firefox.settings.services.mozilla.com/v1/
143.204.55.115200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 804f8bbb7f556d51a5f52d5ebd5b6eef
922cd7e06df278615a04abb81d811d14596c8180
ef4804d381a34ab67873a7755621081c49c646310e085a9b2356ae07098f6021
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Length, Backoff, Retry-After, Content-Type
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 21 Sep 2022 09:14:23 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: peGmI_h5T5Oz0cLAOaPVbr8X0PeVsvHAADXqDXmLPg2pdpBafAgeTg==
Age: 1139
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
143.204.55.35200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain
IP 143.204.55.35:0
File type PEM certificate\012- , ASCII text
Hash 6113f8408c59aebe188d6af273b90743
7398873bf00f99944eaa77ad3ebc0d43c23dba6b
b6e0cc9ad68306208a160f3835fb8da76acc5a82d8fde1da5a98e1de1c11a770
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-30-18-47-44.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 10 Sep 2022 18:47:45 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Wed, 21 Sep 2022 04:35:14 GMT
etag: "6113f8408c59aebe188d6af273b90743"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Wb0Px7vZZkIbqkFLYSQQ728ozhtOtxvTwmC_lA1fZ13MeHwZ4KYNnQ==
age: 17889
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a26d0784548ecab22f417f3d689daf23
8893b79366bbadeb5c8d587b8f023e310694df1c
35baaae7b3ce3110ebb2b075881cfab55ecf3eab57d834283fd18ac691b41fa2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "35BAAAE7B3CE3110EBB2B075881CFAB55ECF3EAB57D834283FD18AC691B41FA2"
Last-Modified: Tue, 20 Sep 2022 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2183
Expires: Wed, 21 Sep 2022 10:09:45 GMT
Date: Wed, 21 Sep 2022 09:33:22 GMT
Connection: keep-alive
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Sep 2022 09:33:22 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
143.204.55.115200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 143.204.55.115:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: ETag, Expires, Content-Length, Cache-Control, Pragma, Content-Type, Alert, Backoff, Last-Modified, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Date: Wed, 21 Sep 2022 09:03:22 GMT
Cache-Control: max-age=3600
Expires: Wed, 21 Sep 2022 09:40:54 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 c9f2a4d2bcd548d1a3cbe1617a22f216.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: h7p_JqzhgrFmw1DN0SCxa_OzsB9m0t7_sc3bF9FFTByTR4qG4nQr7w==
Age: 1801
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash edf07cd621f733b0eb50c632387ebf4f
61a082d26501c2c8d481b1676d0de2e585269613
e5c4324e4c55824b86f48bf0b9a1d317a82e7d3c19bdea7a91d78ce98d68a980
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6175
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:23 GMT
Last-Modified: Wed, 21 Sep 2022 07:50:28 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
34.218.168.248101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.218.168.248:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 6lqIwfkVnAbohPgL45TTVA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: oxDAwb7A+DIqlPoG/41HiUxP2D0=
spkgruppeonlineidlog.com/
212.192.14.24200 OK 45 kB URL HTTP/1.1 spkgruppeonlineidlog.com/
IP 212.192.14.24:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (725)
Hash ce366ed990afcbec9cbf25d995e86c67
aceded7ac5221787905afced23c1e117e48dadaf
36246cc98de95b39eadedf4690c626cb5ce5dcf2f97def5a32935950b1f40f05
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spkgruppeonlineidlog.com/tpl/styles/font-awesome.css
212.192.14.24200 OK 27 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/styles/font-awesome.css
IP 212.192.14.24:0
File type ASCII text, with very long lines (26474)
Hash fa9ff2d48c033ae0c3cf40c83be64eea
318e0261b457d9d39988c97b010a3091b02ae7de
71e281c712c8b51e110a97055ac0d45825a75ec93a9b730c44258b8d83b00f0a
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/styles/font-awesome.css HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/css
Content-Length: 26636
Last-Modified: Mon, 19 Sep 2022 10:55:08 GMT
Connection: keep-alive
ETag: "63284a8c-680c"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/4c824c8716.js
212.192.14.24200 OK 11 kB URL HTTP/1.1 spkgruppeonlineidlog.com/4c824c8716.js
IP 212.192.14.24:0
File type ASCII text, with very long lines (10594)
Hash 383510478b755d567332d3008b0cd77d
04b15676300c8b97355ce42aed4c841329fc4d03
acff567312b94562ae4fd98c31d2ae54c45c8c41316a6d84e0b298c16dcaa7de
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /4c824c8716.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 11025
Last-Modified: Mon, 19 Sep 2022 10:54:56 GMT
Connection: keep-alive
ETag: "63284a80-2b11"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/js/base.js
212.192.14.24200 OK 12 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/base.js
IP 212.192.14.24:0
File type Unicode text, UTF-8 text, with very long lines (789)
Hash 5442ce3f5df1079d86dd0ae310709abb
c765dd26170c1cc6d41c2649793b7612aeaf980a
4aad27a8b1969205951e2b0e88a063b6ee12e3095543cc77ec26717705e7dce3
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/base.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 12083
Last-Modified: Mon, 19 Sep 2022 10:55:07 GMT
Connection: keep-alive
ETag: "63284a8b-2f33"
Accept-Ranges: bytes
www.googletagmanager.com/gtm.js?id=GTM-NRGSZ26
142.250.74.72200 OK 47 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NRGSZ26
IP 142.250.74.72:0
File type ASCII text, with very long lines (1720)
Hash 42e3857c3cd32096dd15ab1b09c62835
80067027568bd14310ac5e7bed3273f225abc92a
fdc945ddb7b835f0bdb3b0dd42a988b96e2885045a2c074654883fe493d52280
GET /gtm.js?id=GTM-NRGSZ26 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 21 Sep 2022 09:33:23 GMT
expires: Wed, 21 Sep 2022 09:33:23 GMT
cache-control: private, max-age=900
last-modified: Wed, 21 Sep 2022 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 46742
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash bcbb61a4f6f0beed45a5f963bfba6e9d
a07136aeace7036e3b7427d63c60576adbdc388f
3a910cde9f8f65341f3422d28e35ca877558e136c99067b72daaeb56b3d9e76d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp2.globalsign.com/gsorganizationvalsha2g2
104.18.20.226200 OK 1.5 kB URL HTTP/1.1 ocsp2.globalsign.com/gsorganizationvalsha2g2
IP 104.18.20.226:0
Hash b38723c57bae7e10d56e2670cde14335
fae4929e0624cc07f05a6148ca14bd6ff29f5f69
9e2d83c0481510c867993008a3b5e522615b1c454bec0cb32101924f4b812503
POST /gsorganizationvalsha2g2 HTTP/1.1
Host: ocsp2.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/ocsp-response
Content-Length: 1459
Connection: keep-alive
Expires: Sun, 25 Sep 2022 05:53:55 GMT
ETag: "fae4929e0624cc07f05a6148ca14bd6ff29f5f69"
Last-Modified: Wed, 21 Sep 2022 05:53:56 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1668
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 74e1cc903f031c02-OSL
spkgruppeonlineidlog.com/tpl/js/gotopay.min.js
212.192.14.24200 OK 2.5 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/gotopay.min.js
IP 212.192.14.24:0
File type Unicode text, UTF-8 text, with very long lines (2415), with no line terminators
Hash e4ad13b6fa10e81841b6acd118307684
05feaaf16b642a7237c69f121b531180e375cae6
1f42f650274cb87c18ea9297dda5b665bf57907e1e3cf6a41ca3c622c37c80d9
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/gotopay.min.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 2508
Last-Modified: Mon, 19 Sep 2022 10:55:06 GMT
Connection: keep-alive
ETag: "63284a8a-9cc"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/js/mapplication.js
212.192.14.24200 OK 23 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/mapplication.js
IP 212.192.14.24:0
Hash b750955908da2894125bbd83a7c65bc5
5b3265bba9b3413905c1a44418b725cddfb2387f
988c4cdd75305bf2e9d94c87043e9b2dfbc4486790f493df9b8754d9382a2081
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/mapplication.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 22707
Last-Modified: Mon, 19 Sep 2022 10:55:05 GMT
Connection: keep-alive
ETag: "63284a89-58b3"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 596ea0e7cffcb12819c214fd7e55e6b5
fdf581b35743d7693bf8c7f6154471a1b2646f06
a78eee2be3725b096407fde832e7762dad74ac69165f57a10b1ef76b5b2d9874
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:23 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spkgruppeonlineidlog.com/tpl/js/modernizr.min.js
212.192.14.24200 OK 7.3 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/modernizr.min.js
IP 212.192.14.24:0
File type HTML document, ASCII text, with very long lines (7238)
Hash 259464ac9a1803c44f771ef583f2681f
c3a985cd59c86d30ff273cb7a2a4f2e22e520c9e
ebee9c9a569e6bb886982b75aa80ab0f59e10dfb19fc62630e5a84f28f3c7e4f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/modernizr.min.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 7322
Last-Modified: Mon, 19 Sep 2022 10:55:06 GMT
Connection: keep-alive
ETag: "63284a8a-1c9a"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/js/review-3d-carousel.min.js
212.192.14.24200 OK 9.1 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/review-3d-carousel.min.js
IP 212.192.14.24:0
File type ASCII text, with very long lines (9078), with no line terminators
Hash 1142863a5d4b98b17e58a6e042e706a1
ff4feafae268e70dc192bb795d5879a8490de255
576c9601ad237cf5b1b57a10e32af2648715aa8ddbe3b165952585cd8d81eb84
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/review-3d-carousel.min.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 9078
Last-Modified: Mon, 19 Sep 2022 10:55:06 GMT
Connection: keep-alive
ETag: "63284a8a-2376"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/js/css3-mediaqueries.js
212.192.14.24200 OK 15 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/css3-mediaqueries.js
IP 212.192.14.24:0
File type ASCII text, with very long lines (14939), with no line terminators
Hash a7e2bad3d394ae6fc2598b534a1fe9ba
71930ba872566115de8df8ad239b280ec1baafa2
5a12a7344931ea52b5ba05528465b784ea92d35a78a569832bb4e2d9d3d0902d
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/css3-mediaqueries.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 14939
Last-Modified: Mon, 19 Sep 2022 10:55:06 GMT
Connection: keep-alive
ETag: "63284a8a-3a5b"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/styles/isrcss.css
212.192.14.24200 OK 1.2 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/styles/isrcss.css
IP 212.192.14.24:0
File type ASCII text, with very long lines (1219)
Hash ef19c81b62277f52defab7dc914b565f
c57dc4261cb0daf88220c5c3d8c55b9a29278825
9f09f05d4f2480a77ed4d7574580727dce02aec570f3fbdeb074cb841a1a5230
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/styles/isrcss.css HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/css
Content-Length: 1220
Last-Modified: Mon, 19 Sep 2022 10:55:08 GMT
Connection: keep-alive
ETag: "63284a8c-4c4"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/styles/order.css
212.192.14.24200 OK 4.6 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/styles/order.css
IP 212.192.14.24:0
Hash 3938413a411c5168e85b5b2e0878a27f
d609c3f8eb85422ed1eef78f73a28e2908c01bb7
1e9630f569c283c8bcf293774a19d47a38bc80c8574ec112ca4c561847a58f20
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/styles/order.css HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/css
Content-Length: 4628
Last-Modified: Mon, 19 Sep 2022 10:55:08 GMT
Connection: keep-alive
ETag: "63284a8c-1214"
Accept-Ranges: bytes
vk.com/js/api/openapi.js?168
87.240.129.133200 OK 23 kB URL HTTP/2 vk.com/js/api/openapi.js?168
IP 87.240.129.133:0
File type ASCII text, with very long lines (3849)
Hash b33ff213862515e45744517b207d77db
7d69b309a9c1d918d8dc7b42c510d08321207b9c
a5cd610dc23e643864c8827d58736c15b955328124bfd95661c88a7b96eaed47
GET /js/api/openapi.js?168 HTTP/1.1
Host: vk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: kittenx
date: Wed, 21 Sep 2022 09:33:23 GMT
content-type: application/x-javascript
content-length: 23322
last-modified: Wed, 10 Aug 2022 14:44:17 GMT
etag: "62f3c441-5b1a"
content-encoding: br
expires: Sun, 25 Sep 2022 09:33:23 GMT
cache-control: max-age=345600
x-frontend: front609304
access-control-expose-headers: X-Frontend
X-Firefox-Spdy: h2
spkgruppeonlineidlog.com/tpl/styles/mobile.css
212.192.14.24200 OK 46 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/styles/mobile.css
IP 212.192.14.24:0
File type ASCII text, with very long lines (45941), with no line terminators
Hash da290367f29a6abc6307d878858088e9
c5c539214febedb9d0f6b824a4b0113876c56507
9cde5919ba53534eeb27215be4180bde48674e1d243a985ac65668a31ca8e2bb
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/styles/mobile.css HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/css
Content-Length: 45941
Last-Modified: Mon, 19 Sep 2022 10:55:09 GMT
Connection: keep-alive
ETag: "63284a8d-b375"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/js/jquery-1.11.3.min.js
212.192.14.24200 OK 96 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/js/jquery-1.11.3.min.js
IP 212.192.14.24:0
File type ASCII text, with very long lines (32035)
Hash cf1e2f2b039494ad661a599577edaea6
6dbff8a173132e486ab97269c27457321dab1479
725f3cc84bee6ec4458485e6fc174b11769db6f4212b6994507ad9b0e4d6aec2
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/js/jquery-1.11.3.min.js HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 95900
Last-Modified: Mon, 19 Sep 2022 10:55:06 GMT
Connection: keep-alive
ETag: "63284a8a-1769c"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/styles/global.css
212.192.14.24200 OK 229 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/styles/global.css
IP 212.192.14.24:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 229 kB (229327 bytes)
Hash 7a1205a6797726cb619a563746abaf5c
9a3e0913e6f36df5d716953e321fe0adec4a42b7
2e30f17cf6f477a57753c0e49aa3c8c3d6224572d3d95df3dc5f16cfe3c96a95
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/styles/global.css HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:23 GMT
Content-Type: text/css
Content-Length: 229327
Last-Modified: Mon, 19 Sep 2022 10:55:08 GMT
Connection: keep-alive
ETag: "63284a8c-37fcf"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/users/anthony_baker_177.png
212.192.14.24200 OK 36 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/users/anthony_baker_177.png
IP 212.192.14.24:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash f095e64bf42e38facf742c9f4cb94e08
4df0ba86e744946ac9963e8acd3eb9b19772d13e
7d81c624b819bea8a9f9ec6cf0dfc059ef3ebbdf27164621146bbfa335868e55
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/users/anthony_baker_177.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 35786
Last-Modified: Mon, 19 Sep 2022 10:55:34 GMT
Connection: keep-alive
ETag: "63284aa6-8bca"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/payment/qiwi.png
212.192.14.24200 OK 6.0 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/payment/qiwi.png
IP 212.192.14.24:0
File type PNG image data, 77 x 40, 8-bit/color RGBA, non-interlaced\012- data
Hash d23eaeb65da4e31316acf2715b264562
22bcee983ac23ecf11408cd8154a2920814c527b
1b1ae7bb31088c2c46dc61ba72da8e8296f3b8e02c0dd5963d9b7885dd84d1a5
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/payment/qiwi.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 6036
Last-Modified: Mon, 19 Sep 2022 10:55:17 GMT
Connection: keep-alive
ETag: "63284a95-1794"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/file_cleaner.png
212.192.14.24200 OK 852 B URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/file_cleaner.png
IP 212.192.14.24:0
File type PNG image data, 43 x 46, 8-bit colormap, non-interlaced\012- data
Hash b26deaef3a70befee58a53e335871a97
34e270600d21c690ca5ed042c9b9824c132fbde6
22d163da8bc607c9fea60308c339b196b29bb7f0f51679130278ccb091aba743
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/file_cleaner.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 852
Last-Modified: Mon, 19 Sep 2022 10:55:58 GMT
Connection: keep-alive
ETag: "63284abe-354"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/users/ryan_hill_139.png
212.192.14.24200 OK 45 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/users/ryan_hill_139.png
IP 212.192.14.24:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash ae52e1a90a3b7e6166a8d832490a3ce0
cd700b217b6edd0cc5b68e7d4858d538582f713e
a6fbfc4f07c923cd53db3da977d9408ee2b23ed53dcca02e020e85be5b97816d
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/users/ryan_hill_139.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 45017
Last-Modified: Mon, 19 Sep 2022 10:55:34 GMT
Connection: keep-alive
ETag: "63284aa6-afd9"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/users/Stephen-H-Littleton.png
212.192.14.24200 OK 33 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/users/Stephen-H-Littleton.png
IP 212.192.14.24:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash c375a00995f417ded6171511db69f495
0424dc29e3da11d3b217363cd3368355ffc7f24a
4d551446a16e91492590082670e1f00f25cc85547ef46e704668d9b26371e43c
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/users/Stephen-H-Littleton.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 33228
Last-Modified: Mon, 19 Sep 2022 10:55:34 GMT
Connection: keep-alive
ETag: "63284aa6-81cc"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/users/Hal-Barry-Koren.png
212.192.14.24200 OK 35 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/users/Hal-Barry-Koren.png
IP 212.192.14.24:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash 3a68ec64c15cf4c9372f42f5d4613069
ee448a11edf7c8ce95de6a2355287af21587d624
ca43d5bf1a78cea9a61994f94812d7f931bac06070c9c840f4b038a4b48aba36
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/users/Hal-Barry-Koren.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 34740
Last-Modified: Mon, 19 Sep 2022 10:55:34 GMT
Connection: keep-alive
ETag: "63284aa6-87b4"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/sp_pc.png
212.192.14.24200 OK 34 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/sp_pc.png
IP 212.192.14.24:0
File type PNG image data, 824 x 700, 8-bit colormap, non-interlaced\012- data
Hash 53494bc99acad2f85493301655af5c03
bbf5592d0b8658e9834205fdfe8af697ccf77630
565af46852cce3c276fc812d93921a31f3a7aa513b6934dc16dc4b6d8bd38e14
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/sp_pc.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 34293
Last-Modified: Mon, 19 Sep 2022 10:55:57 GMT
Connection: keep-alive
ETag: "63284abd-85f5"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/fire_wall.png
212.192.14.24200 OK 818 B URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/fire_wall.png
IP 212.192.14.24:0
File type PNG image data, 52 x 45, 8-bit colormap, non-interlaced\012- data
Hash 9dacfd9460c1523d5c46523072241584
29ddb36c4b857c607af8511681388435812d810a
f519c8365a6e959acbae7d0a46334b69f42fde881b7647623b275dcd3d101cdf
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/fire_wall.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 818
Last-Modified: Mon, 19 Sep 2022 10:55:59 GMT
Connection: keep-alive
ETag: "63284abf-332"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/banner/product-banner-ascfreew-1920x854.jpg
212.192.14.24200 OK 125 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/banner/product-banner-ascfreew-1920x854.jpg
IP 212.192.14.24:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x845, components 3\012- data
Size 125 kB (124967 bytes)
Hash 7780c997664df8f312fd73487b212799
22196c0cfe2215cc61c0d4b8b5522e7092c9c1cd
ae183ae681257ee5ed230b85b3937364201989b6f8829089dc4cebae6b4124f8
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/banner/product-banner-ascfreew-1920x854.jpg HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/jpeg
Content-Length: 124967
Last-Modified: Mon, 19 Sep 2022 10:55:46 GMT
Connection: keep-alive
ETag: "63284ab2-1e827"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/software_health.png
212.192.14.24200 OK 1.0 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/software_health.png
IP 212.192.14.24:0
File type PNG image data, 50 x 47, 8-bit colormap, non-interlaced\012- data
Hash a40dbd914936202551b959fd9df26e5e
cee4c9016c0986a855bc670cc96d8d1d3ca91616
08dcb15e6911e0d49ac6b5d8c163960ca7483a57d041765242a2221751eebacd
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/software_health.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1028
Last-Modified: Mon, 19 Sep 2022 10:55:59 GMT
Connection: keep-alive
ETag: "63284abf-404"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/ai_pc.png
212.192.14.24200 OK 29 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/ai_pc.png
IP 212.192.14.24:0
File type PNG image data, 828 x 700, 8-bit colormap, non-interlaced\012- data
Hash 546fa3f6a1fd18233e3a8320519daffa
b91e4245bbb5ec5728304b39b190e382d9a41417
a38c88a851845ef19b83567c578bce8567db440e6d216557d53b7caa9e224765
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/ai_pc.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 29025
Last-Modified: Mon, 19 Sep 2022 10:55:58 GMT
Connection: keep-alive
ETag: "63284abe-7161"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/logo.svg
212.192.14.24200 OK 1.2 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/logo.svg
IP 212.192.14.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (1030)
Hash 635f7a6608b332bc1e88e542fc371e59
953de996d14779040db9055b18494aab9ffb457b
0b26dc26ff7692613f22bc7d8b607a88ee9e2dba9c7693b5ad428cf145b3af30
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/images/logo.svg HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/svg+xml
Content-Length: 1246
Last-Modified: Mon, 19 Sep 2022 10:55:03 GMT
Connection: keep-alive
ETag: "63284a87-4de"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/product-banner-ascfreew-left.svg
212.192.14.24200 OK 5.6 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/product-banner-ascfreew-left.svg
IP 212.192.14.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (5577), with no line terminators
Hash 5736e673bd4d669ea1f26b9c604c96fb
f736c4027fa3e37a60cd3cf1abaab462754aa1a5
d349f4e2200a64511ea38b2da2c961172736382d65a3af68aa474cbd44af7d73
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/images/products/ascfreew/product-banner-ascfreew-left.svg HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/svg+xml
Content-Length: 5577
Last-Modified: Mon, 19 Sep 2022 10:55:58 GMT
Connection: keep-alive
ETag: "63284abe-15c9"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/downloadfreew-icon.png
212.192.14.24200 OK 207 B URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/downloadfreew-icon.png
IP 212.192.14.24:0
File type PNG image data, 14 x 14, 4-bit colormap, non-interlaced\012- data
Hash 699e7fcc62872f4ccc712e728e37c64d
8196fc42fdf97d50b256c7b56f2f367f4ff7a8bb
e36e91e06210b33ac4ea7a90164f03363a6e1209e27e68a3e56f8dc8601e822c
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/downloadfreew-icon.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 207
Last-Modified: Mon, 19 Sep 2022 10:55:57 GMT
Connection: keep-alive
ETag: "63284abd-cf"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
142.250.74.163200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:34:08 GMT
expires: Thu, 14 Sep 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 568756
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
142.250.74.163200 OK 9.6 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 9628, version 1.0\012- data
Hash d9ac47c7e500fb7083b8d595eaf6fe12
112a2fc5f4ff9b85ee3a706fa9b8c47f79b05933
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 9628
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 15 Sep 2022 06:19:49 GMT
expires: Fri, 15 Sep 2023 06:19:49 GMT
cache-control: public, max-age=31536000
age: 530015
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
142.250.74.163200 OK 12 kB URL HTTP/2 fonts.gstatic.com/s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2
IP 142.250.74.163:0
File type Web Open Font Format (Version 2), TrueType, length 12372, version 1.0\012- data
Hash 0ef99cf07a2a261ab43d5dc1937ffb27
bd39f9cd13ef2a6f912dcba8fa916fc67b4a19d9
557f6d0883db85be712c3a77baa38875ddf99ecbdfd6fec98e5c0b1f7a0e1532
GET /s/titilliumweb/v15/NaPecZTIAOhVxoMyOr9n_E7fdMPmDQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 12372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 14 Sep 2022 19:28:24 GMT
expires: Thu, 14 Sep 2023 19:28:24 GMT
cache-control: public, max-age=31536000
age: 569100
last-modified: Wed, 27 Apr 2022 16:19:22 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/product-banner-ascfreew-right.svg
212.192.14.24200 OK 11 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/product-banner-ascfreew-right.svg
IP 212.192.14.24:0
File type SVG Scalable Vector Graphics image\012- HTML document, ASCII text, with very long lines (10929), with no line terminators
Hash 88fc69eeee40190ee63f8d710529f686
fb9dffc427490b62f3a1b83766fa01a59f11720e
dfb6a4e2128ff3967d527a8e5585395ff70872b899f599f323b8c1405ed8d16a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /tpl/images/products/ascfreew/product-banner-ascfreew-right.svg HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/svg+xml
Content-Length: 10929
Last-Modified: Mon, 19 Sep 2022 10:55:57 GMT
Connection: keep-alive
ETag: "63284abd-2ab1"
Accept-Ranges: bytes
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash c683e61e63df92799aa274fdac42cd3b
191aeec95861fa8596a90a10c60b22434431c033
898c007bc0e7d5f4d3180c9fe28b88036102ba64912d0773c023e1f4f07d7beb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/bs_pc.png
212.192.14.24200 OK 24 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/bs_pc.png
IP 212.192.14.24:0
File type PNG image data, 824 x 700, 8-bit colormap, non-interlaced\012- data
Hash 97d0cf3d0edab0507dc746dd9596ac02
1dbc61ea5dec9915739898ecc4a741e23d0af35d
7bfb4fe5f11172a6ef827acc0349e881dfec78be09435787f412f1a08e6e25be
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/bs_pc.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 23771
Last-Modified: Mon, 19 Sep 2022 10:55:58 GMT
Connection: keep-alive
ETag: "63284abe-5cdb"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/pr_pc.png
212.192.14.24200 OK 25 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/pr_pc.png
IP 212.192.14.24:0
File type PNG image data, 828 x 700, 8-bit colormap, non-interlaced\012- data
Hash 5bf67451bcffa21656172780e61cb345
0ecc263fb33762830893687206f0a0a071c9fa62
fa22393b82e347bffe1be7d2114ce6ffb883a149bd5e685a3b66ba6cc592a017
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/pr_pc.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 25394
Last-Modified: Mon, 19 Sep 2022 10:55:58 GMT
Connection: keep-alive
ETag: "63284abe-6332"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/anti_track.png
212.192.14.24200 OK 1.0 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/anti_track.png
IP 212.192.14.24:0
File type PNG image data, 48 x 53, 8-bit colormap, non-interlaced\012- data
Hash ae17b2bd4295b8f7e441650860c305a3
112896541f9a5bcb0c52ea35a9a9bc1d444afa2d
10c79ac1c7323d35cb069c236ba736af8b4a4cc7fe2f0651e655e8d182c1fb61
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/anti_track.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1031
Last-Modified: Mon, 19 Sep 2022 10:55:59 GMT
Connection: keep-alive
ETag: "63284abf-407"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/real_time.png
212.192.14.24200 OK 1.2 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/real_time.png
IP 212.192.14.24:0
File type PNG image data, 51 x 51, 8-bit colormap, non-interlaced\012- data
Hash 6b2a9d5ca45094c4c90baf23bf0b8695
b651240c5a2d6b9e045ca7da2b37b06284fbbba8
4b89c07347d98a77d5ca34afee4028696fb9579e9145b3f68f584558b5f2087e
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/real_time.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1194
Last-Modified: Mon, 19 Sep 2022 10:56:00 GMT
Connection: keep-alive
ETag: "63284ac0-4aa"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/ai_mode.png
212.192.14.24200 OK 1.0 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/ai_mode.png
IP 212.192.14.24:0
File type PNG image data, 52 x 58, 8-bit colormap, non-interlaced\012- data
Hash c2af37cef2866c32fa6dded5d96ec1ac
a6a36a8da167a194a13a94dd10484ca08fc5c998
f0bf528c0d32f8b668852437c01aa886088f9f75f6f4f4f37bdea3b5a52a3bc4
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/ai_mode.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1001
Last-Modified: Mon, 19 Sep 2022 10:55:59 GMT
Connection: keep-alive
ETag: "63284abf-3e9"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/payment/close.png
212.192.14.24200 OK 1.4 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/payment/close.png
IP 212.192.14.24:0
File type PNG image data, 14 x 28, 8-bit/color RGBA, non-interlaced\012- data
Hash 8a72dca0e280f7cbddb51e7511df1b68
daaf51a8c2949a41778b1c0cc9e799d5215e359e
6e8a11e23812b870427de709190da53f993749392bb9dc2010099eb6ef1f5d40
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/payment/close.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/order.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1448
Last-Modified: Mon, 19 Sep 2022 10:55:18 GMT
Connection: keep-alive
ETag: "63284a96-5a8"
Accept-Ranges: bytes
fonts.googleapis.com/css?family=Roboto|Titillium+Web
142.250.74.10200 OK 3.7 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto|Titillium+Web
IP 142.250.74.10:0
Hash b5f0a6e28375998067d73c07a7918db4
4e533f26e157f291d67de3b2c7036af2ea67e5cc
f860bc4125f3e533163541b32317113c22d44502b5d0081b14ac4663ae4cf1d3
GET /css?family=Roboto|Titillium+Web HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 21 Sep 2022 09:33:23 GMT
date: Wed, 21 Sep 2022 09:33:23 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
spkgruppeonlineidlog.com/tpl/images/review-control.png
212.192.14.24200 OK 861 B URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/review-control.png
IP 212.192.14.24:0
File type PNG image data, 44 x 82, 8-bit colormap, non-interlaced\012- data
Hash 0f03330ce4d9fadea69b4f92afe91897
7c24aec93b9011d6a5f6dea7d9e3ef1f8244c44c
cd7d534790ffa209aba6d69f17883cf002386a870e4872edb6934b3628a191e4
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/review-control.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 861
Last-Modified: Mon, 19 Sep 2022 10:54:59 GMT
Connection: keep-alive
ETag: "63284a83-35d"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/products/ascfreew/products_ascfree_icon.png
212.192.14.24200 OK 1.3 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/products/ascfreew/products_ascfree_icon.png
IP 212.192.14.24:0
File type PNG image data, 68 x 68, 8-bit colormap, non-interlaced\012- data
Hash 6efdd4102d0eed96ceb77502854ebbc2
0f964e51dc3553c8a9935acee7dc2cf640d9dc11
f8ee9002ed3009fd6c0c5d075878782f52c741ebf58238c9e7886ba8a99fb2ab
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/products/ascfreew/products_ascfree_icon.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 1320
Last-Modified: Mon, 19 Sep 2022 10:56:00 GMT
Connection: keep-alive
ETag: "63284ac0-528"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/banner/product-banner-darkblue-bottom.jpg
212.192.14.24200 OK 16 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/banner/product-banner-darkblue-bottom.jpg
IP 212.192.14.24:0
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 1920x600, components 3\012- data
Hash b46f9dfad6296ec9b7fbff6375421e98
775dc9664e03b9efdabf86ad42596e82d62e567d
430ad07488384f64de685edaca6d8ceea8dce827e8a9f825b4077adeb067ea05
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/banner/product-banner-darkblue-bottom.jpg HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/tpl/styles/global.css
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/jpeg
Content-Length: 16021
Last-Modified: Mon, 19 Sep 2022 10:55:48 GMT
Connection: keep-alive
ETag: "63284ab4-3e95"
Accept-Ranges: bytes
spkgruppeonlineidlog.com/tpl/images/media/CNET.png
212.192.14.24200 OK 4.3 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/media/CNET.png
IP 212.192.14.24:0
File type PNG image data, 130 x 130, 8-bit/color RGBA, non-interlaced\012- data
Hash c3612f0b357af74c1960f38d9787724f
dc1bd81bd2426e27e5afb2b6d9c766fe610c5504
f1ad71994be9e33c79d3ef3f79314c0553afb6ba3097d2b9eb23f1a7cf379a16
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/media/CNET.png HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/png
Content-Length: 4345
Last-Modified: Mon, 19 Sep 2022 10:55:57 GMT
Connection: keep-alive
ETag: "63284abd-10f9"
Accept-Ranges: bytes
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/1.1 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash cae538dcce82598fbe43c0bf443e62dd
cc68ac6be9c5e0087a0000e5735b83270ace30f5
954b9e9d9744e1319c51760780a35de2dec353afffac705c2cca6d836a5e056d
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
HTTP/1.1 200 OK
Strict-Transport-Security: max-age=10886400; includeSubDomains; preload
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Content-Encoding: gzip
Cross-Origin-Resource-Policy: cross-origin
Server: Golfe2
Content-Length: 19826
Date: Wed, 21 Sep 2022 08:20:47 GMT
Expires: Wed, 21 Sep 2022 10:20:47 GMT
Cache-Control: public, max-age=7200
Age: 4357
Last-Modified: Sun, 11 Sep 2022 13:50:09 GMT
Content-Type: text/javascript
spkgruppeonlineidlog.com/tpl/images/favicon.ico
212.192.14.24200 OK 1.2 kB URL HTTP/1.1 spkgruppeonlineidlog.com/tpl/images/favicon.ico
IP 212.192.14.24:0
File type MS Windows icon resource - 1 icon, 16x16, 32 bits/pixel\012- data
Hash fe4bf7aeee2044a60a1c90e571da86e4
8e55902176ede5b0338a784abb561d2ca1de9e7f
7ce5ff7d3ca3fa04ac4718ef6433256a44b6181cbf255f68fb248f7ee7b02239
Analyzer Verdict Alert quad9 Sinkholed
GET /tpl/images/favicon.ico HTTP/1.1
Host: spkgruppeonlineidlog.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Cookie: country=36
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Wed, 21 Sep 2022 09:33:24 GMT
Content-Type: image/x-icon
Content-Length: 1150
Last-Modified: Mon, 19 Sep 2022 10:54:59 GMT
Connection: keep-alive
ETag: "63284a83-47e"
Accept-Ranges: bytes
www.google-analytics.com/j/collect?v=1&_v=j97&a=573736913&t=pageview&_s=1&dl=http%3A%2F%2Fspkgruppeonlineidlog.com%2F&ul=en-us&de=UTF-8&dt=Advanced%20SystemCare%20-%20%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0%20Windows%2011%2F10%2F8%2F7%20%7C%20IObit&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAAC~&jid=1227251193&gjid=1325579628&cid=786034783.1663752805&tid=UA-1447202-1&_gid=62230062.1663752805&_r=1&_slc=1&z=105761177
142.250.74.174200 OK 4 B URL HTTP/2 www.google-analytics.com/j/collect?v=1&_v=j97&a=573736913&t=pageview&_s=1&dl=http%3A%2F%2Fspkgruppeonlineidlog.com%2F&ul=en-us&de=UTF-8&dt=Advanced%20SystemCare%20-%20%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0%20Windows%2011%2F10%2F8%2F7%20%7C%20IObit&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAAC~&jid=1227251193&gjid=1325579628&cid=786034783.1663752805&tid=UA-1447202-1&_gid=62230062.1663752805&_r=1&_slc=1&z=105761177
IP 142.250.74.174:0
File type ASCII text, with no line terminators
Hash 9e92e190700c1af4539b40c2171320a9
209bcdb79e6067b51091ce8586d4b977f25b67d8
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
POST /j/collect?v=1&_v=j97&a=573736913&t=pageview&_s=1&dl=http%3A%2F%2Fspkgruppeonlineidlog.com%2F&ul=en-us&de=UTF-8&dt=Advanced%20SystemCare%20-%20%D1%83%D1%81%D0%BA%D0%BE%D1%80%D0%B5%D0%BD%D0%B8%D0%B5%20%D0%B8%20%D0%BE%D1%87%D0%B8%D1%81%D1%82%D0%BA%D0%B0%20%D0%BA%D0%BE%D0%BC%D0%BF%D1%8C%D1%8E%D1%82%D0%B5%D1%80%D0%B0%20Windows%2011%2F10%2F8%2F7%20%7C%20IObit&sd=24-bit&sr=1280x1024&vp=1268x927&je=0&_u=IEBAAEABAAAAAC~&jid=1227251193&gjid=1325579628&cid=786034783.1663752805&tid=UA-1447202-1&_gid=62230062.1663752805&_r=1&_slc=1&z=105761177 HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://spkgruppeonlineidlog.com
date: Wed, 21 Sep 2022 09:33:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&gjid=1325579628&_gid=62230062.1663752805&_u=IEBAAEAAAAAAAC~&z=174448379
142.251.1.157200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&gjid=1325579628&_gid=62230062.1663752805&_u=IEBAAEAAAAAAAC~&z=174448379
IP 142.251.1.157:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&gjid=1325579628&_gid=62230062.1663752805&_u=IEBAAEAAAAAAAC~&z=174448379 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: http://spkgruppeonlineidlog.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Wed, 21 Sep 2022 09:33:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 9baaa3878151bf5d83c8d7014da17e5d
d8952bdd01ddec1d9a5a480f17ff5e39f6bdb037
1734ff9035c0a9c965cb5047e9fdbc2c1184b6c568066e856c6dbf0b8dc51df3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 67b756e82caefc7860b9f2d4a4f40341
adeae15d52089bcca4ca247fc4aebceef8406e34
72ff9f52080a633dc841554f7d4cc70083edd2572b535d84093ae63f0c50b832
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 09:33:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j97&tid=UA-1447202-1&cid=786034783.1663752805&jid=1227251193&_u=IEBAAEAAAAAAAC~&z=1915379034 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 21 Sep 2022 09:33:24 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash fde987c85b17b2242afddd76c3fd3b62
08e87b8185fc39462e6b331d565a864df2fd5865
49bc15e88c546089cc42939f8dc9f7046f1dd98332c31cf52435586bc8ea177c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash bb4bdc4c3c6869c822618f0b9ef1bdc5
6a438b8d9d87aa30e0989ace7fc0d4cafce1f29d
eb762661b0a0ecc4ccdf50229ce134d0062e8d60698b7ed1970c5073b18f31ac
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 21 Sep 2022 09:33:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13209
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13209
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13209
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:25 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 8ebb267e443b81854ef9a01b3eb6489d
b932e9e5679da5a9160da5429458041765509b52
4ac5aa5b4fb4a85282b825c5c0ed7b1aaf2b39ffe77d69dec5123a84709f3fe2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4AC5AA5B4FB4A85282B825C5C0ED7B1AAF2B39FFE77D69DEC5123A84709F3FE2"
Last-Modified: Tue, 20 Sep 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13209
Expires: Wed, 21 Sep 2022 13:13:34 GMT
Date: Wed, 21 Sep 2022 09:33:25 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4d98acc059a69d51165fb5e0c7430ea3
09bd3300d710c3212483159f8398b84cde09da26
6e38bbb5c79c4f714973e10961d7bad9e7ae8711cf24d68b13a77206f474d2a6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa2a425d5-4fbd-4af0-a85b-75f0878759cb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7507
x-amzn-requestid: 2a40c792-8b1b-4476-92de-1fce3df48fc1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCmaHefoAMF4Ow=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e28-6b05350006b7f3fb73d1e37a;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:28 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: rq4QHCD4EubBKHyCj7jyKqpct5d7U33TvNufqj_w8mWunqQsouoh7w==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 32d624dbeb2a8b7f24dbe49007e37c90.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:25:17 GMT
age: 40088
etag: "09bd3300d710c3212483159f8398b84cde09da26"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 34c353f713d6d470480fdeeb5175a123
f073fc7f24465b76b3681c462c60cd047ed67a6a
0449daa32ab4ec32fa999551cc9ab634c46e15891299162cbb4bbaad6ffa4753
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F29be3958-30ed-4b26-8320-662d71b90880.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7700
x-amzn-requestid: 70bc75e2-b2ac-46b1-872d-1527bddf7726
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YcCkEHMCoAMFsGg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63217e19-7da4b1595f325bc864d1cc27;Sampled=0
x-amzn-remapped-date: Wed, 14 Sep 2022 07:09:13 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zL6ZurGjH8nArpKRNenog0dn5IIAyWirefe-WA6YulwYhrtTTn0V4A==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 ead78c395f4bede3ec6cd7ea180e3d3a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:36:39 GMT
age: 39406
etag: "f073fc7f24465b76b3681c462c60cd047ed67a6a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 285c04fe0904d41ab1c0259942fa26ec
3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34
b91184725a4171202201b5478271a3ab361c54a8893b4dee70d941821a2e70a8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb447f31d-2a9a-4657-a829-f79bc662f662.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10293
x-amzn-requestid: 79f60a00-d045-4829-aa8b-d79050cb890d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YfWItGn6oAMFeyA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6322d09d-197e424d3023e2683d291f7c;Sampled=0
x-amzn-remapped-date: Thu, 15 Sep 2022 07:13:33 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: p9HhyeWzmFixsw2Ft2OzcH2rBEhJ6xD1sQPxDAmj41akQVG_AG1xZQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 68fadeb91f97256bb67b03bfca74d830.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Sep 2022 03:13:04 GMT
age: 22821
etag: "3a5ad499b134a33e79d5fe00c7f5c7c098b3ee34"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 14e6ddceb639a5f4875aecb796f95c79
b1cd04a66852694284eeef16a1cde38896e33c03
4c0657a00d7fb4caefa64c28340cad94a306cc393cffe692fcc69c65a80f2391
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4f06ad5e-83fd-449e-b227-1b9d5389e57d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10244
x-amzn-requestid: 71f08b9e-e977-48de-ad60-5192a43db517
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYwBkGqjIAMFz0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202d3d-0af3334d085ca4a764e31bb5;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:11:57 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: e3MMA-NVstIsR7M9_JGH05i1e8pK17RsjyERrSMlC3uoHsWw_7ABtA==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 19:18:32 GMT
age: 51293
etag: "b1cd04a66852694284eeef16a1cde38896e33c03"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
34.120.237.76200 OK 8.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4eb6d1b35f680bfec656941b6167fd23
344c6000dbdafdb5105edc93a082d640c3e95ddc
67fc85fa0f1a55d57ab9db6f4c723fb9116ef3b2c5282dbdd42d9c37396bd7b9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff0461a18-eff3-4de5-b1f6-be49fa5db229.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8826
x-amzn-requestid: cf0c711e-4ec9-4f87-a60f-41374262a114
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YYweUHIyoAMFYQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63202df5-17ad5d4e25a754586e531d05;Sampled=0
x-amzn-remapped-date: Tue, 13 Sep 2022 07:15:01 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: OEbpCQXLpTCDZH4OlzVvvsc-bSgbsIoXRgX6f-nKVwJTL5-SVTCHeA==
via: 1.1 470e3fe246a660ba6ace67a79f78d246.cloudfront.net (CloudFront), 1.1 ee330666adf9f04c8c30094f8ddcd004.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 21:48:37 GMT
age: 42288
etag: "344c6000dbdafdb5105edc93a082d640c3e95ddc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a692964324dbb9c460a1b855808d02e6
1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54
3fa9e780d62fffb635064aeed542c8e04923ff943c6080476836fab6c24e2426
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1874c3ef-e614-4fd9-9d88-b87eac5ea0e6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9201
x-amzn-requestid: 6dbfae76-f9ab-4f31-9b62-bcf5d9ce4515
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: YxzxlEYcoAMFaQQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-632a333d-7d147481402cc46a751b72ed;Sampled=0
x-amzn-remapped-date: Tue, 20 Sep 2022 21:40:13 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JEb0g486u6AjYFbf8rSbreKjh0m1GsAGbvykHl0oahmVN2ciqe5FOw==
via: 1.1 7dcaa43cd0535d889b549e6a30a57aa0.cloudfront.net (CloudFront), 1.1 7e87179efaa9e3c316bd3d3a74cfded8.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Sep 2022 22:14:57 GMT
etag: "1eef1ab0099d09d1cf965b6e7b55fe2aa4e18e54"
content-type: image/jpeg
age: 40708
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ru.iobit.com/getcountry.php?r=0.6257584369760375
162.62.26.130200 OK 39 B URL HTTP/1.1 ru.iobit.com/getcountry.php?r=0.6257584369760375
IP 162.62.26.130:0
ASN #132203 Tencent Building, Kejizhongyi Avenue
File type JSON data\012- , ASCII text, with no line terminators
Hash 84bef882e0ba0b486e42ea2fc74f9d3a
36c550b06a66fd01ef5c0242780c11004628c66d
8be2c5b247ed8fe3c39177096f472079c768b3dd9e162f11f865ae7e588bbfb2
GET /getcountry.php?r=0.6257584369760375 HTTP/1.1
Host: ru.iobit.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Referer: http://spkgruppeonlineidlog.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 21 Sep 2022 09:33:25 GMT
Server: Apache/2.4.38 (Debian)
Content-Length: 39
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
ocsp.godaddy.com/
192.124.249.36200 OK 1.8 kB IP 192.124.249.36:0
Hash 970aca4547518e4cd5985e60d70b124f
551d4a15dffc0af0e07145bfb2cbc7977948cbc7
322d736293133d17fa0afc70d02d979ea1e1de31da87f3af7c33a4e157443d6b
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 21 Sep 2022 09:33:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19036
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 20 Sep 2022 22:09:44 GMT
Expires: Wed, 21 Sep 2022 22:09:44 GMT
ETag: "551d4a15dffc0af0e07145bfb2cbc7977948cbc7"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4c824c8716
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free.min.css?token=4c824c8716
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free.min.css?token=4c824c8716 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spkgruppeonlineidlog.com/
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:24 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"a12ec7ebe75a4d59a5dd6b79e2ba2e16"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f546fae491a152f9c1396e6d0a62bb42.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: JqrqFY3H3R2CDozJ5Z1uWIoVk4qQjEBU8fMzwHtg3xy5EzWW-2W7Yg==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=J6ZcW8xcJPEvUQp9dX4XfGZJMDdntNxeWwxhUmHB9Ejisdj7Ni50GIC0CkU52RdkAiTSL4NEcr2TZo4fIjclAdJpB81XpF79mfyRVPUm%2B5vsv7S322EEiEAbLf6UtyEUxIj0XQw%2F2w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1cc921fff0676-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=4c824c8716
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-font-face.min.css?token=4c824c8716
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free-v4-font-face.min.css?token=4c824c8716 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spkgruppeonlineidlog.com/
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:24 GMT
content-type: text/css
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"f2e0b2680d9b0bcb6e0039c4424e5a59"
cache-control: max-age=31556926
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-allow-headers: fa-kit-token
access-control-max-age: 3000
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdd8daeefcf66738f6e908663e79c33e.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: mxxeoJloKKYt6FG5VgsIJS74_puXqjrshTO5XHlriXmzg_k86UJlqw==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Z7CZIjwEZHVOnJ0%2FHFXNtJZybkRGMQhLWeTKSQsLzunPgAnv%2FdskOJLxH6xAjFun4uZqDbpKKF%2Fv0kDlC%2BbP4nvKoszsvNNaKCRCX%2FMYPKjB83ZP5cIjnrTLidLN1zZf9WndFprwig%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1cc92280a0676-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=4c824c8716
172.64.202.28200 OK 0 B URL HTTP/2 ka-f.fontawesome.com/releases/v5.15.4/css/free-v4-shims.min.css?token=4c824c8716
IP 172.64.202.28:0
GET /releases/v5.15.4/css/free-v4-shims.min.css?token=4c824c8716 HTTP/1.1
Host: ka-f.fontawesome.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://spkgruppeonlineidlog.com/
Origin: http://spkgruppeonlineidlog.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 21 Sep 2022 09:33:24 GMT
content-type: text/css
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
last-modified: Wed, 04 Aug 2021 18:53:09 GMT
etag: W/"76f34b71fc9fb641507ff6a822cc07f5"
cache-control: max-age=31556926
access-control-allow-headers: fa-kit-token
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f40585e1285ddfba696e566c1dd902de.cloudfront.net (CloudFront)
x-amz-cf-pop: LHR50-P1
x-amz-cf-id: aQYBhLyG5tNw98QpFJ9sptKSA5zIjsSURQBAsevmyML5JdpEHaWi8w==
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zDJkpFVETemqi7Ya6shFu1TwZY3d6RIpSafEZf1uXaODAOm6iJ8%2FSqQBqpxTOf4Xg7kAkQby0Gy5C6Qg%2BVkJhSOjMExoC6r5Y1x%2BJB%2BF4TtI9DOQALgGxnmbqmLrKFqwnrgn8vXctQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 74e1cc92280b0676-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2