b7b66f5886a12421c3f3970bbf49d5a
13a31565fb5b2f1e75d67ba1ce09dae339f1c0e8
3ed8ffa99cefdf81381912b426c0ab9091fb5888836665d9012435965f99feba
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 13:15:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-111271987-1&cid=1585467701.1664284548&jid=175741498&_u=YADAAUAAAAAAAC~&z=329827953 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://159.65.180.64/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 13:15:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 95f95fee6e94fb192e7c06459e3e3f8e
025638b85afcc833cd592c98cc941dd011d2526f
dbc8654990b37741f8e393d069054ae68d584c2496421892e814e7a8c45467fd
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4538701cf9bc34d908f50370beb922f4
df141b9c3ec626ecaba7c1899073a48b811c4113
61497b93eb237687a8fff5845a7a81aff2f2f53dc56f2d0818bfb98dd1256d6f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 27 Sep 2022 13:15:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN