firefox.settings.services.mozilla.com/v1/
18.164.68.15200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 1aac651ec250c598683dd17ca2002c07
11595ac82e017f95190c2a36dc77323a3fedcbfc
93fa640d042452ae8455d026e30e3b4594c13d4be65f3552a4b5edae027c02f9
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Backoff, Content-Length, Content-Type, Retry-After, Alert
Cache-Control: max-age=3600
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Tue, 11 Oct 2022 08:08:20 GMT
Expires: Tue, 11 Oct 2022 08:29:26 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 6e05560e2a116f10e93777df92ea6478.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: Q4sB6zGII_KAwaPCAM4Irf7P6PQP1elikZ-SelBtRzsPieLA0IpoNA==
Age: 1971
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ef6d323da0ad155f526b4a57c2e46ccc
71686b19b3ca049b9b66f8740284c552a3f61a20
99e2f56075a08f133a9d1d0122ab9ef2d9eaa61e18f46994e52e21a8a53203f3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "99E2F56075A08F133A9D1D0122AB9EF2D9EAA61E18F46994E52E21A8A53203F3"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8267
Expires: Tue, 11 Oct 2022 10:58:59 GMT
Date: Tue, 11 Oct 2022 08:41:12 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 3d0ffae9abfdf558a6286013a0201c8b
2dc8ea0000a1b0c0f849611fdd73429bca51bfad
8e19eab9b6d16819f9ef3920971542cbcf5dd18280617e2de1a3827f0c149398
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8E19EAB9B6D16819F9EF3920971542CBCF5DD18280617E2DE1A3827F0C149398"
Last-Modified: Sun, 09 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13110
Expires: Tue, 11 Oct 2022 12:19:42 GMT
Date: Tue, 11 Oct 2022 08:41:12 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: Deg2TmlS9V3YhUFItIdfOuMg2KGrAE6ob22TX5LjNSYTk5aKzTbaddX4SXo/N8FrDhuUSOjLKEs=
x-amz-request-id: GNQ1FY5JTPXFD49G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 11 Oct 2022 08:00:46 GMT
age: 2426
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 11 Oct 2022 08:41:12 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
18.164.68.15200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 18.164.68.15:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Tue, 11 Oct 2022 07:41:44 GMT
Cache-Control: max-age=3600
Expires: Tue, 11 Oct 2022 08:38:22 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c3ac810888cb46ee4166354c2171bcde.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: LHR50-P4
X-Amz-Cf-Id: WxwEffjV5paaJRYllf0b6sHQ_oDAGQicb_OZveqxg4EQUmeq4CGhcQ==
Age: 3575
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d545bc725dcd5d6f1dfc10a8b35aeb3a
82d92587953dac8a05d691730b8318719328de6b
9d1e6f1bf4b1c138d9e07e67264cb9ac5090a1c338ff72c87e1758e187cccb24
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1857
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:12 GMT
Last-Modified: Tue, 11 Oct 2022 08:10:15 GMT
Server: ECS (ska/F6FD)
X-Cache: HIT
Content-Length: 471
sadevafric.com/msin/usantoib
66.29.145.237307 Temporary Redirect 0 B URL HTTP/1.1 sadevafric.com/msin/usantoib
IP 66.29.145.237:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /msin/usantoib HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 307 Temporary Redirect
Date: Tue, 11 Oct 2022 08:41:12 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; expires=Tue, 11-Oct-2022 10:41:12 GMT; Max-Age=7200; path=/
ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302; expires=Thu, 13-Oct-2022 08:41:12 GMT; Max-Age=172800; path=/; HttpOnly
Location: https://sadevafric.com/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
push.services.mozilla.com/
54.69.181.45101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.69.181.45:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: yrD+eCuAIiFx513bq0PcYA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 5VhJC0vd06ZUr7OzT3yVsQLT0+E=
sadevafric.com/
66.29.145.237200 OK 6.2 kB IP 66.29.145.237:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (342), with CRLF, LF line terminators
Hash cb9db9e2df56ac35f3aa484daebd2ae3
d1c0708912bb7db0bad714c05956f41a1ab0cc39
63aac0b30f85e1a9de749028386aef86ae83378e91e26e041936ade6b800a3c6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate
Pragma: no-cache
Set-Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; expires=Tue, 11-Oct-2022 10:41:13 GMT; Max-Age=7200; path=/
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6177
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 582b9d37a9e3e9b109753b5649cd8fd8
5891b7dc89e563b938a0cf773e0d3b6d860a6b81
d47a95bffee9458afaaa4ce85e192d98ad9b63d7ecb26d1459905769c2858679
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:13 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sadevafric.com/assets/css/plugins/bootstrap.min.css
66.29.145.237200 OK 21 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/bootstrap.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (65324)
Hash 733571679e9957e2653ecce1c235ae28
71eff8d605c8346f6e413589a8aa69b217e4d923
cbc30aca6e7eb5990a7282fbd4d1b76ed492b31a4c46bb587f4ebd1b48c2fdd4
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins/bootstrap.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:50 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 21007
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/fancybox.min.css
66.29.145.237200 OK 3.3 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/fancybox.min.css
IP 66.29.145.237:0
Hash 48f7cd6ea25e7a870144d0b7999cf3fb
8eecf63f78b0e5679c8f2d5c82a3d2e8d4eccdde
61aa1b688bbd00d28a2b76006c005f2181a8cd00055c74d4a5255dbacab4aeb3
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins/fancybox.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Mon, 07 Dec 2020 18:22:46 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3264
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/style-light.css
66.29.145.237200 OK 6.8 kB URL HTTP/1.1 sadevafric.com/assets/css/style-light.css
IP 66.29.145.237:0
Hash ce636cfe8004cd4ed470b185643cf79b
0aa633e506e709405f89d64e7d848f7ea00e5338
fc91747aa1140b0b9a3781a9a83077b912957bd13d5b685aa0facc4763d01019
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/style-light.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Thu, 09 Sep 2021 19:08:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 6750
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/css/plugins/mapbox-style.css
66.29.145.237200 OK 4.6 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/mapbox-style.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (34832)
Hash e92d94d527112eccad9eff37daf5d414
3e9548d816fe420a093320151595601e6865d236
9bb0b50fba17ae136f2124c4d62a64541ea3a1db70126cf28f51d63f5e7bc893
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins/mapbox-style.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Thu, 21 Jan 2021 18:11:24 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4579
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9927
Expires: Tue, 11 Oct 2022 11:26:41 GMT
Date: Tue, 11 Oct 2022 08:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9927
Expires: Tue, 11 Oct 2022 11:26:41 GMT
Date: Tue, 11 Oct 2022 08:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9927
Expires: Tue, 11 Oct 2022 11:26:41 GMT
Date: Tue, 11 Oct 2022 08:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9927
Expires: Tue, 11 Oct 2022 11:26:41 GMT
Date: Tue, 11 Oct 2022 08:41:14 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash f97cde01f1afd5ed30319169445ec773
1cb25a8da62cdf1f9ab1b2b35d03163037691b33
1db2f13247d84bbebf5221ac7429e9367ee92aa1148b4aa879751e1944766406
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DB2F13247D84BBEBF5221AC7429E9367EE92AA1148B4AA879751E1944766406"
Last-Modified: Mon, 10 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9927
Expires: Tue, 11 Oct 2022 11:26:41 GMT
Date: Tue, 11 Oct 2022 08:41:14 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2b15495e3e13c06fd0d67523870405ed
3cb8b43735e86c93733affa10818c47693c80fce
f65edddef18295076f79a48e9a6c95d07ed244a2ae618cb4229b6c1bd434cd57
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F829a81b7-8a2b-4381-a830-9c534e3312fe.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12187
x-amzn-requestid: 9768886f-0e17-4958-bdaf-e17385eb21d6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjqJCHyNoAMFmDg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e23d3-288e1d28057753a16893d6b5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 00:39:47 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: jm9hynO1KfuT2luShwOU_Ps2ZHxUAPwymP1Bi-V49MWWJ3ooQq7qVg==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 01:54:55 GMT
age: 24379
etag: "3cb8b43735e86c93733affa10818c47693c80fce"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 30456d487c35886b1856909aafd25955
2a49a0b04e6763475e5cbb4d10c0c1a55f5b6506
f66c17dc9b78564a6f2d340ea95113cfae08c2bc1e2e0013b7fcc535bd37c198
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3f1f22c3-33a7-4f40-9b8b-96764c81e8d4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5205
x-amzn-requestid: a4d89314-3b18-43ba-ab9f-efa4b392aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zk0e3HdxoAMFUVA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e9ac5-0d7ac6f368d75023605be6ce;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 09:07:17 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: A_mlPaLsZdplGhdWNUwzNCuGKa4TXMb4n7f4cqgoUEKvmd3awEVyiQ==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 001e7070d795018d01b93988b9723742.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:10:35 GMT
age: 37839
etag: "2a49a0b04e6763475e5cbb4d10c0c1a55f5b6506"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6943f4735bdb3eaf396cd0edbd101dae
3be209d8b74abe0d12033cf6149da04eb9e1a116
7578a8981216adc59909baf4e41ef4044d5a592e6dc7f80f4fa8f5f1cc1b282f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F647e8146-dad8-449f-a0ea-efe8d7b14e99.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5957
x-amzn-requestid: e7388c82-006d-4114-84e1-f6c5af236edb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zt4h5EMzoAMF5GQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63423ad8-135cd65273a99b4c1719796b;Sampled=0
x-amzn-remapped-date: Sun, 09 Oct 2022 03:07:04 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: H6aoPUjEEPgK6GhTjcpiUg0lVa0e78LQa7cbpYT-QR8NKUzn7UL1Sw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 cd64decb1403270c914848213601a674.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 04:12:36 GMT
age: 16118
etag: "3be209d8b74abe0d12033cf6149da04eb9e1a116"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
34.120.237.76200 OK 5.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a038cab69baa881794ca6712d38fb838
dfad15b64839ef9b304f7c919a36c4e66cfd46b6
26fc7247d679fe9f5b583abd33e3b56857b003facbb3b22b7d38b5d859a8c423
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19424b7e-63c8-4f4a-ad93-ef6cb886a50f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5184
x-amzn-requestid: 4051eb09-2dd2-4e38-8077-8bb8ac919aa0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zj_dQG9VIAMFYTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e45ee-549cfdff0ead4dce44a3e546;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 03:05:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: O2kLG7kHxWyHMX1RACUtL5WNgv37BrGEHBu_9C2UxucDR8Resapi_Q==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Tue, 11 Oct 2022 06:53:10 GMT
age: 6484
etag: "dfad15b64839ef9b304f7c919a36c4e66cfd46b6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7ee5383-8709-4209-8a04-568b60017d86.jpeg
34.120.237.76200 OK 6.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7ee5383-8709-4209-8a04-568b60017d86.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 680ec1e2b9bafd783ad6c6500e7b8766
a0e93a190fd539c58243b672367b2515eb8cbd58
da14b2b9a5a8d00c30ad3522c9e5a9ab24065a245a9fa0f0fddb6079975b18f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd7ee5383-8709-4209-8a04-568b60017d86.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6852
x-amzn-requestid: 1036d85d-dc5d-436c-91a0-42f5bb0bc372
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt7jGlcIAMFWHA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449049-0ea6409334b50a8d492e3513;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:09 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: -mAQYJEN4b1EG9TBtLempQCrj-W9HuqYv5d6D7w9-dKpklnkcp9Daw==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "a0e93a190fd539c58243b672367b2515eb8cbd58"
content-type: image/jpeg
age: 38723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c510a5010677fcfa9ee8065c0abc894
5f2cf2a511760f5fd16d5c14a48a1aff185830e0
a07018792c7eb661bfddde47d26d728298c90314e52c96228a91c7d1978fedc6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7abfd93d-a205-46fc-a450-d0de2182b1c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10736
x-amzn-requestid: fb2bd595-cff6-4278-95cb-f42939d91f17
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zzt85Fd9IAMFQeg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63449052-326c047f01d742353e1891c8;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:36:18 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: u5XxBwVbvOux8Bv_DgbsHjE5KcQE5gy_F2mXDNFfgPxmTfsfwCQS7Q==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 6a9b42e38e76b7d4a4044ebe0e0eca08.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 21:55:51 GMT
etag: "5f2cf2a511760f5fd16d5c14a48a1aff185830e0"
content-type: image/jpeg
age: 38723
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sadevafric.com/assets/js/plugins/tween-max.min.js
66.29.145.237200 OK 39 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/tween-max.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32028)
Hash a6a64f068c32e61e418134cc830d9a7d
e64f360d949f75331a89146c7707ddb4d42fcb0a
f82f0e56bcd25e05c88f43b184d846a166458b4fcf8533a3adc7481a0f410b08
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/tween-max.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:20:10 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 39300
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
66.29.145.237200 OK 4.3 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/scroll-magic-gsap-plugin.js
IP 66.29.145.237:0
Hash daaa793446a620a7c1c001be03f6168c
297c81b4711979a2334f60f246eaf9e9317f40b4
cfe9a96cd8d659a71f887a3291a8b1f94c96d171e5bb152b6e0c0007efee18f7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/scroll-magic-gsap-plugin.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:15:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4272
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/scroll-magic.js
66.29.145.237200 OK 25 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/scroll-magic.js
IP 66.29.145.237:0
File type Unicode text, UTF-8 text, with very long lines (330)
Hash 0654c5b5bb66d21e526ca3288043b184
444823af815fe2375a6bfd6a169e5ee3fe41b4b0
b2694723acb5522a0a47644c2dd08333d34a2a177a44ef10f3ceb4424048a4d6
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/scroll-magic.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Fri, 11 Dec 2020 06:14:02 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 25095
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/isotope.min.js
66.29.145.237200 OK 9.8 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/isotope.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32019)
Hash f23be9b893032a9a3beeb61008b659d6
0ae8ca6e11fa6299c409f7155c39a6fbefa3dd0b
c343a4923a7dfc3451f05434f6061f4f46f14774867a9dfbd7d0965ff54236c4
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/isotope.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 9847
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/fancybox.min.js
66.29.145.237200 OK 22 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/fancybox.min.js
IP 66.29.145.237:0
File type HTML document, ASCII text, with very long lines (31972)
Hash f8b62df0805382748074af7be8c55fc3
954cce85dd07378f6161bf292e42c53da428ff62
90d139e51b28f09110a6653ac7ce12f6b603bed42be80bccc9876130e6eaf61a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/fancybox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 22014
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/css/plugins/font-awesome.min.css
66.29.145.237200 OK 12 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/font-awesome.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (54456)
Hash a17b2209512865d8e882880dd8c403e0
35b7d11062831c849a213c6752136e276c56bb56
c29734bf3b21a5ce948cf29d765d596ecf0495c2a61f67d0e3e23a4f815693e2
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins/font-awesome.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 11817
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/js/plugins/swiper.min.js
66.29.145.237200 OK 33 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/swiper.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (65271)
Hash a9dbdc85dfcc3a7f9e40019b5530ef83
3819e7edd68a2712bed8956d742cafff37c4ed77
8f9ff6eb4d271afd73674c1ba5f1c1ae82e68984098d94bc6fdee31fa5aaed5c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/swiper.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:55:28 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 32552
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/overscroll.min.js
66.29.145.237200 OK 4.4 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/overscroll.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (9511)
Hash 53dbd66e5044c88004c425f2295c4810
149469dc3b55d08aefe2d8a01ae97a27b5d4fa8d
b91283f8d27573de404bf3d8d95e9f1e952be27d89d3d3fbcd8850bded8ae84a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/overscroll.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 4438
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/canvas.js
66.29.145.237200 OK 1.2 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/canvas.js
IP 66.29.145.237:0
Hash 2f9f9599c326666430e240bd2040229e
97c3e0885adae1da5658fc57b036ccd1c3bf1fd8
087eaf86761d05a8fc0acf6e754b2d3fbbc3ecc41e8c5795576a8b18638d61ad
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/canvas.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Tue, 06 Apr 2021 17:31:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 1202
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/css/plugins/swiper.min.css
66.29.145.237200 OK 3.1 kB URL HTTP/1.1 sadevafric.com/assets/css/plugins/swiper.min.css
IP 66.29.145.237:0
File type ASCII text, with very long lines (1470)
Hash 5d028d301366f480ddc61b88f7d66dd8
344e33b68472c09ad3c7a38ae11b11e24298a0b3
c29f68dbc0da7d5449d4865a430552efb937b04bd647eabe980332ad75a07e52
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/css/plugins/swiper.min.css HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3063
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
sadevafric.com/assets/js/plugins/parsley.min.js
66.29.145.237200 OK 12 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/parsley.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (32005), with CRLF line terminators
Hash d0d7a0f3ca1af46edd464738404d704b
07acb5664b72237d6803d79e04f357bae456b52d
f2e8a1ed3fcb50a9a3412859f34677cada1cc2d8617367edcefb80939f2f7f5d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/parsley.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Wed, 10 Jun 2020 19:30:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 12347
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
66.29.145.237200 OK 16 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/smooth-scrollbar.min.js
IP 66.29.145.237:0
File type Unicode text, UTF-8 text, with very long lines (23101)
Hash 204f770d6eb3a63ca1e0fa2aadf6c69c
ec57850045162173caee2370a81d47f2d1a938ad
a741cd031a689e23d3901a3defcfb8603f404d38bd5a5f662c1fb1517d482c7d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/smooth-scrollbar.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Mon, 23 Nov 2020 01:49:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 16293
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
sadevafric.com/assets/js/main.js
66.29.145.237200 OK 3.6 kB URL HTTP/1.1 sadevafric.com/assets/js/main.js
IP 66.29.145.237:0
Hash 13dffac744d12e9a004a0fd2af0c3a77
3612a0b04888d05ef4d7f98a57f334cde2fa8437
166c8d0a025d55aa663d8b511e94347e98383501c818824adf44ca662b0cd91f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/main.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 22:03:12 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3626
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
216.58.207.195200 OK 31 kB URL HTTP/2 fonts.gstatic.com/s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 30928, version 1.0\012- data
Hash ac0d2859ea5f8fd6bcb3c305c08ec184
7f6c17e3e592cd8bd346b9cc261d8dd961b8aef7
ae919a7c9f25f0fd97fc18e398ae8e453fcaae487e4a4cb4f896e7fecde4a780
GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 06 Oct 2022 16:40:18 GMT
expires: Fri, 06 Oct 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 403256
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash d86e14ff3ce5350e8b876fa551583c57
f5d6a4f4a7da1e11bc5bebd89a1fe6f3ac60cb30
6db523ab57767f22ee6cebc4050b55f11ffc9937ad3868c63090df084cc9a7b7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 11 Oct 2022 08:41:14 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sadevafric.com/assets/img/light/logo.svg
66.29.145.237200 OK 5.9 kB URL HTTP/1.1 sadevafric.com/assets/img/light/logo.svg
IP 66.29.145.237:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (14829), with no line terminators
Hash 5d71acf1ba704203c83505c454c71a7d
5ba3860609d1efd27b5197a01221e6a2d3c275dc
f4953d5cb08b703d9410426321b286a83d15d7877f035e948cd34a3f50375b42
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/img/light/logo.svg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 21:54:22 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 5908
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/svg+xml
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash ec91b232a4e3358d4fd614270423d4fe
df78817d9471f854fe242f2d7771e8706810749f
5543139ef449ea6bfb8fd04dd8f048a08b52d1e16f9b8d7c8358d097cc2742ae
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5543139EF449EA6BFB8FD04DD8F048A08B52D1E16F9B8D7C8358D097CC2742AE"
Last-Modified: Mon, 10 Oct 2022 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14123
Expires: Tue, 11 Oct 2022 12:36:38 GMT
Date: Tue, 11 Oct 2022 08:41:15 GMT
Connection: keep-alive
aws-wwcloud.net/async/?id=kkr611f53bbs86i7a23de7t4696iy287
146.0.77.131200 OK 177 B URL HTTP/1.1 aws-wwcloud.net/async/?id=kkr611f53bbs86i7a23de7t4696iy287
IP 146.0.77.131:0
File type PNG image data, 1 x 1, 4-bit colormap, non-interlaced\012- data
Hash a9428714a3fc96dda46bf3dcb266266a
ccdf71be456f9f753967364b9b0ef38c1159d5ed
4f078541628ddaeeb2c66ef06b22c95df4ff9deb16a68554d4ad2f78380c42c2
Analyzer Verdict Alert fortinet Phishing
GET /async/?id=kkr611f53bbs86i7a23de7t4696iy287 HTTP/1.1
Host: aws-wwcloud.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sadevafric.com
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 11 Oct 2022 08:41:15 GMT
Content-Type: image/png
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/5.4.16
Access-Control-Allow-Origin: *
Strict-Transport-Security: max-age=31536000;
www.applitech.ci/assets/images/logo.png
66.29.145.237200 OK 7.1 kB URL HTTP/1.1 www.applitech.ci/assets/images/logo.png
IP 66.29.145.237:0
File type PNG image data, 350 x 78, 8-bit/color RGBA, non-interlaced\012- data
Hash b8eb88106d1545ea12a6185215e99a33
d82138cf5c47a60538898d5de1374b92572dd6de
143e08dbbb3247dd1bbaa00e73b9da6b696e25262045796f4b9f197f18f8d316
GET /assets/images/logo.png HTTP/1.1
Host: www.applitech.ci
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:15 GMT
Server: Apache
Last-Modified: Fri, 18 Mar 2022 17:26:24 GMT
Accept-Ranges: bytes
Content-Length: 7050
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: image/png
sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
66.29.145.237200 OK 88 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Hash 7370c173fea66f848ced70915e1d3320
738039bf40e0bfe13342ed2ce2434eaeb93620d9
246911ef2605d9ed13772a09a524093239de160a91292aec7add41101b01f6a6
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-2/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:16:58 GMT
Accept-Ranges: bytes
Content-Length: 88296
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
66.29.145.237200 OK 126 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/3.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Size 126 kB (125788 bytes)
Hash 40be0bb2600417e62fd4c6e585fe0767
a2ed1a0e3ccf4068d509e1b35ad5254283521ef8
15ec434815b7c476b13ca1cd52abbc297f7d5d8c19ce8e63b6f68ce4ad7863d6
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-2/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:38:30 GMT
Accept-Ranges: bytes
Content-Length: 125788
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
66.29.145.237200 OK 72 kB URL HTTP/1.1 sadevafric.com/assets/css/webfonts/fa-brands-400.woff2
IP 66.29.145.237:0
File type Web Open Font Format (Version 2), TrueType, length 72112, version 329.31064\012- data
Hash 4b115e1153a9ea339d6a0bb284cc8ed3
f988b2efe9434b0af28943708d33dd3afad9a5ba
d5f471476e1636e23b00991ae8a85d3703ada55bc6d6162472a28aa94fa64d4e
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/css/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://sadevafric.com/assets/css/plugins/font-awesome.min.css
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Fri, 04 Dec 2020 18:24:30 GMT
Accept-Ranges: bytes
Content-Length: 72112
Vary: Accept-Encoding,User-Agent
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: font/woff2
sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
66.29.145.237200 OK 56 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash b47b994c0a66534e7d34aeda5ed59bfc
bf22f9c59bfb45cfb25d7ac5942b7ae4e89c418b
6028f0d5e49a93ed75c589ee1f6207305b456ced1a13a8e59e3929346401208b
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-3/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:15 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:35:46 GMT
Accept-Ranges: bytes
Content-Length: 56354
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
66.29.145.237200 OK 90 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-2/2.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 320x439, components 3\012- data
Hash c1f1ea75fc81d18169038aeda9057f74
193cb6f6fd7bd30c4406948a1359f6dd0bd31aca
bda2eb9c12de07dd821e20bec754680c50debb7ec4f4b040826e65aa16cb5370
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-2/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 16:34:24 GMT
Accept-Ranges: bytes
Content-Length: 89785
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
66.29.145.237200 OK 168 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-5/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 525x350, components 3\012- data
Size 168 kB (168178 bytes)
Hash 028857dbead357da2bac5b2f6291df9f
4c102a542b0f33188029bd2440079b7608cf915d
9b6c9b8f1c2717a4d4c7ab47ffa5f3367584b0724c8db1e1dd458cfdc595d8d0
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-5/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:15 GMT
Server: Apache
Last-Modified: Fri, 06 Aug 2021 21:18:00 GMT
Accept-Ranges: bytes
Content-Length: 168178
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/js/plugins/mapbox.min.js
66.29.145.237200 OK 195 kB URL HTTP/1.1 sadevafric.com/assets/js/plugins/mapbox.min.js
IP 66.29.145.237:0
File type ASCII text, with very long lines (64450)
Size 195 kB (195389 bytes)
Hash 01db876058ff9998316589ae375c5eaa
62d02a663b9c62df16d810721d9a921b0c9e39a8
969d77541d90a4bcee5cb7cf16256c3b0479fbfed7fd853cf9a17ef6aa07359b
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/mapbox.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:14 GMT
Server: Apache
Last-Modified: Thu, 11 Feb 2021 22:56:08 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
66.29.145.237200 OK 71 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/4.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 1293bdd489072870ce5379f12975700b
975f5ccb33687f1b211f44d850238f2731af55a3
f11ff0997fcf8ab152a595ea8077ca73647283c3e37ebc01747d107a360d7183
GET /assets/img/light/projects/prjct-3/4.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:16 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:48 GMT
Accept-Ranges: bytes
Content-Length: 71233
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
66.29.145.237200 OK 80 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/2.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 3705e146ab0f6bb39a47073594f3af64
2769eb25cc3a4b1ad2683c17be5d1614928d9e33
72df5d2cdd184bf7316b97fc2c946e219a872acd953ef7b0a8cb05a0e9ddd9f8
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-3/2.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:16 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:36:24 GMT
Accept-Ranges: bytes
Content-Length: 79874
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
66.29.145.237200 OK 69 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/3.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash dfe8e0ee27d28a653a85ff0c4c825d40
f138f2799f9c0acc075d13bf4ec4feb579eab458
c54e96adff4d4f4a7589e9422884cdab0bade020c3237dd6b591d29f29e1c5ae
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-3/3.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:16 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:37:06 GMT
Accept-Ranges: bytes
Content-Length: 69435
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
66.29.145.237200 OK 266 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-1/fs/7.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1280, components 3\012- data
Size 266 kB (265847 bytes)
Hash 26dc75e955c7ca26a0cd11aa6df6d797
aec1976b12c97b99ae54e893dc348d38fbca7169
624a503da93148052e817c78cbad18aa7de6eca175866a29c6164044b41e6961
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-1/fs/7.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:15 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 18:00:56 GMT
Accept-Ranges: bytes
Content-Length: 265847
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
66.29.145.237200 OK 81 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/6.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 627098bf83cf944e9e5bfdbd80b18521
56357d4091e550362537589a5c6f0dfe4856269e
f54366ec758c9e2e0799b318ff37bc131021c40c9db773f98577dd7c650ad946
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-3/6.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:17 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:39:52 GMT
Accept-Ranges: bytes
Content-Length: 81339
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
66.29.145.237200 OK 78 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-3/5.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 540x360, components 3\012- data
Hash 6b278691e2c4dd737c27276cda08f914
8233d5ddae68550a0455dd87e3e10ef3d6ed8f41
97c83f05952458d6ad49ea9f5436abb5152f3ad17d67d3347c56e339d20f35c9
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-3/5.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:17 GMT
Server: Apache
Last-Modified: Thu, 05 Aug 2021 21:38:54 GMT
Accept-Ranges: bytes
Content-Length: 77738
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/img/light/favicon.png
66.29.145.237200 OK 2.0 kB URL HTTP/1.1 sadevafric.com/assets/img/light/favicon.png
IP 66.29.145.237:0
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 511e7d91b99af1430ae66c2190769370
790a4d5a98c90d36ec8e2b1f9782099c77964688
9d6ae67eb2f11755ad511ca5db8f3c5b8041f84ef9901662758900be7662448a
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/favicon.png HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:18 GMT
Server: Apache
Last-Modified: Mon, 09 Aug 2021 19:13:16 GMT
Accept-Ranges: bytes
Content-Length: 1993
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
66.29.145.237200 OK 648 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-1/fs/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x1440, components 3\012- data
Size 648 kB (647484 bytes)
Hash 0ff0ec8dad290a5118853902b9086311
01a9d94248043f47dceb7f87b01bb73022f281cc
31f49e0601c40942e8fc6f847eaf7da7211e2a9e6048c7ab2e7ca49c2c566de7
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-1/fs/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:15 GMT
Server: Apache
Last-Modified: Thu, 18 Aug 2022 15:51:34 GMT
Accept-Ranges: bytes
Content-Length: 647484
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/jpeg
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
34.120.237.76200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 1a8720e1bfd92ce7ccfeb8ab6ca2477a
1277a8a73b2fbf48562a7f767c3219d836b1faa9
61cfaa0a0338ae710735fab66822d8227adeb6a8bc4035686fae4a4de6247f1e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6ea1c33c-766b-4b55-98a5-0a22380c61ce.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6645
x-amzn-requestid: 6e75c182-93bc-4339-a679-b069f78a397c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZzuQ0H3qoAMFi5w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-634490d1-4e134a93174cbf3559bea75c;Sampled=0
x-amzn-remapped-date: Mon, 10 Oct 2022 21:38:25 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2T5ArGyU86KvuyKtp_G0XC9MaZQWS2luBYlIKcQRWNeeUjqcmQgMSA==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 10 Oct 2022 22:10:38 GMT
age: 37842
etag: "1277a8a73b2fbf48562a7f767c3219d836b1faa9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
66.29.145.237200 OK 341 kB URL HTTP/1.1 sadevafric.com/assets/img/light/projects/prjct-4/1.jpg
IP 66.29.145.237:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x731, components 3\012- data
Size 341 kB (340751 bytes)
Hash b81a273e0fe698c9ff0bb384644e02b7
fc09ddaa570e338d02227d5debbc0c98a0674e30
ec4cc2847ed874cfd2bc56fa186946d0f8b373e62441d07e6393ec0406aa6a37
Analyzer Verdict Alert quad9 Sinkholed
GET /assets/img/light/projects/prjct-4/1.jpg HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:17 GMT
Server: Apache
Last-Modified: Fri, 20 Aug 2021 17:15:36 GMT
Accept-Ranges: bytes
Content-Length: 340751
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/jpeg
sadevafric.com/assets/js/plugins/jquery.min.js
66.29.145.237200 OK 0 B URL HTTP/1.1 sadevafric.com/assets/js/plugins/jquery.min.js
IP 66.29.145.237:0
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /assets/js/plugins/jquery.min.js HTTP/1.1
Host: sadevafric.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Cookie: infinite_csrf_cookie=789e66dbd7870e3cac95a69e37a6792a; ci_session=11d40e39e0f4a683e2bb3a36085fe412e2494302
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Date: Tue, 11 Oct 2022 08:41:13 GMT
Server: Apache
Last-Modified: Tue, 24 Nov 2020 22:10:56 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 30910
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap
IP 142.250.74.10:0
GET /css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sadevafric.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Tue, 11 Oct 2022 08:41:13 GMT
date: Tue, 11 Oct 2022 08:41:13 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2