r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e6b7a72139d0ef7688330456e9be9a4c
e130a94e7d531768300071764dd1e81fee5bbbcb
d3818afd1493030105341b4cfb91037acbf27085c96068b3ef91c5071277c8e5
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3818AFD1493030105341B4CFB91037ACBF27085C96068B3EF91C5071277C8E5"
Last-Modified: Mon, 09 Jan 2023 19:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4105
Expires: Wed, 11 Jan 2023 03:00:58 GMT
Date: Wed, 11 Jan 2023 01:52:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash eecebe0566883e33558e8e67beaccb29
acdd8fd09e2066ed5ecfbc3f11c4a2d61218ecc7
65e21170242bf41eb529fa422385dbe5af65a61e374e6dd5669e7e5f927948af
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65E21170242BF41EB529FA422385DBE5AF65A61E374E6DD5669E7E5F927948AF"
Last-Modified: Mon, 09 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7259
Expires: Wed, 11 Jan 2023 03:53:32 GMT
Date: Wed, 11 Jan 2023 01:52:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 718fc486cd6a70fcacc1653759703fae
bf60ba7a37d2deef1b7000e91cc88da586bb75ca
398d02e16da466ffe87b64ac34b007615951cca14d43610b4acd58bc2a5fadff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "398D02E16DA466FFE87B64AC34B007615951CCA14D43610B4ACD58BC2A5FADFF"
Last-Modified: Tue, 10 Jan 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4697
Expires: Wed, 11 Jan 2023 03:10:50 GMT
Date: Wed, 11 Jan 2023 01:52:33 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Retry-After, Content-Type, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 11 Jan 2023 01:41:44 GMT
content-type: application/json
age: 649
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 6hK6j9Rtci158Mq4XDflLeVQsbK8FaOOC6l3+LJzd1W5Rt4lAe2suwjbo5+UNFJ8McYR4MAS1iK9Tsb+xL9E0Q==
x-amz-request-id: 7AWSC37YTGXRN4F8
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 11 Jan 2023 01:16:51 GMT
age: 2142
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
reynoldsroost.com/
35.170.133.47301 Moved Permanently 234 B IP 35.170.133.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash edd955feeda020745f6755b59fcd6895
d332d55e163559885ea42bf312bbf0b7ac02eb04
34f6e361afa7772c2fc79fd830afe5302ce48f99edc4a0112fc82e595d39df31
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Wed, 11 Jan 2023 01:52:33 GMT
Server: Apache
Location: https://reynoldsroost.com/
Content-Length: 234
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 11 Jan 2023 01:52:33 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Pragma, Content-Length, Alert, Expires, ETag, Last-Modified, Backoff, Content-Type, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 11 Jan 2023 01:33:45 GMT
age: 1129
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash a831a999b5e598b4e9f4e31e8054ca7c
9971a4a806f48777ae6d9525085d16d0c6314c51
cdffa8dd48e75baa98670f82dfac2b3948667ca32dd93f469d2cd49d3a58581c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2857
Cache-Control: max-age=115313
Content-Type: application/ocsp-response
Date: Wed, 11 Jan 2023 01:52:34 GMT
Etag: "63bd2aaa-1d7"
Expires: Thu, 12 Jan 2023 09:54:27 GMT
Last-Modified: Tue, 10 Jan 2023 09:06:50 GMT
Server: ECS (ska/F709)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
54.148.84.125101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.148.84.125:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: uCERyK3Fd9rNbiifi8w0IA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: qtNKMkl7MnG7Zb4W7MkP6Pv3zyE=
reynoldsroost.com/
35.170.133.47200 OK 14 kB IP 35.170.133.47:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (830), with CRLF, LF line terminators
Hash 687ca98686054aa5b4697e2c56a7b221
ed849141e41dcabee834215f98bda9e4a34e9868
6c8d647c8993da10b15abe1c8d1911967af9071ea8758f89fb4c336a3672ecf2
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET / HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:34 GMT
Server: Apache
X-Powered-By: PHP/5.3.29
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Set-Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3; path=/
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html;charset=ISO-8859-1
reynoldsroost.com/js/net.js
35.170.133.47200 OK 3.3 kB URL HTTP/1.1 reynoldsroost.com/js/net.js
IP 35.170.133.47:0
File type ASCII text, with very long lines (355), with CRLF line terminators
Hash 90d087486321962570ff4c5ed7d02d5c
219f5c95c53d8cd26406cc826479f3ab631221e5
25b80618febd5db2f9702a36f92358dc9db7a9039aea2c4e5e0e99ffcfbdca84
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/net.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:34 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 3307
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/templates/template8/css/mytngstyle.css?v810
35.170.133.47200 OK 178 B URL HTTP/1.1 reynoldsroost.com/templates/template8/css/mytngstyle.css?v810
IP 35.170.133.47:0
File type ASCII text, with CRLF line terminators
Hash e6cdb6bf2d24c905eeb79c09b913db5f
3e3c9492674b29d2ee923cb65ef3bd206188bc81
f000af6bf40afa6f86d49b986492a11a465eb63ca35adf5a9e0ec31e30d358ef
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/css/mytngstyle.css?v810 HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 178
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reynoldsroost.com/templates/template8/css/templatestyle.css?v810
35.170.133.47200 OK 10 kB URL HTTP/1.1 reynoldsroost.com/templates/template8/css/templatestyle.css?v810
IP 35.170.133.47:0
File type assembler source, ASCII text, with CRLF line terminators
Hash 40a4a1dc09801fe4ef7b6dad31b6364a
46ee393e99396ebaf9054927ff66271399f36341
0c57f5114b8b5358fd648b528c6b8a596b2f3e5d80c6a137245c391c53a7bd0f
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/css/templatestyle.css?v810 HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 10021
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reynoldsroost.com/js/litbox.js
35.170.133.47200 OK 10 kB URL HTTP/1.1 reynoldsroost.com/js/litbox.js
IP 35.170.133.47:0
File type ASCII text, with CRLF line terminators
Hash 72b3ae454276b664cf01f9c5f35f244d
53779fefad6353677d617fda80d948fc5bb3f32d
1aad2e8d4dcba7ae2805844ec7eda95e1a7702a0f25832f8ebbe147549aca198
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/litbox.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 10478
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/css/genstyle.css?v810
35.170.133.47200 OK 19 kB URL HTTP/1.1 reynoldsroost.com/css/genstyle.css?v810
IP 35.170.133.47:0
File type ASCII text, with CRLF line terminators
Hash 339bc61f5cab534f7ade55a0ab45aa70
206b6ac1eb212be2165444087ad8e43e107ca1df
d95484971ea244c1cfd1368af383a4ccee19352f5f82a9fc050faaab87936a37
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /css/genstyle.css?v810 HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 19428
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
reynoldsroost.com/js/scriptaculous.js
35.170.133.47200 OK 3.0 kB URL HTTP/1.1 reynoldsroost.com/js/scriptaculous.js
IP 35.170.133.47:0
File type HTML document, ASCII text, with CRLF line terminators
Hash 344d0cf449396444f8051d9ef346a384
570280c4007fa4d0f676d040cea6918c31679e1a
b0ac4d09d41c61b081e336cf1b38f21cd2775873e41c6a269dc9fb1f21e38367
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/scriptaculous.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 2968
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/js/prototype.js
35.170.133.47200 OK 169 kB URL HTTP/1.1 reynoldsroost.com/js/prototype.js
IP 35.170.133.47:0
File type ASCII text, with CRLF, CR line terminators
Size 169 kB (169395 bytes)
Hash 2325b8b147c5dfaa8531c9d8bafd3648
32f21d93cc6cf7d5d20f825b1bde76d36889829c
16d17457661ee3afcbb58e49b76a376babade1530b746c2801e249d5a50f65b7
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/prototype.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 169395
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/templates/template8/img/ArrowDown.gif
35.170.133.47200 OK 63 B URL HTTP/1.1 reynoldsroost.com/templates/template8/img/ArrowDown.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 25 x 8\012- data
Hash b2d246a398a225fe8220f0e516472037
95f329d466fd9c5efd47aba753cfbac2e1646715
77adaac7a462688d1c6a805176c62c1da5b720bcc26c5f6b9159c9efe1c8b649
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/ArrowDown.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 63
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_contact.gif
35.170.133.47200 OK 434 B URL HTTP/1.1 reynoldsroost.com/img/tng_contact.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 3eb992d186c6e785c0f7cfeb7a332823
f66fdcc4c669cbde314b3ad43cd79733d463a160
b6d7941878a6fa9bb21dc4d43aeb7107f94abd915869631a45cc6a5a46c78e98
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_contact.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 434
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_place.gif
35.170.133.47200 OK 450 B URL HTTP/1.1 reynoldsroost.com/img/tng_place.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 2f5112f7faf73ccb060e4052a8f9905b
6f1701794dd78339a06a0a75e24764ba2cab6500
7d34a1be685793594fd3a271a2dbe9d303ec62578d8d38c7743797891cdf2135
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_place.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 450
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Wed, 11 Jan 2023 04:58:10 GMT
Date: Wed, 11 Jan 2023 01:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Wed, 11 Jan 2023 04:58:10 GMT
Date: Wed, 11 Jan 2023 01:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Wed, 11 Jan 2023 04:58:10 GMT
Date: Wed, 11 Jan 2023 01:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Wed, 11 Jan 2023 04:58:10 GMT
Date: Wed, 11 Jan 2023 01:52:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 385fbe651dc747111b979f40f9583702
a69fa58ffc6e2b15222f17ad6345b2bec9d75106
c82b794c471d79568f5eee05529ceddbefc383ac0d035578da7bc3866062e5cc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C82B794C471D79568F5EEE05529CEDDBEFC383AC0D035578DA7BC3866062E5CC"
Last-Modified: Tue, 10 Jan 2023 01:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11135
Expires: Wed, 11 Jan 2023 04:58:10 GMT
Date: Wed, 11 Jan 2023 01:52:35 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd94a5360-2ddf-4088-a880-212e75db1287.jpeg
34.120.237.76200 OK 7.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd94a5360-2ddf-4088-a880-212e75db1287.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aad80e2c0386d7c7d88ac85b00d2e50f
291629800087b85000b89165892b05fd7babd8b3
bac555de181f5181e01bccf20691916725baae448130a1de3c8da908f60a727f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd94a5360-2ddf-4088-a880-212e75db1287.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7602
x-amzn-requestid: 10f2172b-1c93-4525-bdc7-23cb66d878dd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eS1mOHeuoAMFfpQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7695a-385d20e03946bf41036d6378;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 00:20:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Eoz-ra19uQNrO5CyWYbe_ASmTkgYmSxE3RoSmWSEmQ-KpvpyQlIYbw==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 ee8246c5442dace7525c74f6a799bb46.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:56:36 GMT
age: 14159
etag: "291629800087b85000b89165892b05fd7babd8b3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 739d7b6363767151f0dfda26339c03cb
5f1c3e27d48f83326202e300331825537cc84189
8d460467f4c61ecd4b44d910afa13688e9bd2f36762f79ad3cdd025eede65f8a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb6836f9-47c0-4072-8841-9838455af78e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12862
x-amzn-requestid: a947df07-a29c-4e5e-98ec-724b6a1a439d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecM0gFZ2IAMF-yQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb281c-00ccdc2017f0288f2037c971;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 20:31:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: e4o8U4sRwSYjR5JCvxCnupuhVJk7N0KYSd2jBKjsDhzGovgfRtiKxg==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 82ea95080f526df99896343fb7269b06.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 13:21:28 GMT
age: 45067
etag: "5f1c3e27d48f83326202e300331825537cc84189"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reynoldsroost.com/img/tng_names.gif
35.170.133.47200 OK 721 B URL HTTP/1.1 reynoldsroost.com/img/tng_names.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash e960d8715c36ceffc383a0621adc209d
1dc5d52e3f5a87577ded00ffb5c4d11d4e9f6fb2
f3fdc0b24b9d0b7f18de03fd65aadd0baf1d3c59e499c15647d9eb8248d62be2
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_names.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 721
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg
34.120.237.76200 OK 7.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3d51c94181cae0f64af5a64d0a154598
e540e8d54f425408d38a4ad69144ec87041a440c
4577272b9ef8c0d2c431d84dd241fe174ab986900f9c78075e8938e15eaff731
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F94fd75b6-8b38-4585-a6d9-7fe9c9b69e86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7412
x-amzn-requestid: 1794e3d3-4c51-4745-bfdd-330ffdb2ac6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eTxflFI3oAMFx6g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b7c930-2060926968f809af6f667c72;Sampled=0
x-amzn-remapped-date: Fri, 06 Jan 2023 07:09:36 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9M5rXjdoNUWCaFosOrE1d_yJCddzaVFnOrB4Upe3Nv4q5iaDK57Bgg==
via: 1.1 f313d3df80c4dab8f5399614116801cc.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 13:35:31 GMT
age: 44224
etag: "e540e8d54f425408d38a4ad69144ec87041a440c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg
34.120.237.76200 OK 9.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 17494b6e52ac7108f3ff324860bab717
9d71a025633cfaa02dcf9455603fd806f94be0b1
8214ab7d2f6ffaefa6539aced6c93782354ab15f92933b987d3aab8f3afd3bd6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb8726105-cc11-4ded-a83e-841fadde759e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9860
x-amzn-requestid: d6287efc-acd0-44b1-a7f9-42e1b8d3b78a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecfAoFnvoAMFnpA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb4537-1c74dde5429011e07f63c78e;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 22:35:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TZihK6hSHxfsOoVJ5fW-1u938ymcZg-EeglTU_CD2H6lTVTWiT1Yhg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:46:17 GMT
age: 14778
etag: "9d71a025633cfaa02dcf9455603fd806f94be0b1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
34.120.237.76200 OK 4.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1d11194f94b91e55e976fc5d704afa55
eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b
66b01e33e1bc18d18e187632738f8ff49ef58a2d054367173c0570b7caa76260
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15770463-febf-46fb-8a4d-1a4f297b5a7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4116
x-amzn-requestid: 64c7b71c-74a5-4304-bab5-305de0e4c9d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eON3PHCaoAMF_Zg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b5902e-72ada40c0419baa7763c2441;Sampled=0
x-amzn-remapped-date: Wed, 04 Jan 2023 14:41:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xK0zI6cR7oOQo6KPbyiHf9yOctB1VroNIEW0sF5Ji-OADq4ppGWpgQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 04:07:37 GMT
age: 78298
etag: "eb6c7b73b80d2d41e6e4801a0b671e2a5c1cdf5b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg
34.120.237.76200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 74eafe3bfabac6843100686971153898
e9df2e14485c412107d742d4baab53aa36cd8ca4
46fcfba703552a587888b3c6e6a1deb01930e347192d05d95a5a5f46e9d0fea1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1180e9be-6c31-4bd3-86f4-ac36cdd4e746.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9301
x-amzn-requestid: 7f43eb13-8bca-4b2b-a6a4-325c6161608e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ei73_GVVIAMFn5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bdd9cc-3f5d8e784f0d806b6416138f;Sampled=0
x-amzn-remapped-date: Tue, 10 Jan 2023 21:34:04 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Hm1d-3H7jqfp6ylCahEmI84jBVpJyIpJTw2rlDx0N1TaagFryNmpXg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 64f86ae1c24221f3a2e4d653d6dbc416.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 21:43:48 GMT
etag: "e9df2e14485c412107d742d4baab53aa36cd8ca4"
content-type: image/jpeg
age: 14927
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
reynoldsroost.com/img/tng_bmk.gif
35.170.133.47200 OK 705 B URL HTTP/1.1 reynoldsroost.com/img/tng_bmk.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 338dd55ad17942bd47253cfc561413b2
bc91ce51272b427ecce2e407c5e41b972092544c
7cb2d6cf05b798a5e208e462d73ac779af4200e6a0f889049923195fae7cebc7
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_bmk.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 705
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/photos/dongranny.jpg
35.170.133.47200 OK 128 kB URL HTTP/1.1 reynoldsroost.com/photos/dongranny.jpg
IP 35.170.133.47:0
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 300x300, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CS4 Windows, datetime=2011:11:06 14:12:55], progressive, precision 8, 1066x1500, components 3\012- data
Size 128 kB (128495 bytes)
Hash fd55424e4ee24b52d365eb3153a54897
b2a50d0d46471e46628902c40ca66bb648534113
68640f5f12af3f050f0a991727465df767f118117afed901ec4f0402cdb0b29c
Analyzer Verdict Alert quad9 Sinkholed
GET /photos/dongranny.jpg HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Sun, 06 Nov 2011 20:10:38 GMT
Accept-Ranges: bytes
Content-Length: 128495
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
reynoldsroost.com/js/dragdrop.js
35.170.133.47200 OK 32 kB URL HTTP/1.1 reynoldsroost.com/js/dragdrop.js
IP 35.170.133.47:0
File type ASCII text, with CRLF line terminators
Hash 60235b23bc0829865edf169231cc7b78
e02e58d07c080cc1fffe52e04dec723c626df75b
b4f0f1d95262d5f6fdde05bbafbecc8b8c3f6be8c365edbcadb8478bdaea2b7c
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/dragdrop.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 32039
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/js/effects.js
35.170.133.47200 OK 40 kB URL HTTP/1.1 reynoldsroost.com/js/effects.js
IP 35.170.133.47:0
File type ASCII text, with CRLF line terminators
Hash 4ba8f8ac58473f8b6958f78ba2b7c6cb
2099699245cc5ef2d69fa9d7161f901ab69b16e6
88b7b368c3bb787e5602f71e75aeb9d8325d4899eb5632e595e024a2a2c35f4b
Analyzer Verdict Alert fortinet Phishing
quad9 Sinkholed
GET /js/effects.js HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:35 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 39593
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
reynoldsroost.com/img/tng_note.gif
35.170.133.47200 OK 730 B URL HTTP/1.1 reynoldsroost.com/img/tng_note.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash f8d49945ae7baba6caa91d400fe8bd32
35808a8ab2377f0e5b03193c4cd767253d6c0efe
394064ea3b5a445a8fdfe92f52e49ea2b6f23f4574617fd3a48efe3924e3691c
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_note.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 730
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_hs.gif
35.170.133.47200 OK 468 B URL HTTP/1.1 reynoldsroost.com/img/tng_hs.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash b7fcbeb125ba112a28229d548e67aa11
95e3edc9de59b8409813052308404e0e54832392
3ea9c4287a69806508e6b8f8db4fe6f95211f49185e9f0dbeb8f7b5b928dc5f9
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_hs.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 468
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_date.gif
35.170.133.47200 OK 442 B URL HTTP/1.1 reynoldsroost.com/img/tng_date.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash f393cb3ec383d55dc3e0838b90df8757
6fc1810d860d945fcb8a23f7511232cc9e84fd20
79f63a6a75faf609b98e872d2a068d687cd22ae6c89027a2be2d73d1183dd6df
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_date.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 442
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_families.gif
35.170.133.47200 OK 739 B URL HTTP/1.1 reynoldsroost.com/img/tng_families.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash d3e10a7e7f36b7fb12c00b956039dc97
eda47460c2fba22b3d32ffe49960da0eae39665c
197ea1f074969309146158e37fd0c82175a8b85e87e254d3121911d493d5dbd4
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_families.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 739
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_src.gif
35.170.133.47200 OK 454 B URL HTTP/1.1 reynoldsroost.com/img/tng_src.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 2ed5246a1044ce9fd04b130185acccc2
cb385b11f03c077f53b31ba3e45102398a00645a
e3ac205887b8b5d265fa253338dca283a27af1113e1c0cf275201997ee4775be
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_src.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 454
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_stats.gif
35.170.133.47200 OK 449 B URL HTTP/1.1 reynoldsroost.com/img/tng_stats.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash fd1eec99c3b71b9775b43a962e65d59e
2c55d6ba289fa073115ec4cf232256126340a8e4
7f798d07beb4a5a65379c477df8e29326f80cbbaa33ac001b745c06cd454ddde
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_stats.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 449
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/templates/template8/img/border.gif
35.170.133.47200 OK 2.8 kB URL HTTP/1.1 reynoldsroost.com/templates/template8/img/border.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 9 x 439\012- data
Hash f3f46622e75a58e338278d9ed1447cb6
09d256f9fb06caf4696ba6dc2528ac4a260909d5
f7cb2f4811ad6069f72b8f2d897b06f4b39180a66ded94172cb9d8f8529ff2ac
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/border.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/templates/template8/css/templatestyle.css?v810
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 2764
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/templates/template8/img/titletop.jpg
35.170.133.47200 OK 7.9 kB URL HTTP/1.1 reynoldsroost.com/templates/template8/img/titletop.jpg
IP 35.170.133.47:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 778x73, components 3\012- data
Hash deb7b62a21d8446899f6eb19393b7030
b2a0d9ad44c5c2ecedaa5f987a19b657865a3177
2773c3e417d3105086f72576f0fe1eeab9d7da5d05c874fe89f41bcce64cc18d
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/titletop.jpg HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/templates/template8/css/templatestyle.css?v810
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 7906
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
reynoldsroost.com/templates/template8/img/header_bg_short.gif
35.170.133.47200 OK 64 B URL HTTP/1.1 reynoldsroost.com/templates/template8/img/header_bg_short.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 4 x 46\012- data
Hash 0827982d6cc95a2e5d52b7a671a294d4
a282679e9b2302601d891505d0e66b87472387cd
8d2696586376fbfec89a8a6af220d3f5f97199110df2c5db7828b07e555746cf
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/header_bg_short.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/templates/template8/css/templatestyle.css?v810
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 64
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/templates/template8/img/searchbutton.gif
35.170.133.47200 OK 14 kB URL HTTP/1.1 reynoldsroost.com/templates/template8/img/searchbutton.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 25 x 24\012- data
Hash a3e8f6308ea3dedbf020b126245fc656
b0e7bd2d50af241447327a70dbf291f805c91812
243903c0e04958afef82cac2fd55b3fe7b5d410d80f23bf906d723d69d8364ea
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/searchbutton.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 14271
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_search2.gif
35.170.133.47200 OK 701 B URL HTTP/1.1 reynoldsroost.com/img/tng_search2.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 3f85c906423953f34097a23d7c167024
563312c13fd32bb08a61fdc138122515d874def7
7e1d43e8ba30d5e10298e27799c5991e782c5c5024d022d118440a2935d06112
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_search2.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 701
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_photo.gif
35.170.133.47200 OK 451 B URL HTTP/1.1 reynoldsroost.com/img/tng_photo.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 4dbcd76f976e4ee49f403776ae2ba383
58885a22ea8afdbf67b74a76389f57a2c6e5db49
7540c35cf8c3ba5152aefe05bc3b6c9d9101e2b2b29b5fccecd5f2c594bdab41
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_photo.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 451
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/templates/template8/img/bg.gif
35.170.133.47200 OK 15 kB URL HTTP/1.1 reynoldsroost.com/templates/template8/img/bg.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 100 x 100\012- data
Hash 055f388b030d57af55707e1be8e12ffb
140a2370c4a272202a0ae849d67dd81da62c42fd
bee3068e79cd0dcecc96172b01845bbe9a2ac7592183d49b37f6a9ec58659be9
Analyzer Verdict Alert quad9 Sinkholed
GET /templates/template8/img/bg.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/templates/template8/css/templatestyle.css?v810
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:03 GMT
Accept-Ranges: bytes
Content-Length: 14937
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_doc.gif
35.170.133.47200 OK 451 B URL HTTP/1.1 reynoldsroost.com/img/tng_doc.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash b07e8c3ba6a68de83bc5e0a14f931af7
c6149a7076ba4994559d4c46e5bd2376e4ba2459
f2d2032bd34d278225a8e6e36f79f2040ab98f3d0bbd4c1658c13b06a3d284b5
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_doc.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 451
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_hist.gif
35.170.133.47200 OK 707 B URL HTTP/1.1 reynoldsroost.com/img/tng_hist.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 634d012d3959e599035e26b7cfc96d36
144625087252b0a0b04f4873eed93bb2d91c608e
3d7358b1a8a91789e580746c5cc389345ff649b67c3ca4bd9e4d1e9d2d3325a8
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_hist.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:36 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 707
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_rec.gif
35.170.133.47200 OK 458 B URL HTTP/1.1 reynoldsroost.com/img/tng_rec.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 0248ca56d3065171907928f0b0eb3f9c
be5860b4eb5aeb79b37031a2c6bf44f69956d118
1dbf7b0d74719b1b0dd9ce316db1c9317e1702dfc0ec3c6cdcfa57706f2d5ad6
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_rec.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 458
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_album.gif
35.170.133.47200 OK 736 B URL HTTP/1.1 reynoldsroost.com/img/tng_album.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 7450a87a21e8978533bc2590ca3df1a3
82987113fd336eda21c2fba75d0dd7397e7f366a
943fafc906b678a1d6956c7fa248ef99b391cc230c971fecd27aaee4df24f881
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_album.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 736
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_video.gif
35.170.133.47200 OK 452 B URL HTTP/1.1 reynoldsroost.com/img/tng_video.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 1a86b7071f66f12d990b8b28cf0c12ea
4da05376dd32529b074245b19dd0614ab86d873a
65c811e647acaa8374a64612f9a1806022d8d9f313bf3bd46cc09d44b88f01c1
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_video.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 452
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_new.gif
35.170.133.47200 OK 732 B URL HTTP/1.1 reynoldsroost.com/img/tng_new.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 157952cbcea88c928ead2b5cce67cc7b
ec9f82257f3db22f8df5da03ce8c6824f6e55bfe
27fd9e79a7f3e8d5814ab2a39f11b8d977df972b9907dce03892794fcc1b163c
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_new.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 732
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_media.gif
35.170.133.47200 OK 704 B URL HTTP/1.1 reynoldsroost.com/img/tng_media.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash f8e8ae4db70f5947c58094b64d568de8
e47429c440a546178064d0c83cc2ee3558c8103d
0ac0268d2b6d91ba8ca0895cddd902e73fa05fc12ff6e062fc10d3225a178f8e
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_media.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 704
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_mw.gif
35.170.133.47200 OK 442 B URL HTTP/1.1 reynoldsroost.com/img/tng_mw.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 68ae25b5e0c53884d1dca49e4670858e
cba89d2d45deb29a351a3726937d01bbd16df994
523167ca0c5934cc9be4b127b6d06a3b75ab7b53b11a5607a9f90ef23fe752ae
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_mw.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 442
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_rpt.gif
35.170.133.47200 OK 459 B URL HTTP/1.1 reynoldsroost.com/img/tng_rpt.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash a2e0daf1f784e79579c4561568a2a53b
92e275c77b2f93d1a913ef55e5f2c5536889f8b6
3363fa54146a9acc93824f1d6a877cbd5568ccf96599cc312eed149253f945f5
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_rpt.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 459
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/img/tng_repo.gif
35.170.133.47200 OK 701 B URL HTTP/1.1 reynoldsroost.com/img/tng_repo.gif
IP 35.170.133.47:0
File type GIF image data, version 89a, 20 x 20\012- data
Hash 67895f827c8a78c93f09e1f676e683b0
e20294f027b48f1b48211c13f8e8feb2aef64364
ec83feceb8f906c699ec28fc1d51a26461102143e5244d3ac73be4b0ef15b14a
Analyzer Verdict Alert quad9 Sinkholed
GET /img/tng_repo.gif HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 701
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
reynoldsroost.com/favicon.ico
35.170.133.47200 OK 2.2 kB URL HTTP/1.1 reynoldsroost.com/favicon.ico
IP 35.170.133.47:0
File type MS Windows icon resource - 1 icon, 32x32, 8 bits/pixel\012- data
Hash 88f8eff570f750bda2bfc7c8747f4924
b908f3854120debe0d007e382f7a26289f2e6aad
cb9ec1440f2f39215d2cc2f913af87e2d8f05f59b1137b129623ea3148d1399f
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: reynoldsroost.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://reynoldsroost.com/
Cookie: PHPSESSID=dfc1h0j60acnr0oqp9e9n9j9h3
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Wed, 11 Jan 2023 01:52:37 GMT
Server: Apache
Last-Modified: Wed, 26 Oct 2011 13:20:02 GMT
Accept-Ranges: bytes
Content-Length: 2238
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/x-icon
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6517dc-ccae-435f-be23-e98711eb6062.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6517dc-ccae-435f-be23-e98711eb6062.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 45f8fac831914525dcaa19617e3e212c
494878e02f916ef7bf57703062b33328778e1adc
8d51e3567a0cfdb3bbddfd365c7073c9b7a396552c7455787f1c4d386d01646e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c6517dc-ccae-435f-be23-e98711eb6062.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 9120
x-amzn-requestid: 2a627ed6-6dcb-43db-b3f1-9466d191c644
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: edG9MHNaoAMF2Mg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb8521-7ade615a424161503546feaa;Sampled=0
x-amzn-remapped-date: Mon, 09 Jan 2023 03:08:17 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: D-FWDs5EzXqXdW1__ixox_ypnB5ORg34VwQ2sLWYcM0TDpupGDqGUQ==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 12a392bc3a7281f8d5d4591bfadc41fc.cloudfront.net (CloudFront), 1.1 google
date: Tue, 10 Jan 2023 03:30:38 GMT
age: 80524
etag: "494878e02f916ef7bf57703062b33328778e1adc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2