| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash2d2e7649ce9e9ba6fc8b68aa89352e3c 0153d1d3d830a457043e16bb40d48a0b9ddef4b8 8eed57c91b42ef7b2d5eff1309e306e23e13c3de21219af24a693cbf3e8977fc
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8EED57C91B42EF7B2D5EFF1309E306E23E13C3DE21219AF24A693CBF3E8977FC"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16133
Expires: Tue, 29 Nov 2022 15:22:44 GMT
Date: Tue, 29 Nov 2022 10:53:51 GMT
Connection: keep-alive
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash9408cc0694fcbea57966c3a3ba906092 fddcee1fdcf3209298e41a4b1b5560357fa165f0 6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4050
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 10:53:51 GMT
Last-Modified: Tue, 29 Nov 2022 09:46:21 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hash6d9d34c96b9a826ae5676640c966469c 8052a16d41a637e420478b7de1ff5a2dc951fccd f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2486
Expires: Tue, 29 Nov 2022 11:35:17 GMT
Date: Tue, 29 Nov 2022 10:53:51 GMT
Connection: keep-alive
|
|
| firefox.settings.services.mozilla.com/v1/ | 34.102.187.140 | 200 OK | 939 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/ IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (939), with no line terminators Hash30db107dcf4380cef05efea409c2e6a3 96e6a306fbc07299aba64e5c14e2bfca35872fa9 b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 10:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 2055
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain | 34.160.144.191 | 200 OK | 5.3 kB |
URL HTTP/2content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain IP34.160.144.191:0
File typePEM certificate\012- , ASCII text Hash9ebddc2b260d081ebbefee47c037cb28 492bad62a7ca6a74738921ef5ae6f0be5edebf39 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: j4/kVq/SgM9Eh8z94TkwCwImpknA9tlXh23gzVwAb9ghFwSTcg8lvSTl1x90zJk1hoOxA0w5Z7Q=
x-amz-request-id: CNWEV7QJGC58XCSF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 10:42:28 GMT
age: 683
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| contile.services.mozilla.com/v1/tiles | 34.117.237.239 | 200 OK | 12 B |
URL HTTP/2contile.services.mozilla.com/v1/tiles IP34.117.237.239:0
File typeJSON data\012- , ASCII text, with no line terminators Hash23e88fb7b99543fb33315b29b1fad9d6 a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 10:53:51 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US | 34.102.187.140 | 200 OK | 329 B |
URL HTTP/2firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US IP34.102.187.140:0
File typeJSON data\012- , ASCII text, with very long lines (329), with no line terminators Hash0333b0655111aa68de771adfcc4db243 63f295a144ac87a7c8e23417626724eeca68a7eb 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 10:11:13 GMT
cache-control: public,max-age=3600
age: 2559
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| ocsp.digicert.com/ | 93.184.220.29 | 200 OK | 471 B |
IP93.184.220.29:0
Hash3c8c689bd654417640d85f3da51af313 85123b6d46230a23d03768bf304b386e5d301305 516138ca79703b45e904d32d7dde1c1e9fd35995b9f1bb1331c547542745676d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5913
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 10:53:52 GMT
Last-Modified: Tue, 29 Nov 2022 09:15:19 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471
|
|
| push.services.mozilla.com/ | 35.163.1.35 | 101 Switching Protocols | 0 B |
URL HTTP/1.1push.services.mozilla.com/ IP35.163.1.35:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: iurqJK/k5Bz2m+j30XweLw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: T7ZjbN305RmlB685SkVy3s+POZU=
|
|
| 117.239.200.166/forestportal/admin_login.php | 117.239.200.166 | 200 OK | 5.6 kB |
URL HTTP/1.1117.239.200.166/forestportal/admin_login.php IP117.239.200.166:0 ASN#9829 National Internet Backbone
Hashb1d844d7b2bd32bbb32af5755ea4d8f0 1c8b5bc4475a10a709d350d4ef8912c7aa9524f6 44bce462777d31d8b378d1380f8765a9b95ecb716d8078942b627e4d230ddbc8
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/admin_login.php HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:31 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
X-Powered-By: PHP/5.6.30
Set-Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4; path=/
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Content-Length: 5553
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
|
|
| 117.239.200.166/forestportal/css/elegant-icons-style.css | 117.239.200.166 | 200 OK | 25 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/elegant-icons-style.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (6610) Hash08a9fd9caf72e09d7228b68a6fccab17 95ced882eb8d5285eaef83e85b41e4f22e3be821 728c73d086cf05538aca199b47e25a5b18a0458eefedf9f2687f27ebf25848d9
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/elegant-icons-style.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "62a4-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 25252
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/css/bootstrap.min.css | 117.239.200.166 | 200 OK | 97 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/bootstrap.min.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (65316) Hash1eef50698f66dbeeb6db8aebab2284b1 74ef6e6a0a7f29b92ef9018a39994dcb005b5038 4bd6c08f25d4885791ac1795ff399306dae18d14291902246785f8bb5a2a6a74
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/bootstrap.min.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "17c3b-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 97339
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/css/style-responsive.css | 117.239.200.166 | 200 OK | 7.4 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/style-responsive.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
Hash0e0e05162eb30ca976a4dd2a69706e35 2ae59dc5b7e35df1f29efa8b6946e88faabfa60a 27e875d190345d04d06a0b472e9bcb7cb38681407b5a90e2c14cd4fa11da865e
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/style-responsive.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "1ced-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 7405
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/css/jquery-ui-1.10.4.min.css | 117.239.200.166 | 200 OK | 27 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/jquery-ui-1.10.4.min.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (25375), with CRLF line terminators Hashe3dab474641b0e7aad9888d329819680 dfee4dfe3c798e1f67672a0d43687f3ab5bb6fb8 f4e6779857c006d04a361bc9c566b38ff5bc6aabc375a7826faa7fec8e49c319
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/jquery-ui-1.10.4.min.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "6a92-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 27282
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/css/font-awesome.min.css | 117.239.200.166 | 200 OK | 21 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/font-awesome.min.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (20604) Hashbbfef9385083d307ad2692c0cf99f611 63a234ea4d60f6643a60a4d79e28f291b93c1743 b769324e0921f9f649611113e65f528ebae5e140da8a7e63c5d6ea7bc7a33bc0
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/font-awesome.min.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "511e-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 20766
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/js/jquery.js | 117.239.200.166 | 200 OK | 93 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/jquery.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (32072) Hash841dc30647f93349b7d8ef61deebe411 e0f962936599a6cd266f004b9d04b29d46811483 c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/jquery.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:11 GMT
ETag: "16bb2-56da54e1b59c0"
Accept-Ranges: bytes
Content-Length: 93106
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/css/bootstrap-theme.css | 117.239.200.166 | 200 OK | 125 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/bootstrap-theme.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeassembler source, ASCII text, with very long lines (334), with CRLF line terminators Size125 kB (124660 bytes) Hash13d6c3554deb23e5830ec98f3a7d6f12 84c1e957d57c388e8fe3a7656a6e6ae326d3ef87 992870bb189cf4dc0798a3cde177fceeeb92714b7507bb35ef61854ef07a3929
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/bootstrap-theme.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "1e6f4-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 124660
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/js/bootstrap.min.js | 117.239.200.166 | 200 OK | 28 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/bootstrap.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (27605) Hash9e25e8e29ef0ea358e9778082ffd97d8 75a42212affc118fef849aba4b9326a7da2acda1 54d21b0676784d0c983bbd4093898770adefa932d89b72c8afd88183a19172a7
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/bootstrap.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:10 GMT
ETag: "6c4e-56da54e0c1780"
Accept-Ranges: bytes
Content-Length: 27726
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/js/jquery.validate.min.js | 117.239.200.166 | 200 OK | 21 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/jquery.validate.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeUnicode text, UTF-8 text, with very long lines (20965) Hash35f020dfcbaa069d4a57fe91756ea413 7f4739a4a3d1241b237015dcf0a2038e99159f3a 8f837d63b76db1ba961b2c2136da4233dfb80d6db32644468a32d40241ebf92b
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/jquery.validate.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:11 GMT
ETag: "524c-56da54e1b59c0"
Accept-Ranges: bytes
Content-Length: 21068
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Tue, 29 Nov 2022 11:53:28 GMT
Date: Tue, 29 Nov 2022 10:53:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Tue, 29 Nov 2022 11:53:28 GMT
Date: Tue, 29 Nov 2022 10:53:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Tue, 29 Nov 2022 11:53:28 GMT
Date: Tue, 29 Nov 2022 10:53:53 GMT
Connection: keep-alive
|
|
| r3.o.lencr.org/ | 23.36.76.226 | 200 OK | 503 B |
IP23.36.76.226:0 ASN#20940 Akamai International B.V.
Hasha97c452e75cf1d4833e777d7ba7f2c47 58f15763fd33f742ce870f49f1c2dbed5b41205f 39bb874a415db37a81432942eb84151b0134d1aacaa31d364b6dadae4388c6a1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "39BB874A415DB37A81432942EB84151B0134D1AACAA31D364B6DADAE4388C6A1"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3575
Expires: Tue, 29 Nov 2022 11:53:28 GMT
Date: Tue, 29 Nov 2022 10:53:53 GMT
Connection: keep-alive
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash83c1fedec73299637cc7dc47c48af758 2e3f7326aeea6be8a34bf2c39b34862c07bfdc41 1fea143e23bb0156062f4c06569824900a67ed83cb99fd635d4c4ab968dc65e9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe5e6403-f1a3-4b44-a62d-0e47d56bb08e.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4916
x-amzn-requestid: b8c80a6c-e3f1-4f20-beb8-27b0af760692
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrELFoAMFaeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-155cfb365525173c0ede8adb;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:56 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: Twtw6dO3pjTB9OLi0HliKKCDgCuHRqgtx4PFTczrZQ9f8JztgXZoSg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 f9d716a351f14a0ac1fac2449734849a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:18:11 GMT
age: 27342
etag: "2e3f7326aeea6be8a34bf2c39b34862c07bfdc41"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png | 34.120.237.76 | 200 OK | 10 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash03014221d7f49b50ffc2d1b0a0e75457 772d86ad983042a728ee3490630a9cf1134ad0dd 81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7LVxajVjJ1N2W-jxCmKpYHg1rS1MbrRnAVc15QmM0iH94CH1yJnR0w==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 10:49:18 GMT
age: 275
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg | 34.120.237.76 | 200 OK | 4.9 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hasha4058fd62595d15c58b3d3266de9865a d0dff35eb78f129b5da407043037bcf9c27e55c0 ab996c23d58871a2ad53f0c34688c87f0d7c0eac5d0c1d8265b86951248449fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe059c7ce-454d-453b-aead-18fae338f84c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4871
x-amzn-requestid: e2dfa7b8-ded7-4104-a913-1b84746a3c6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cLDUUEy_oAMFgSQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638118e8-0b229e0f60ff019d26800dd9;Sampled=0
x-amzn-remapped-date: Fri, 25 Nov 2022 19:35:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: qh3WqWdBmMG3fzchn3OvxbEpwm2wl_CXi105CL4uJda47N9ZX3CyLA==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:01:36 GMT
age: 6737
etag: "d0dff35eb78f129b5da407043037bcf9c27e55c0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg | 34.120.237.76 | 200 OK | 9.2 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash5d574c4db20a68295dbd06cb08f5990b 433061bbb226048765a711deca3026ee3e52372f 8cc1a4d18e242f8bfc8ab94637f635b73554b903462c29b06d0ec67872542afb
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffdef9eb6-c1f1-4337-aff8-0986561782c7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9203
x-amzn-requestid: 8cba52d6-3c1c-495c-bb9d-3ba6f0adc7e1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cHcHmGmQoAMF6dQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637fa6fd-73abfa592ff223061401af9a;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 17:16:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: UmhWm03jrsV8dFagrzIA0E-8eL8dykoO5kw3cYOBd172dCGqNdAX-Q==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 36810aa1793ee589dc8c194860296078.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 03:49:48 GMT
age: 25445
etag: "433061bbb226048765a711deca3026ee3e52372f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg | 34.120.237.76 | 200 OK | 11 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash005e5ba3c9588cf389a58195001b64e3 238a7439d887fb3aa7f1302eeb43fce62f08441a d75dd5b6f57d9c9290725c5be76cc7d7a39682ca569bea18eceb9bdc13d444f9
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd18bfa3f-3214-4f84-8a7e-d219428f5242.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10813
x-amzn-requestid: 5a3c9584-1389-45ac-968d-0a2301f82eda
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cR6_KG00oAMFpig=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6383d860-6ffc3ff67f7f7e75399834e8;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 21:36:32 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: JjmOuH9FINSCPZSJ-smjR0PYRhz2SX7htYgJ7B6zLVyTyJCn_vdVzg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 09:11:24 GMT
age: 6149
etag: "238a7439d887fb3aa7f1302eeb43fce62f08441a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg | 34.120.237.76 | 200 OK | 8.6 kB |
URL HTTP/2img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg IP34.120.237.76:0
File typeJPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data Hash4b7d3821d0bd11c196724846a7b9fe22 5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c b4f820555c4daf6e112c1a395bc57e22f0ef8e2e4299a0ffbb54e0bf18c87f47
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1f728a04-45b0-4726-b646-628601e2ebbc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8578
x-amzn-requestid: 4f948bb9-74db-4a5d-927d-a6b893735531
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cFxnWHq-IAMF4LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637efc95-2f9e98ca2dad65a80e2195c2;Sampled=0
x-amzn-remapped-date: Thu, 24 Nov 2022 05:09:41 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: vSvGc0JIh4JOWTlagt4uDD_CDPiWOSfYYEI4lUBPsQb4qJMOEbBcmw==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 23:18:30 GMT
age: 41723
etag: "5b1700fa9cd4f1aaafda28ac28a0e2086fa8499c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| 117.239.200.166/forestportal/javascript/login.js | 117.239.200.166 | 200 OK | 7.8 kB |
URL HTTP/1.1117.239.200.166/forestportal/javascript/login.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with CRLF line terminators Hash6e9dca617b4df9017e0e28c78f9f793e ca83de5b94e32692588908247c53c54e480d9400 3109150f87ce95391ce473f83522a0ad71ca32bc23591f666abdbb2f195bd1ee
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/javascript/login.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Fri, 19 Apr 2019 09:04:39 GMT
ETag: "1e60-586de6894d7c0"
Accept-Ranges: bytes
Content-Length: 7776
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/js/jquery-ui-1.10.4.min.js | 117.239.200.166 | 200 OK | 228 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/jquery-ui-1.10.4.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (64555), with CRLF line terminators Size228 kB (228545 bytes) Hashee3e25937b6e2befd0ddeec4a5b59539 8411a71da134a0da6e8283d090491816dd99cb70 cfdf7010ee8c8f7539c2a808dfb76cbcfa5f3535a4f7dea1be94e85ba12a09bb
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/jquery-ui-1.10.4.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:11 GMT
ETag: "37cc1-56da54e1b59c0"
Accept-Ranges: bytes
Content-Length: 228545
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/javascript/base64.min.js | 117.239.200.166 | 200 OK | 712 B |
URL HTTP/1.1117.239.200.166/forestportal/javascript/base64.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (712), with no line terminators Hash99a9fe301900f37421fb218895f04dd2 bcaa5df5af058e20045840827129a55a11e4e2a9 c0f77daabdad7bd395e89ac104596a6429d42ebeda00abdd903e38b317312ddf
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/javascript/base64.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:34 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Fri, 19 Apr 2019 08:57:14 GMT
ETag: "2c8-586de4e0eae80"
Accept-Ranges: bytes
Content-Length: 712
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/css/style.css | 117.239.200.166 | 200 OK | 100 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/style.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with CRLF line terminators Size100 kB (100545 bytes) Hash7f431a65605dd41aabc6031551484d42 822a45a3b2f1f3ac92074580dd3ba83131dd195e 4e684cc7a2e741a41d7f1c436b12236e10a5bae3d6d1f606520d38eebe7a2b02
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/style.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:32 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Fri, 17 Jul 2020 12:29:09 GMT
ETag: "188c1-5aaa24db9cf40"
Accept-Ranges: bytes
Content-Length: 100545
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
|
|
| fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic | 142.250.74.10 | 200 OK | 471 B |
URL HTTP/1.1fonts.googleapis.com/css?family=Lato:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic IP142.250.74.10:0
Hash0c25875b36f3fb245e7c2fd59057d479 8135703d160ed58535e2bc51db78aefb9a8b3907 a4b87ce4891dff7fbf8e40b1ed386c531b7488b23a9cd07d8b2ccd63c7d1d945
GET /css?family=Lato:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/
HTTP/1.1 200 OK
Content-Type: text/css; charset=utf-8
Access-Control-Allow-Origin: *
Timing-Allow-Origin: *
Link: <http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires: Tue, 29 Nov 2022 10:53:54 GMT
Date: Tue, 29 Nov 2022 10:53:54 GMT
Cache-Control: private, max-age=86400
Cross-Origin-Opener-Policy: same-origin-allow-popups
Cross-Origin-Resource-Policy: cross-origin
Content-Encoding: gzip
Transfer-Encoding: chunked
Server: ESF
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
|
|
| 117.239.200.166/forestportal/js/form-validation-script.js | 117.239.200.166 | 200 OK | 437 B |
URL HTTP/1.1117.239.200.166/forestportal/js/form-validation-script.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with CRLF line terminators Hashdb759b1bd6cf8d3910ed2394ffa6b16e dd834e3d0da0311074580c9a5da0844249c4dc47 70a683ff900df4a8e178132cb1c80ddf86cc10ca13e9ef68034c951fb1d6702c
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/form-validation-script.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:34 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:10 GMT
ETag: "1b5-56da54e0c1780"
Accept-Ranges: bytes
Content-Length: 437
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/css/line-icons.css | 117.239.200.166 | 200 OK | 3.0 kB |
URL HTTP/1.1117.239.200.166/forestportal/css/line-icons.css IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with CRLF line terminators Hash64c96aee2af7694323d16684c56ee973 fb6af3184c4ca7fd1ef53e7ab1d3b67490745560 79e7d240c5014f05f46363959229a58085f04b39261f2c232b3085799b7bee4a
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/css/line-icons.css HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/css/style.css
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:34 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:08 GMT
ETag: "ba4-56da54ded9300"
Accept-Ranges: bytes
Content-Length: 2980
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css
|
|
| 117.239.200.166/forestportal/js/jquery-1.8.3.min.js | 117.239.200.166 | 200 OK | 94 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/jquery-1.8.3.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (65482), with CRLF line terminators Hashe1288116312e4728f98923c79b034b67 8b6babff47b8a9793f37036fd1b1a3ad41d38423 ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/jquery-1.8.3.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:34 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:11 GMT
ETag: "16dc5-56da54e1b59c0"
Accept-Ranges: bytes
Content-Length: 93637
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| 117.239.200.166/forestportal/js/jquery-ui-1.9.2.custom.min.js | 117.239.200.166 | 200 OK | 238 kB |
URL HTTP/1.1117.239.200.166/forestportal/js/jquery-ui-1.9.2.custom.min.js IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeASCII text, with very long lines (64558) Size238 kB (237802 bytes) Hashd88fcd6873a42aa827c24b40f208d65c 0c15f14f2442c2e42d04457bc3e1942602815905 11c99c736a97c231aece839e82155c68b334c74443b4972070c003ccd994d5ab
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/js/jquery-ui-1.9.2.custom.min.js HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:33 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:11 GMT
ETag: "3a0ea-56da54e1b59c0"
Accept-Ranges: bytes
Content-Length: 237802
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
|
|
| fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 | 216.58.207.195 | 200 OK | 24 kB |
URL HTTP/1.1fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data Hashe1b3b5908c9cf23dfb2b9c52b9a023ab fcd4136085f2a03481d9958cc6793a5ed98e714c 918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://117.239.200.166
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23580
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 18:20:17 GMT
Expires: Wed, 22 Nov 2023 18:20:17 GMT
Cache-Control: public, max-age=31536000
Age: 578019
Last-Modified: Tue, 26 Apr 2022 15:48:56 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 23 kB |
URL HTTP/1.1fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23236, version 1.0\012- data Hash716309aab2bca045f9627f63ad79d0bf 38804233a29aaf975d557fe14e762c627bef76e0 115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
GET /s/lato/v23/S6u9w4BMUTPHh7USSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://117.239.200.166
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23236
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Wed, 23 Nov 2022 08:19:08 GMT
Expires: Thu, 23 Nov 2023 08:19:08 GMT
Cache-Control: public, max-age=31536000
Age: 527688
Last-Modified: Tue, 26 Apr 2022 16:04:12 GMT
Content-Type: font/woff2
|
|
| fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 | 216.58.207.195 | 200 OK | 23 kB |
URL HTTP/1.1fonts.gstatic.com/s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 IP216.58.207.195:0
File typeWeb Open Font Format (Version 2), TrueType, length 23040, version 1.0\012- data Hashde69cf9e514df447d1b0bb16f49d2457 2ac78601179c3a63ba3f3f3081556b12ddcaf655 c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
GET /s/lato/v23/S6u9w4BMUTPHh6UVSwiPGQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://117.239.200.166
Connection: keep-alive
Referer: http://fonts.googleapis.com/
HTTP/1.1 200 OK
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="apps-themes"
Report-To: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
Timing-Allow-Origin: *
Content-Length: 23040
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Tue, 22 Nov 2022 17:29:29 GMT
Expires: Wed, 22 Nov 2023 17:29:29 GMT
Cache-Control: public, max-age=31536000
Age: 581067
Last-Modified: Tue, 26 Apr 2022 15:56:42 GMT
Content-Type: font/woff2
|
|
| 117.239.200.166/forestportal/img/mfdlogo.jpg | 117.239.200.166 | 200 OK | 41 kB |
URL HTTP/1.1117.239.200.166/forestportal/img/mfdlogo.jpg IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeJPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=6, software=Microsoft Office], baseline, precision 8, 337x406, components 3\012- data Hash1d94fdb8b39374719124abc8f2ed3849 4792862b5fa4d9ff29e1e27756a814c1791b57f7 7a89e6bb2ab4842b3b121bc06d32f3febdee2b400cb03a5b02b71c9a73be0732
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/img/mfdlogo.jpg HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/admin_login.php
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:36 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:10 GMT
ETag: "a16e-56da54e0c1780"
Accept-Ranges: bytes
Content-Length: 41326
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/jpeg
|
|
| 117.239.200.166/forestportal/fonts/fontawesome-webfont.woff?v=4.1.0 | 117.239.200.166 | 200 OK | 84 kB |
URL HTTP/1.1117.239.200.166/forestportal/fonts/fontawesome-webfont.woff?v=4.1.0 IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeWeb Open Font Format, TrueType, length 83760, version 1.0\012- data Hashfdf491ce5ff5b2da02708cd0e9864719 7f2f3c55c2de192387c351b995115f6b79e09173 66db52b456efe7e29cec11fa09421d03cb09e37ed1b567307ec0444fd605ce31
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/fonts/fontawesome-webfont.woff?v=4.1.0 HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/css/font-awesome.min.css
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:36 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:09 GMT
ETag: "14730-56da54dfcd540"
Accept-Ranges: bytes
Content-Length: 83760
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/font-woff
|
|
| 117.239.200.166/forestportal/fonts/ElegantIcons.woff | 117.239.200.166 | 200 OK | 64 kB |
URL HTTP/1.1117.239.200.166/forestportal/fonts/ElegantIcons.woff IP117.239.200.166:0 ASN#9829 National Internet Backbone
File typeWeb Open Font Format, CFF, length 63664, version 1.0\012- data Hashfdd9e757bf61675343dcf55100422b84 f9be87fa2d1d4a95e8305afb51778db4bc759fbc be1825e52a0dc7df04df9322f62abe2a2f2a25d98aac186de0140dfc7f6bdcae
Analyzer | Verdict | Alert | quad9 | Sinkholed | |
GET /forestportal/fonts/ElegantIcons.woff HTTP/1.1
Host: 117.239.200.166
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://117.239.200.166/forestportal/css/elegant-icons-style.css
Cookie: PHPSESSID=8ba4diimjoo4g2dokco52tcne4
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 11:01:36 GMT
Server: Apache/2.4.6 (Red Hat Enterprise Linux) OpenSSL/1.0.2k-fips PHP/5.6.30
Last-Modified: Sat, 02 Jun 2018 09:27:09 GMT
ETag: "f8b0-56da54dfcd540"
Accept-Ranges: bytes
Content-Length: 63664
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/font-woff
|
|