r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4500
Expires: Sun, 26 Mar 2023 13:26:46 GMT
Date: Sun, 26 Mar 2023 12:11:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dfd491ebe7381221b3674c2c8bf9e566
d2ac5badf17f348c28a52e9db10e6eb80e5a231a
34a026664386054b0b73c36cd1ddfce023551ee41963df0e38248bac1e1eb56c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "34A026664386054B0B73C36CD1DDFCE023551EE41963DF0E38248BAC1E1EB56C"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6476
Expires: Sun, 26 Mar 2023 13:59:42 GMT
Date: Sun, 26 Mar 2023 12:11:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1313ee2f06606d09c45b06ff9e8e1001
285ca89d1d3ea45d35832bc6d9827f834b3bfe21
63463447d29550c3734f621be02ec85290fbdf4612f79f9fad7e94f7e066dcb0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "63463447D29550C3734F621BE02EC85290FBDF4612F79F9FAD7E94F7E066DCB0"
Last-Modified: Fri, 24 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=17671
Expires: Sun, 26 Mar 2023 17:06:17 GMT
Date: Sun, 26 Mar 2023 12:11:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4ad6984a756720fbfff47b37a75513a2
355e35258114452af8b9638985ed9d8ef3bf0aca
43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 26 Mar 2023 11:27:50 GMT
content-type: application/json
age: 2636
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 5DreTF4oMR9+CIe39vuwoKAhlIOZOEjjOgV6/8pd/NJY+w+JRDzC4a9cRLZILCt6+KOrxlfsl6I=
x-amz-request-id: S52R01WNB9ER91KE
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 26 Mar 2023 12:01:12 GMT
age: 634
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:46 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cloud.blacksebo.de/
144.202.15.240301 Moved Permanently 162 B IP 144.202.15.240:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Sun, 26 Mar 2023 12:11:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://cloud.blacksebo.de/
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 26 Mar 2023 11:14:35 GMT
age: 3431
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9664
Expires: Sun, 26 Mar 2023 14:52:50 GMT
Date: Sun, 26 Mar 2023 12:11:46 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash bf2debb063a566c78e8b2edc6e47f115
cd6f8fa7260efc51ec52e34f7e1bcf3fdb7ab1ce
b2fdf816b852c5c111d936d8fca2d7f04ede5b70aaa037ed1801bca1d56170f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B2FDF816B852C5C111D936D8FCA2D7F04EDE5B70AAA037ED1801BCA1D56170F3"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21600
Expires: Sun, 26 Mar 2023 18:11:46 GMT
Date: Sun, 26 Mar 2023 12:11:46 GMT
Connection: keep-alive
cloud.blacksebo.de/
144.202.15.240302 Found 0 B IP 144.202.15.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 302 Found
server: nginx
date: Sun, 26 Mar 2023 12:11:46 GMT
content-type: text/html; charset=UTF-8
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-security-policy: default-src 'self'; script-src 'self' 'nonce-VGpXOTBHUk1QcUFaUDViRzBoZjlyMnNocGtjbk81Y0J6T1JxQ0JUVCtsWT06ZW1QWW9SWXRhUGcyVHRPRGlpT2Z5QmhTbGdOTWIvMWJ0b2N2YVdPRm53ST0='; style-src 'self' 'unsafe-inline'; frame-src *; img-src * data: blob:; font-src 'self' data:; media-src *; connect-src *; object-src 'none'; base-uri 'self';
set-cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; path=/; secure; HttpOnly; SameSite=Lax
oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; path=/; secure; HttpOnly; SameSite=Lax
__Host-nc_sameSiteCookielax=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=lax
__Host-nc_sameSiteCookiestrict=true; path=/; httponly;secure; expires=Fri, 31-Dec-2100 23:59:59 GMT; SameSite=strict
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
location: https://cloud.blacksebo.de/index.php/login
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
X-Firefox-Spdy: h2
push.services.mozilla.com/
54.189.54.42101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.189.54.42:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 879ws8K5dYQRTg6F/g2Xng==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 1/7jFj9yNlbqbDvoFiiNBWlr1Do=
cloud.blacksebo.de/index.php/login
144.202.15.240200 OK 4.2 kB URL HTTP/2 cloud.blacksebo.de/index.php/login
IP 144.202.15.240:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5016)
Hash 77863a9f69c1e912cd4d0df04c312efd
237b7e93c9bbbc32673567efb5425fb9f9d31f70
cc7edd5afe38fb182d098fac0eef4b34350135f1c4a85bbc7651e8afab3dc645
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/login HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: text/html; charset=UTF-8
content-length: 4221
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-request-id: ZCA2g0A9ZrFrt9Bu@XRTmgAAAAM
content-encoding: gzip
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src data: 'self';child-src 'self';frame-ancestors 'self';form-action 'self'
feature-policy: autoplay 'self';camera 'none';fullscreen 'self';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
X-Firefox-Spdy: h2
cloud.blacksebo.de/index.php/js/core/merged-template-prepend.js?v=5cf32ef3-25
144.202.15.240200 OK 3.1 kB URL HTTP/2 cloud.blacksebo.de/index.php/js/core/merged-template-prepend.js?v=5cf32ef3-25
IP 144.202.15.240:0
Hash 9ea2faef93a66a111807bd8427636654
e82570c5ce89397158d7ad34b0f628f57ef439bd
5a714ea86f3ce9eb59a67cd96e45939d55e0563ff848718beacdfd28f30fab03
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/js/core/merged-template-prepend.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
content-length: 3054
cache-control: max-age=31536000, immutable
x-request-id: ZCA2gxR1Jo2Bcu7eTEds6wAAAAA
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
content-disposition: inline; filename="merged-template-prepend.js.gzip"
content-encoding: gzip
expires: Mon, 25 Mar 2024 12:11:47 +0000
pragma: cache
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
last-modified: Wed, 22 Jun 2022 14:04:13 GMT
etag: "644fb010b3e0bb70f0b9eef1078ea2d9"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
X-Firefox-Spdy: h2
cloud.blacksebo.de/index.php/apps/theming/image/logo?useSvg=1&v=25
144.202.15.240200 OK 63 kB URL HTTP/2 cloud.blacksebo.de/index.php/apps/theming/image/logo?useSvg=1&v=25
IP 144.202.15.240:0
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (16217)
Hash 58afa937d0819afa37b89c92dfd0c490
bd941158d861698e389bcb90ba99eb45d93a609a
e38f30b103ab1b94769a6eaed1bcb9612ad206c818dbe4e1e7b75f5069782105
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/apps/theming/image/logo?useSvg=1&v=25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: image/svg+xml
content-length: 62698
cache-control: private, max-age=3600, must-revalidate
x-request-id: ZCA2g0RwO8Rr5NYDYxLAtwAAAAU
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';script-src 'self';style-src 'self' 'unsafe-inline';img-src 'self' data: blob:;font-src 'self' data:;connect-src 'self';media-src 'self';frame-src data: 'self';child-src 'self';frame-ancestors 'self';form-action 'self'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
content-disposition: attachment; filename="logo"
pragma: private
expires: Sun, 26 Mar 2023 13:11:47 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
last-modified: Thu, 19 Dec 2019 01:11:56 GMT
etag: "4e227993d59a734684449281e60deaf1"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5768
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 12:11:48 GMT
Connection: keep-alive
cloud.blacksebo.de/dist/core-common.js?v=5cf32ef3-25
144.202.15.240200 OK 1.4 MB URL HTTP/2 cloud.blacksebo.de/dist/core-common.js?v=5cf32ef3-25
IP 144.202.15.240:0
File type Unicode text, UTF-8 text, with very long lines (65435)
Size 1.4 MB (1384616 bytes)
Hash 4dc23bbb6e897d10ecf951d4f11eb31c
2189f4d92defc67a32d1f56eac7885877b0197ca
e2f67b37732848241e2ff21f2f6045c756c44264072c76b0948db9994ec38380
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/core-common.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b32113-8a8456"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5768
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 12:11:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5768
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 12:11:48 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5768
Expires: Sun, 26 Mar 2023 13:47:56 GMT
Date: Sun, 26 Mar 2023 12:11:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
34.120.237.76200 OK 3.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1ec08d4bd079a92161fc80f41281b5a9
bf61369962342cce85de8f48942b4b150fd2721e
8a8ed12c31d89d71c3cb88f0813ded83939529206461e917dcb0b8bc11abdda4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3fb4d16c-eef2-49cc-ac24-b125a7d6d9e0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3589
x-amzn-requestid: 9c09af43-79e8-4734-b28b-4194e0bb1e4e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1uyE2joAMF50g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6991-7607d33f6301182b591c56e8;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:21 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: pjRA439kqSg5daR_Zuvsf2l45R4oqv3AMWNiMCGQ_C5o2KA8kEd3TQ==
via: 1.1 46673955829b59a6da0ab071e0b7fbea.cloudfront.net (CloudFront), 1.1 27a84054de24e45f952ea4056a821764.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:21 GMT
etag: "bf61369962342cce85de8f48942b4b150fd2721e"
content-type: image/jpeg
age: 52467
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e19767dbe464134f0ab81b0eadb98fa
007758853c1d1605db69131eb50ff433a4da5f8c
63f1f08cd038e7b6d3316bbdc59a598b01c3bedd1ef04ba1986152e239fa128c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc872b459-32b1-4ecb-a595-95cee4c53ca4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12991
x-amzn-requestid: 16bc16bf-b87e-4ed7-a559-3e900595928e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1smH_kIAMF5oA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-21e7ce61788315866c752f28;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: MOu16Tzq-SiBg8abwfGrqkmSgxnr_WMJO0wSoVcNfIW-xgIPC1MWYQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "007758853c1d1605db69131eb50ff433a4da5f8c"
content-type: image/jpeg
age: 52481
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c831201ad81f55c63c1b101ce854a810
0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5
c854489720d2ca4a95eef00addda0fcdaf481402d044df7725282654a97eb54a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F00ac1765-db6c-42e3-99bf-d857d27a34b9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5556
x-amzn-requestid: 6b050645-14aa-47f7-b4a5-2e27abbe5115
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CM69eHE3IAMF0Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641b71ef-6ab2948e2bf2578f29798372;Sampled=0
x-amzn-remapped-date: Wed, 22 Mar 2023 21:23:59 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: CgU9j02Bnw0UdIwQ3sRCDvJoPitHIAUTRDhLH_PMXYlAPoAwSbv6Iw==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 4d8620b80ebe37d366388e117039aa8e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 26 Mar 2023 05:35:57 GMT
age: 23751
etag: "0e9b952f6489f0a5f4862d3bea2fbe0ecdd379e5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
34.120.237.76200 OK 3.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 10516a123390334c320d8773ea821dc9
2fc3d5240bebf7f3bd842cc6492529751340cd50
1c37df0c0a20975f417624558d414b2d983cb94e1ad3ba1f3925b4dfdb380cba
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe0a145a-86f7-4b1e-b358-642fa12ca205.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3448
x-amzn-requestid: 3e8be4b7-166b-4f0b-9d45-ec9d65900fd2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1soGkMIAMF1SQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6983-7bbb03ed537b36ac30a1eb69;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:37:07 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: jXhFg-xyl5QYNjV6NJumkmm-IUOEqiN3_evPa2LFN4UBDuhx6OWjKg==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 b838ef1ff22a4a994af82d5178c30e1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:37:07 GMT
etag: "2fc3d5240bebf7f3bd842cc6492529751340cd50"
content-type: image/jpeg
age: 52481
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 213ded5820ff11a18bf9c374d5ea86ca
c3b4003e8f2b394ed8ad5e2d33fb04d6458a64c2
d9bbe5babe57b151d133b65eed68acc69ca294df77b22f04857a15a67dd50efa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0c1b9b23-a69e-4b1e-84d5-d7f840d9e026.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10327
x-amzn-requestid: 6b71b02f-f694-4dc5-a49d-8246a4ba0e95
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW2BmGzBIAMF6AA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f6a09-028b3d525ba3abe42b19ff0d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:39:22 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: YHtixWCOatdxyX9UupsWdbdDLqDysgN1WnnPirI7Rw5sE_uRtYR4CQ==
via: 1.1 4b800f7fa2c3fbb9f4f3c505b0df315e.cloudfront.net (CloudFront), 1.1 2e20768704c71ff3ce2e677251d27f3c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 22:09:51 GMT
age: 50517
etag: "c3b4003e8f2b394ed8ad5e2d33fb04d6458a64c2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cloud.blacksebo.de/index.php/core/js/oc.js?v=5cf32ef3
144.202.15.240200 OK 64 kB URL HTTP/2 cloud.blacksebo.de/index.php/core/js/oc.js?v=5cf32ef3
IP 144.202.15.240:0
File type ASCII text, with very long lines (1555)
Hash 12b5413b923e85c5e13ecd3142434a15
bd1c485339dd3cd2f1fe6b7b589fc0f4be49a809
6aa451d8972046ae7639a84017481b58b420b7c622d3556ec705f10d4a94f015
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/core/js/oc.js?v=5cf32ef3 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: text/javascript;charset=UTF-8
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: no-cache, no-store, must-revalidate
x-request-id: ZCA2g4QbqKMH5yfyaA7LuwAAAAg
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
content-disposition: inline; filename=""
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30183c6c59b8fc603d77773182f50202
8942515b5abe11d1a81b19dcde4b525aa1d26671
d218a7991efd84f78d4ed1925ca943788de99f5b5558440593d648f2965ecfaa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe04ca104-da87-4364-a700-7fc01e351308.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5408
x-amzn-requestid: 15377820-5f38-46a5-aa36-321322cef223
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CW1hLEFVoAMF7wg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641f693a-1329e52e5c1c6ba738a79b2d;Sampled=0
x-amzn-remapped-date: Sat, 25 Mar 2023 21:35:54 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: W7PHCc0jq1nFR55Hd8nBaUqlbnBzmOEYwLNc6p5FXDuBCo8msyq-iQ==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 b48dedcc55e63f14261aa92cf2d61522.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:50:16 GMT
etag: "8942515b5abe11d1a81b19dcde4b525aa1d26671"
content-type: image/jpeg
age: 51692
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cloud.blacksebo.de/core/css/guest.css?v=5cf32ef3-25
144.202.15.240200 OK 605 kB URL HTTP/2 cloud.blacksebo.de/core/css/guest.css?v=5cf32ef3-25
IP 144.202.15.240:0
File type ASCII text, with very long lines (455)
Size 605 kB (605433 bytes)
Hash d2692528131087183b1b50f2845ab830
c302f3e9ae757b84f950b3a1db9b453883abb6c2
ec85297b8ff3190e85ca79bcee120c7cafb2ca0e5b9e6da9e80f31ae258b92ba
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /core/css/guest.css?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: text/css
last-modified: Wed, 22 Jun 2022 14:02:18 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b320ea-546c"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/core-main.js?v=5cf32ef3-25
144.202.15.240200 OK 512 kB URL HTTP/2 cloud.blacksebo.de/dist/core-main.js?v=5cf32ef3-25
IP 144.202.15.240:0
File type Unicode text, UTF-8 text, with very long lines (65459)
Size 512 kB (512492 bytes)
Hash b7e853cb6865d6e5b8a010f966f561b0
3db0b1a011fc1237b006837fbacc19d9abd552bb
4c2bd49de6143fe79506c57cfa87efc79e717f6d956c1695847f4a5d05996f65
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/core-main.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b32113-219cb"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/index.php/apps/theming/icon?v=25
144.202.15.240200 OK 29 kB URL HTTP/2 cloud.blacksebo.de/index.php/apps/theming/icon?v=25
IP 144.202.15.240:0
File type PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Hash 12d44c0d720ff7f38830a7e485ed9a57
48a09750314c56fc303d23683c0782a8adeea9ae
a164f563b308dcb5f5473ae5d2e18f78940b95b29ccd6c2ced7bcfcfed104c66
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/apps/theming/icon?v=25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:49 GMT
content-type: image/png
content-length: 29017
cache-control: private, max-age=86400, must-revalidate
x-request-id: ZCA2hQcuMu4OzmXYJ8d-wgAAAAk
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
content-disposition: inline; filename="touchIcon-core"
pragma: private
expires: Mon, 27 Mar 2023 12:11:49 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
last-modified: Mon, 10 Oct 2022 22:39:11 GMT
etag: "31548afa8c6f9edd57a9327e9aa0de38"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
X-Firefox-Spdy: h2
cloud.blacksebo.de/core/img/loading-dark.gif
144.202.15.240200 OK 4.7 kB URL HTTP/2 cloud.blacksebo.de/core/img/loading-dark.gif
IP 144.202.15.240:0
File type GIF image data, version 89a, 32 x 32\012- data
Hash 7446c22d8ed8b7b4641adc5dc30f39d2
1ccb798de57db7a5d8996c3eac5ffc3c6b0c5147
93b795ec06aebf7141dbfb46cf6fa51fb964d2a5c0646303eb135b38d007a0a9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /core/img/loading-dark.gif HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:49 GMT
content-type: image/gif
content-length: 4683
last-modified: Wed, 22 Jun 2022 14:02:17 GMT
cache-control: max-age=15778463, immutable
etag: "62b320e9-124b"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
accept-ranges: bytes
X-Firefox-Spdy: h2
cloud.blacksebo.de/core/img/actions/toggle.svg
144.202.15.240200 OK 308 B URL HTTP/2 cloud.blacksebo.de/core/img/actions/toggle.svg
IP 144.202.15.240:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (307)
Hash d4dfeb8d8847da5d714a6a1c537a70e4
23e8f1d322347c4a0f690f005c4efb14accbf888
f93b7b94742bc8efa1b9c5bceae34be32a053af36727972ed3f7cd0fecb339b5
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /core/img/actions/toggle.svg HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:49 GMT
content-type: image/svg+xml
content-length: 308
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:18 GMT
etag: "134-5e209c8fb955c"
accept-ranges: bytes
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
cloud.blacksebo.de/core/img/actions/confirm-white.svg?v=2
144.202.15.240200 OK 405 B URL HTTP/2 cloud.blacksebo.de/core/img/actions/confirm-white.svg?v=2
IP 144.202.15.240:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (404)
Hash e06eff833cd2ee48a2f293b6f832e744
e3dbc308964e6bd10e0c8bd3e835436092a6cbcc
b8219e8f0ef3404d35b41a25f4c090df62e95a12cbc5f6452edc89ac3d3fed80
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /core/img/actions/confirm-white.svg?v=2 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cloud.blacksebo.de/core/css/guest.css?v=5cf32ef3-25
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:49 GMT
content-type: image/svg+xml
content-length: 405
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:18 GMT
etag: "195-5e209c8fc7fbc"
accept-ranges: bytes
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: sDPb8MmkvC7gaHfKppk2TcoQcV17zuGzrryo6s10PczAg9NUbtEDEA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 331202b5b8aab67acbf389883133f256.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 21:57:15 GMT
age: 51280
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/core-files_fileinfo.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/dist/core-files_fileinfo.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/core-files_fileinfo.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
etag: W/"2eb-5e209cb72a117"
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/core-files_client.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/dist/core-files_client.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/core-files_client.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b32113-2f59"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/core-login.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/dist/core-login.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/core-login.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b32113-1c910"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/accessibility-accessibilityoca.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/dist/accessibility-accessibilityoca.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/accessibility-accessibilityoca.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b32113-9c2"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/apps/theming/js/theming.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/apps/theming/js/theming.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /apps/theming/js/theming.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:41 GMT
etag: W/"3c-5e209ca607538"
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/index.php/apps/theming/styles?v=25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/index.php/apps/theming/styles?v=25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /index.php/apps/theming/styles?v=25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: text/css;charset=UTF-8
cache-control: private, max-age=86400, must-revalidate
x-request-id: ZCA2g7GLZYHNfVab2nmZkAAAAAY
content-security-policy: default-src 'none';base-uri 'none';manifest-src 'self';frame-ancestors 'none'
feature-policy: autoplay 'none';camera 'none';fullscreen 'none';geolocation 'none';microphone 'none';payment 'none'
x-robots-tag: none
content-disposition: inline; filename="d71e-014c-theming.css"
pragma: private
expires: Mon, 27 Mar 2023 12:11:47 +0000
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
last-modified: Fri, 07 Oct 2022 04:22:53 GMT
etag: W/"c699c66f94047ab82cabd790c4f65353"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PHP/8.1.17, PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/dist/files_sharing-main.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/dist/files_sharing-main.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /dist/files_sharing-main.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:59 GMT
etag: W/"173-5e209cb746638"
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/apps/files_rightclick/js/files.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/apps/files_rightclick/js/files.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /apps/files_rightclick/js/files.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:37 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b320fd-12a5"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/apps/files_rightclick/js/script.js?v=5cf32ef3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/apps/files_rightclick/js/script.js?v=5cf32ef3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /apps/files_rightclick/js/script.js?v=5cf32ef3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: application/javascript
last-modified: Wed, 22 Jun 2022 14:02:37 GMT
cache-control: max-age=15778463, immutable
etag: W/"62b320fd-3a17"
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2
cloud.blacksebo.de/apps/files_rightclick/css/app.css?v=198068b3-25
144.202.15.240200 OK 0 B URL HTTP/2 cloud.blacksebo.de/apps/files_rightclick/css/app.css?v=198068b3-25
IP 144.202.15.240:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /apps/files_rightclick/css/app.css?v=198068b3-25 HTTP/1.1
Host: cloud.blacksebo.de
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: oc_sessionPassphrase=1TkSDwg1fdVdZDtnAnGKmtl%2BljkIaI7zw7TsqT6uHT96o4RLy7nQV3FryeJoigiZLXjvl0qaqSLe0kvjcZZ9bHq1eQSSFLtXr4xhGiQ8mEWz81nai4rh6ONEjCv2wTBa; oclmr2rlbn6w=uaknm3pf9mla54plilj7ahvvs3; __Host-nc_sameSiteCookielax=true; __Host-nc_sameSiteCookiestrict=true
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 26 Mar 2023 12:11:47 GMT
content-type: text/css
referrer-policy: no-referrer
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-robots-tag: none
x-xss-protection: 1; mode=block
x-accel-version: 0.01
last-modified: Wed, 22 Jun 2022 14:02:37 GMT
etag: W/"19c-5e209ca24e323"
cache-control: max-age=15778463, immutable
strict-transport-security: max-age=15768000; includeSubDomains
x-powered-by: PleskLin
content-encoding: br
X-Firefox-Spdy: h2