2.42.138.122/
2.42.138.122200 OK 150 B IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 0effb8a35e461271106d475a47d138c3
103f3b9b8e6f3818db66f9db6c76015f4087459c
33c8c654acd24a322d64a1392ead7ae780d55e3ea398cd5d15f0cce21d293482
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET / HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:15 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Oct 2016 11:35:00 GMT
ETag: "9f-53e9544456100-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:15 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 150
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash d4e95d0d8982bcd07804baf6fc88231c
5027abda0875bd2529dd4d6691784c74da71a9ee
373799b5749d2cb08b5721699a3e4c6b94b0d41604ac07d4ef7179e47dabc71f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "373799B5749D2CB08B5721699A3E4C6B94B0D41604AC07D4EF7179E47DABC71F"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12072
Expires: Fri, 03 Feb 2023 01:18:43 GMT
Date: Thu, 02 Feb 2023 21:57:31 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ec47f9eed203ae063b9c210009de54a9
19ff156471b9cffbc2432c5b65543bdd18e36271
3974208ce1840f6c9467287b7e220379ed881d76db64939f411dbc500c103d48
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3974208CE1840F6C9467287B7E220379ED881D76DB64939F411DBC500C103D48"
Last-Modified: Thu, 02 Feb 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10036
Expires: Fri, 03 Feb 2023 00:44:47 GMT
Date: Thu, 02 Feb 2023 21:57:31 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 02 Feb 2023 21:43:32 GMT
content-type: application/json
age: 839
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9a76feabb767086ae0fa54e0ffbf763f
3655d78994a1e9838340669462728b67c8c12e54
bf215ab858c7785b7c01f7d3d437a918f056f00fe9b065820e1cdd09b7bba8f9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BF215AB858C7785B7C01F7D3D437A918F056F00FE9B065820E1CDD09B7BBA8F9"
Last-Modified: Wed, 01 Feb 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13043
Expires: Fri, 03 Feb 2023 01:34:54 GMT
Date: Thu, 02 Feb 2023 21:57:31 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: PBv4t++X9sqrrTbFzsgi1075nyyZgtUvxdOxakr3/bV756QENfgzNaIMdZz6Dm/p64mn5OvozZE=
x-amz-request-id: 40YQNVQ86TTNFDJ0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 02 Feb 2023 21:52:08 GMT
age: 323
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 02 Feb 2023 21:57:31 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
2.42.138.122/www/
2.42.138.122200 OK 6.3 kB IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1320)
Hash 425d3e9159d0774e10d0cb806f769fa8
297659f4c1c1477f580b9b7a90848205ed9698bb
87021c7c8ead16f63536cf7326852faf8d2aa1bbb8e08a11dabdaf287c862242
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/ HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:15 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
set-cookie: tpsid_80=3269ca5618271adb2da9776c1d24cd0a; path=/www; samesite=Lax; httponly
tpsid_80=3269ca5618271adb2da9776c1d24cd0a; path=/www; samesite=Lax; expires=Thu, 01-Jan-1970 00:00:00 GMT; httponly
tpsid_80=9cf7d633738f280e508b750b5a4366c0; path=/www; samesite=Lax; httponly
tpsid_80=2b76dd54048001f11a94b6b5e66ab5d9; path=/www; samesite=Lax; httponly
tpsid_80=2b76dd54048001f11a94b6b5e66ab5d9; path=/www; samesite=Lax; expires=Thu, 01-Jan-1970 00:00:00 GMT; httponly
expires: Sun, 19 Nov 1978 05:00:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache="set-cookie"
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
2.42.138.122/www/enc_url?u=JIJOsxTkuoy1Mu_2ljBJ5NL_tT32va8ApeQMFazxTXHa3D4sOuSSEYOCNTWPwm4jEtoPlbsZkpOTTspW-5wPcLLg6GB1aDaBiMPHQIxtNp8UqrPlcgEZ1mfn_LFnwLrv5SOoldrAs2WGuW9dl86wuekLHdAx
2.42.138.122200 OK 26 kB URL HTTP/1.1 2.42.138.122/www/enc_url?u=JIJOsxTkuoy1Mu_2ljBJ5NL_tT32va8ApeQMFazxTXHa3D4sOuSSEYOCNTWPwm4jEtoPlbsZkpOTTspW-5wPcLLg6GB1aDaBiMPHQIxtNp8UqrPlcgEZ1mfn_LFnwLrv5SOoldrAs2WGuW9dl86wuekLHdAx
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type assembler source, ASCII text, with very long lines (25316)
Hash 783c4943db5e0b363f09705c8fa287cf
ce86af7c238d07f415e41575df8d8c68013bf268
9427ba55fa6909bb0806bd1120f270076fd6dc0d746a80ec76e30535227d38e7
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=JIJOsxTkuoy1Mu_2ljBJ5NL_tT32va8ApeQMFazxTXHa3D4sOuSSEYOCNTWPwm4jEtoPlbsZkpOTTspW-5wPcLLg6GB1aDaBiMPHQIxtNp8UqrPlcgEZ1mfn_LFnwLrv5SOoldrAs2WGuW9dl86wuekLHdAx HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:15 GMT
Server: Coruscant
Content-Length: 25463
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:15 GMT
etag: 9c2b4849466360b5e50d7aaae280cd69_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
2.42.138.122/www/_libs/_skin/_fonts/css/lookfeel/normal.css?v=20200100&sv=
2.42.138.122200 OK 3.7 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/_fonts/css/lookfeel/normal.css?v=20200100&sv=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (21750), with no line terminators
Hash fb42872c751be3a65f61fd161972cd8c
924dd217386555191e24bc424da646cd10d219d8
da5da43ee452310046fb2a1c9fdc1616ce28ee0793751a371668e81e24731e65
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/_fonts/css/lookfeel/normal.css?v=20200100&sv= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:01:58 GMT
ETag: "54f6-5a10a06b7b180-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3729
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
2.42.138.122/www/_libs/_skin/iconfont/material-icons.css
2.42.138.122200 OK 326 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/iconfont/material-icons.css
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (670), with no line terminators
Hash d8dce99f33bdb6e3a71ff097eb6a5f29
2e7d154d4ca96ae2c349abc9b4578947d48e2f66
78e821e87f52f9d15150e9f3fb0ce293b7983083d0a96cab68c6412b62280b93
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/iconfont/material-icons.css HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:01:58 GMT
ETag: "29e-5a10a06b7b180-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 326
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
2.42.138.122/www/_libs/_skin/overrides.d/TS_overrides.css?v=20200100&sv=
2.42.138.122200 OK 2.6 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/overrides.d/TS_overrides.css?v=20200100&sv=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (16201), with no line terminators
Hash cad844970863db2801f2254acf9e4c3c
a8de0e215151289dd5c363073fb7b06af519adae
cb10729df6b11bb5689223b34e8db1490459ebc8bb602b3c7ecf436d7fe8b6f5
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/overrides.d/TS_overrides.css?v=20200100&sv= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:01:58 GMT
ETag: "3f49-5a10a06b7b180-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2584
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
2.42.138.122/www/_libs/_skin/smartdesktop/TS_smartdesktop.css?v=20200100&sv=
2.42.138.122200 OK 6.9 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/smartdesktop/TS_smartdesktop.css?v=20200100&sv=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (40128), with no line terminators
Hash 90c18d7ded77e72db054b6703224a8ec
df46b7c7ab9c7fd8eb70cdd0a6d4f3f903be78ed
8ca2587942f621c5f7ddd0ad9d55185d2aea3dfe0bd16fb41a0c6fe357bd7a66
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/smartdesktop/TS_smartdesktop.css?v=20200100&sv= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:01:58 GMT
ETag: "9cc0-5a10a06b7b180-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6887
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
2.42.138.122/www/enc_url?u=JItPtBTqtoe2OYKGzjBJvKLMsDbn4d88qeYDHqv-WGrHgXI2eOOZE4rQYnqAiX91FNxLmLsZkJKTT9wHsI1Zc_-uuDw-eWCdjt6O
2.42.138.122200 OK 300 B URL HTTP/1.1 2.42.138.122/www/enc_url?u=JItPtBTqtoe2OYKGzjBJvKLMsDbn4d88qeYDHqv-WGrHgXI2eOOZE4rQYnqAiX91FNxLmLsZkJKTT9wHsI1Zc_-uuDw-eWCdjt6O
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (400)
Hash f245c876dee56f0933da192b65127b73
09f1cdb74ebba8e0a2c13e5f9802d37535faacf5
a6687b7130b78e5b151e68461c04f599a8f64e7fba2e2936cf098be23abaf66c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=JItPtBTqtoe2OYKGzjBJvKLMsDbn4d88qeYDHqv-WGrHgXI2eOOZE4rQYnqAiX91FNxLmLsZkJKTT9wHsI1Zc_-uuDw-eWCdjt6O HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
Content-Length: 300
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:16 GMT
etag: 78cd6a120d1c543e715c034781e04b5a_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
2.42.138.122/www/_libs/_skin/mdl/TS_material.min.css
2.42.138.122200 OK 20 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/mdl/TS_material.min.css
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 38efd28b1353e36ee94e3c596ed3b577
0b73dfec74dfe321d64ef133f40984caf520270f
bf3a98adfed797939aa3d562a60ad9ba9f6e76ddf18cbc68b1ed92b897b3182e
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/mdl/TS_material.min.css HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:01:58 GMT
ETag: "21a34-5a10a06b7b180-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 19768
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 02 Feb 2023 21:07:19 GMT
age: 3012
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
2.42.138.122/www/_libs/_widgets/_jslib.d/js/mdl/material.min.js
2.42.138.122200 OK 12 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/mdl/material.min.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (32031)
Hash 72a9575e13803b9947ebaa2bf986598d
c1da76444c5008cbc80053e71696d7416b5187fc
3dcabc61a9bea1ae3f49a3910f16c25aa599faf346dbd18806b01a35df91ebdf
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/mdl/material.min.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:49 GMT
ETag: "f38d-5a109e5fe9e40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 11481
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/moment/moment.min.js
2.42.138.122200 OK 17 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/moment/moment.min.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (51265), with no line terminators
Hash 2cdad74deb88a8d1843dc1d3ed3fa410
897b216b8b2bb2fbb9820bd657587951e18b127e
eb8326c8ff3af54318bef2d633176aec3dbe9495bc3a94b48d86afff33d5216a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/moment/moment.min.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:49 GMT
ETag: "c841-5a109e5fe9e40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16626
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/jquery/jquery.min.js
2.42.138.122200 OK 34 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/jquery/jquery.min.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (32077)
Hash 670251cff327313e8dbec9da32c2f0fa
46ef7a792edbce7ad496efe3c29515e6c6279a1a
7ce7c8d765c062f5c0969f9f3feeb974d42c3506c2f62f2e57d0f010a500706f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/jquery/jquery.min.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:49 GMT
ETag: "17b83-5a109e5fe9e40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 33692
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/enc_url?u=PY9EsRXkvo3bJMeulmhhp-Txr3Da8Z8OqOAAHbb_SzHEwm0xdr7KHcmMPyzakjJ8UtNJmLgZkIXCEopdrotf
2.42.138.122200 OK 2.9 kB URL HTTP/1.1 2.42.138.122/www/enc_url?u=PY9EsRXkvo3bJMeulmhhp-Txr3Da8Z8OqOAAHbb_SzHEwm0xdr7KHcmMPyzakjJ8UtNJmLgZkIXCEopdrotf
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (1624)
Hash 57fc33bcc76085740528bc9127236f4b
ccb3fd6242b96c6254ec603399cda5b1729154e8
22bb19a26a1f976a830a7f437b00cb24a8ef0b662871877a8dbb368d1cb7866a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=PY9EsRXkvo3bJMeulmhhp-Txr3Da8Z8OqOAAHbb_SzHEwm0xdr7KHcmMPyzakjJ8UtNJmLgZkIXCEopdrotf HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
Content-Length: 2941
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:16 GMT
etag: 144885682674168f3eeb971f376d669c_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
2.42.138.122/www/enc_url?u=JIJIvxrlt4m0Oe_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7Kbp2CJS-ElmYgBI5fyeRZm9WeTcpU7c1TMLm1_zAjMiiHjg==
2.42.138.122200 OK 8.7 kB URL HTTP/1.1 2.42.138.122/www/enc_url?u=JIJIvxrlt4m0Oe_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7Kbp2CJS-ElmYgBI5fyeRZm9WeTcpU7c1TMLm1_zAjMiiHjg==
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type Unicode text, UTF-8 text, with very long lines (2895)
Hash e47e890d22aec96f2d2f7e423d7e4fe5
b4f89eac3bb37128433e098568637a35d9d12106
507dfdbb20520d5a26f696504b615e17f0923caed49c882bd4bbe6df6feac920
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=JIJIvxrlt4m0Oe_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7Kbp2CJS-ElmYgBI5fyeRZm9WeTcpU7c1TMLm1_zAjMiiHjg== HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
Content-Length: 8742
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:16 GMT
etag: 6917b551b0d5fdbb654a9c927d901464_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
2.42.138.122/www/_libs/_widgets/_jslib.d/js/moment/moment-timezone-with-data.min.js
2.42.138.122200 OK 25 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/moment/moment-timezone-with-data.min.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (65381)
Hash 12e9a9328ac9671224df1edefb3632e6
7f8ecb434f8cc342bcda1fcb8770a78b11935bec
a883ba37c6048b0c9462041a4b4d836c8c72ca8c3b7be432d0975d51d3d4487f
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/moment/moment-timezone-with-data.min.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:49 GMT
ETag: "2cf7a-5a109e5fe9e40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 25259
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/enc_url?u=JIxFsBnkuImzP-_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8A=
2.42.138.122200 OK 77 kB URL HTTP/1.1 2.42.138.122/www/enc_url?u=JIxFsBnkuImzP-_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8A=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash 642a4e6aa1ff9602563d76b6e88b4d2d
02c4597cd0dbf62a28d3cc242bd9de7041f7c0b3
237419bae80baf555c33aeab37c064a659a2278cbbb653e20615febdc7b86fd8
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=JIxFsBnkuImzP-_2ljBJ5NL_tT32va8ApeQMFazxTXHa3Dcsdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8A= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
Content-Length: 76915
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:16 GMT
etag: 563c07f113ab6b3b7196af2411600c66_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript; charset=utf-8
2.42.138.122/www/_libs/_static/ts-sso.js
2.42.138.122200 OK 2.1 kB URL HTTP/1.1 2.42.138.122/www/_libs/_static/ts-sso.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash 83c40d77b36ccb78ba1b59c3e4ce0810
3d65842c9811d79c005075cfdfa7ddd912862a66
3b0ce2bc4a6c40dbdc263e464f75f452ace77b7e5ea262f1a992beeaa0a6abdd
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_static/ts-sso.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:48 GMT
ETag: "27fe-5a109e5ef5c00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2052
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_static/jquery.signalR-2.2.2.js
2.42.138.122200 OK 503 B URL HTTP/1.1 2.42.138.122/www/_libs/_static/jquery.signalR-2.2.2.js
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash 8913af0be619500295008bb91f506660
a7b8068ba9aa506205a295b24458c2616997a0d1
6a9838d00256431807ca382fc205064b07c08d5054f2895c2ae3cc4e9094179a
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_static/jquery.signalR-2.2.2.js HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 09:52:48 GMT
ETag: "1e2b8-5a109e5ef5c00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 23496
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_skin/lookfeel.d/new/images/rebrand2019/loginlogos/5059_logo.png
2.42.138.122200 OK 11 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/new/images/rebrand2019/loginlogos/5059_logo.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 400 x 71, 8-bit/color RGBA, non-interlaced\012- data
Hash ef24955dadf0d25d3977c96e8620c36f
ffbdd14db8a1ffc808d7907d86fd2fc09deff269
b3bcc13b415f3eda5ff07fa6e63697658160dd89e63b5d98430e0d7c7d7e0499
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/new/images/rebrand2019/loginlogos/5059_logo.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:38 GMT
ETag: "2a3c-5a0f445427180"
Accept-Ranges: bytes
Content-Length: 10812
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/close.png?v=20200100&sv=
2.42.138.122200 OK 3.0 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/close.png?v=20200100&sv=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash cc5e3d7165f748d5d60ed06b16083cb0
e6ea23aa7a8de149b878aa5e29e9a1b96cea0fa5
8e8f36caf48d08755a46bf52b9b227d53278c3d31118f23bf90cfbfbe5e4dad1
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/close.png?v=20200100&sv= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "baa-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 2986
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_static/assets/svg/security-badge.svg
2.42.138.122200 OK 895 B URL HTTP/1.1 2.42.138.122/www/_libs/_static/assets/svg/security-badge.svg
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 30a82863ae2ee5e7e0a9201a0156fe0c
f10eb0a088a01720b9fc21f70b15493b220fed0c
672761428dcac4a6c6dfd881f900c0627b56ab1c30ecb8ff89df147866776876
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_static/assets/svg/security-badge.svg HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:38 GMT
ETag: "63d-5a0f445427180-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 895
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: image/svg+xml
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol1.js?v=20200100&sv=&v=20200100&sv=&l=it
2.42.138.122200 OK 1.7 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol1.js?v=20200100&sv=&v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (570)
Hash 1c4e551f0776c8397c867b2c3a2b8bff
46c99ad1d3040c5ee942be009ab540b114df25fc
5472a78a93df9d1aac3e64d73307fd441280adb6a59effd397b899e9a779fd22
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol1.js?v=20200100&sv=&v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:44 GMT
ETag: "12c5-5a10a09759900-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1681
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/nls/dojo_ROOT.js?v=20200100&sv=&l=it
2.42.138.122200 OK 1.8 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/nls/dojo_ROOT.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (536)
Hash 2545b309431489a70525cd28d131773c
d9f1f7af89cf4ec1bf2ecfea977941ac4b096cdd
6ecc4508a19408aedec5a718119ff2f1ef61c43636dd2ca04889e2c214700a11
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/nls/dojo_ROOT.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:09 GMT
ETag: "1a36-5a10a075f8a40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1800
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_skin/_fonts/Roboto/Roboto-Regular-webfont.woff
2.42.138.122200 OK 25 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/_fonts/Roboto/Roboto-Regular-webfont.woff
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type Web Open Font Format, TrueType, length 25020, version 1.0\012- data
Hash 3e5675c89f974f7811eeaf07e2dd5ba3
99d93e1e3636f86c85b0c7c4da2077b4f1ee010c
a1e5b0dd9cd90fe3ef3e24aea202819ee74693d62c00bac8e3fb7c837d8adbfe
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_skin/_fonts/Roboto/Roboto-Regular-webfont.woff HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_skin/overrides.d/TS_overrides.css?v=20200100&sv=
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "61bc-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 25020
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: font/woff
2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
2.42.138.122200 OK 6.2 kB URL HTTP/1.1 2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (3291)
Hash 720ac09aee502aa803a366a3ff4ae94b
ae2052fe125b497408c5d2b2297d6f0451a8495d
1da6c01b37c73874d62f956cc31d719d427a125b53f7e68f312111cc713c1ffb
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_auth/ui/redirect/tsid_index HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
expires: Sun, 19 Nov 1978 05:00:00 GMT
pragma: no-cache
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/currency.js?v=20200100&sv=&l=it
2.42.138.122200 OK 279 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/currency.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (474)
Hash e6713fd4b930bb5bd12dcf18064acc50
5c0b7fd32be3885ba1f0135a625796b36be1e2d2
8a1cbfd748f03ffd61506d23b9718959431c9aee8ad6e233b2ab87c2ee19b4b2
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/currency.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:13 GMT
ETag: "1e4-5a10a079c9340-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 279
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/gregorian.js?v=20200100&sv=&l=it
2.42.138.122200 OK 1.4 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/gregorian.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (611)
Hash b1f866e0c21cb7e0c60c8b1b8bc626ab
ba621a25f61dcccd271cf645bf10b67a49876d6c
7ba98ac31a2ec71cbb4b8b89a9cf4acbb06d22718061341ac49cda3aff7e3250
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/gregorian.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:22 GMT
ETag: "1370-5a10a0825e780-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1402
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/number.js?v=20200100&sv=&l=it
2.42.138.122200 OK 267 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/number.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (395)
Hash 0b9c78725cbe17157d747111b4319ef2
86605bb7b3a84e6816f8cd860e52763da4c02617
3d238024d15f4a4e4507895a5f76dc6fed7b30a79850d555e500eca6b6ae07dc
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/cldr/nls/it/number.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:22 GMT
ETag: "195-5a10a0825e780-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 267
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/themes/tundra.css?v=20200100
2.42.138.122200 OK 20 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/themes/tundra.css?v=20200100
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (65536), with no line terminators
Hash 511af2c110319f921e6a5d4911b0b640
ad8d7ca91ffd7a43ac489d15f52e8ac576685374
fd696870a13c6b9f0ffbf31dabddc5e0a93965c7312f93bbedaa018b0c4ca999
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/themes/tundra.css?v=20200100 HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:04 GMT
ETag: "2a2d3-5a10a07133f00-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 20370
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: text/css
2.42.138.122/www/_libs/_static/assets/images/cities/pescara.jpg
2.42.138.122200 OK 390 kB URL HTTP/1.1 2.42.138.122/www/_libs/_static/assets/images/cities/pescara.jpg
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 2000x1200, components 3\012- data
Size 390 kB (389579 bytes)
Hash 94894b702913819d0e1baeb88935caaa
65659a1cf6c5d007caad4645a64b3667a3f50655
6ca58e5eb0f63203646d06b06be2c18acedf4989f2a659b0b7dc29f5a70e4540
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_static/assets/images/cities/pescara.jpg HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_skin/overrides.d/TS_overrides.css?v=20200100&sv=
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:38 GMT
ETag: "5f1cb-5a0f445427180"
Accept-Ranges: bytes
Content-Length: 389579
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/jpeg
2.42.138.122/www/enc_url?u=JIJIshziu4u2VJ-uljARlOH6viyqzZMMp-sHEqPkVmyHkC4sdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8BEYeTjpSluZTSe2NGfSY8kPJQB9LGmZBgBiGTntvMjkvu9_nTp0s2R-mqfuj1BnZ32
2.42.138.122200 OK 24 kB URL HTTP/1.1 2.42.138.122/www/enc_url?u=JIJIshziu4u2VJ-uljARlOH6viyqzZMMp-sHEqPkVmyHkC4sdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8BEYeTjpSluZTSe2NGfSY8kPJQB9LGmZBgBiGTntvMjkvu9_nTp0s2R-mqfuj1BnZ32
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type assembler source, ASCII text, with very long lines (25316)
Hash f4e12baa17c8156bcaff11fdb7db4d5b
a2e3838aa316466ded3f64473f3a4e3d9e91e3d9
a3ba680b94881e5757f6894c5b4afd843c005a65c0a9bbcd3eb4cc3370321c0c
Analyzer Verdict Alert fortinet Malware
quad9 Sinkholed
GET /www/enc_url?u=JIJIshziu4u2VJ-uljARlOH6viyqzZMMp-sHEqPkVmyHkC4sdr7KCo6AImeX2T1-UNFJmbkZhsLOD8EVq8BEYeTjpSluZTSe2NGfSY8kPJQB9LGmZBgBiGTntvMjkvu9_nTp0s2R-mqfuj1BnZ32 HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
Content-Length: 24151
X-Content-Type-Options: nosniff, nosniff
content-encoding: gzip
expires: 0
last-modified: Thu, 02 Feb 2023 22:57:16 GMT
etag: 9b38dea53ecfb1ecf336e005fc065b26_gz
pragma: public
cache-control: max-age=2592000
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/css; charset=utf-8
2.42.138.122/favicon.ico
2.42.138.122200 OK 18 kB IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type MS Windows icon resource - 4 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash ff2b09997ab9ec95f82c1339e242070a
d7ea7a17111c3352219ef922ec996480e324c0b0
9b5a9cf763896b8e5b7deb1680c6efff8fda527e4d8d1e02cd3777996bd4d737
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 11 Oct 2016 11:35:00 GMT
ETag: "4486-53e9544456100"
Accept-Ranges: bytes
Content-Length: 17542
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/x-icon
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/wait.gif
2.42.138.122200 OK 673 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/wait.gif
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type GIF image data, version 89a, 16 x 16\012- data
Hash a390882f5ddd74a1cb4f0b97f4d7cce6
317818655f2c23be920bcb5d11bdf5c7360c4379
a8e449eaa63a9ed83717334702706da628c799c7dff0aa8aa3ac83e881c1bbab
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/wait.gif HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "2a1-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 673
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: image/gif
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/warning.png
2.42.138.122200 OK 588 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/warning.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 258295bc076fa247e45a7a82bb6feb0c
b2b42ad1d872e5176cdeec2228b6f96d6817993a
621f876fb2903b81e9c1edabd7c1e6978a93b6a17da437e6222ae1c8a87ae533
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/warning.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "24c-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 588
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/info.png
2.42.138.122200 OK 3.2 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/info.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 880b4772d93af303cf4547f139d30c8e
90c93ff3be62383198d1186136211a6cc38a32bd
43157540a8a0288824f4a9b3c06f1e39033e1cf693284c1c6b69e6c1aef2fe41
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/info.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "c9e-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 3230
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/none.png?v=20200100&sv=
2.42.138.122200 OK 112 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/none.png?v=20200100&sv=
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fe559299034706d44d63d1398bf21cc
ed18904393d8f662c9dd0c39dca51f4a0b801da9
f80e0b236ecc33d8d1a28415728ea9bc841c6d58b11d448a0c591b46486470b6
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/none.png?v=20200100&sv= HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "70-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 112
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/ok.png
2.42.138.122200 OK 3.1 kB URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/ok.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash 1f6357de9fe600ba550a009d57c8b475
fbb4185ab4db8b15989e50f97ae57f21e9633314
7856ecd78f3a9a8c7a79fc6c87c2af7a6b74c9d007aacca6cea6b6fa83ced336
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/ok.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:16 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "c22-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 3106
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:16 GMT
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/none.png
2.42.138.122200 OK 112 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/none.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 7fe559299034706d44d63d1398bf21cc
ed18904393d8f662c9dd0c39dca51f4a0b801da9
f80e0b236ecc33d8d1a28415728ea9bc841c6d58b11d448a0c591b46486470b6
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/none.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "70-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 112
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/error.png
2.42.138.122200 OK 521 B URL HTTP/1.1 2.42.138.122/www/_libs/_skin/lookfeel.d/img/normal/error.png
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type PNG image data, 17 x 17, 8-bit/color RGBA, non-interlaced\012- data
Hash b8b41fe5c23b131a620c79395c7ce669
28166d7e188cc522b5426e165da840b9d57f423f
f21a9d9ad007657e35b056eeecad4c50b46a00818972da911ab652c2b65ebbd0
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_skin/lookfeel.d/img/normal/error.png HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Mon, 16 Mar 2020 08:04:37 GMT
ETag: "209-5a0f445332f40"
Accept-Ranges: bytes
Content-Length: 521
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: image/png
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol2.js?v=20200100&sv=&v=20200100&sv=&l=it
2.42.138.122200 OK 84 kB URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol2.js?v=20200100&sv=&v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (1034)
Hash af661f37f1740d95f70f1ce414779e49
dffc9956b9c52b4a8e27cd95bb235a25550aa22a
76737e3501546454ce53f9a92fdbc01f720761247165f22bca16ccee217d1d2c
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/protocol2.js?v=20200100&sv=&v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:48 GMT
ETag: "52d1c-5a10a09b2a200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/protocol2_ROOT.js?v=20200100&sv=&l=it
2.42.138.122200 OK 487 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/protocol2_ROOT.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type ASCII text, with very long lines (532)
Hash 421a9b24a0f5ab163f78e91eac754821
831918a8f209086091247d0b1dbfe753d2a493f7
ce46841fb49224a45960ee3d72c6dfeb80703419eb17c1fe3d4046011fd984cc
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/protocol2_ROOT.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:48 GMT
ETag: "42b-5a10a09b2a200-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 487
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/common.js?v=20200100&sv=&l=it
2.42.138.122200 OK 119 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/common.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash e64986927f5f3a9e844d04b344542403
053ba1a1fe3ccff39a50801bb3a24ff75cdb925f
7e5755cc246cb24dd608b8422d9fcdb999b6ba94e0898e6a2115b5834efb055f
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/common.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:19 GMT
ETag: "75-5a10a07f820c0-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 119
Keep-Alive: timeout=5, max=91
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/it/commonDialogs.js?v=20200100&sv=&l=it
2.42.138.122200 OK 180 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/it/commonDialogs.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash 2edd618b4b2505d3572ce15eee01f9bd
d0c6ccd8e85447dccc17ce2d3335d01095a942ad
5f8a08f2bb4f9adc3094f4aaed38dff142cc067ea09cdc33153608701126c1ec
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/team/nls/it/commonDialogs.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:45 GMT
ETag: "e3-5a10a0984db40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 180
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/loading.js?v=20200100&sv=&l=it
2.42.138.122200 OK 129 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/loading.js?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
Hash a9043ef7c67836168c4644ee6d1a6ecf
e7a2cfb431eb394b078e09ba2f858df0cc95ecc8
680caf1d27fc934f75527dd212b418589d2c9661a16a09d605cdbcaca53537a1
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dijit/nls/it/loading.js?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:17 GMT
ETag: "7e-5a10a07d99c40-gzip"
Accept-Ranges: bytes
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 129
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
Content-Type: application/javascript
2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/resources/blank.gif?v=20200100&sv=&l=it
2.42.138.122200 OK 43 B URL HTTP/1.1 2.42.138.122/www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/resources/blank.gif?v=20200100&sv=&l=it
IP 2.42.138.122:0
ASN #30722 Vodafone Italia S.p.A.
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6d22e4f2d2057c6e8d6fab098e76e80f
b80b11203d97fe01c5597ca3be70406ea48f5709
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
Analyzer Verdict Alert quad9 Sinkholed
GET /www/_libs/_widgets/_jslib.d/js/dojo/release/dojo/dojo/resources/blank.gif?v=20200100&sv=&l=it HTTP/1.1
Host: 2.42.138.122
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.42.138.122/www/_libs/_auth/ui/redirect/tsid_index
HTTP/1.1 200 OK
Date: Thu, 02 Feb 2023 22:57:17 GMT
Server: Coruscant
X-Content-Type-Options: nosniff
Last-Modified: Tue, 17 Mar 2020 10:02:03 GMT
ETag: "2b-5a10a0703fcc0"
Accept-Ranges: bytes
Content-Length: 43
Cache-Control: max-age=28800
Expires: Fri, 03 Feb 2023 06:57:17 GMT
Keep-Alive: timeout=5, max=92
Connection: Keep-Alive
Content-Type: image/gif
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11356
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 21:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11356
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 21:57:33 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash e8e0173672ec76c01676a1ba4e1be857
3d01334320c94972440226cfe96c8c7646cae796
c75aea885e434e8bf53e439c4b441e2af4b228f70212001fcc4c8094f534e0f1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C75AEA885E434E8BF53E439C4B441E2AF4B228F70212001FCC4C8094F534E0F1"
Last-Modified: Tue, 31 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11356
Expires: Fri, 03 Feb 2023 01:06:49 GMT
Date: Thu, 02 Feb 2023 21:57:33 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
34.120.237.76200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash df4a4906103a8f409c066b1cded71384
22847e3926db3e3d5f6b529297a4abe8b377c3a6
84a14b73b2cc7f4641eaa5539cbee0a109ae2b05cf88d06797a2b00c8d4f0c43
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b0e15d-e5be-4197-a382-bf7332128068.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9221
x-amzn-requestid: 209c2ad4-7a1f-4867-bf98-4ca8621111a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdTBFv5IAMFgqQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadc13-1627a9d603c69f7760ad013b;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kAkcQOKAvuq3k-X081MLCqon-cnQJqGryVeE0fwX0a7bcXgJlySIvg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 85526
etag: "22847e3926db3e3d5f6b529297a4abe8b377c3a6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
34.120.237.76200 OK 5.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7c823f1d6bf1c50d58eb263b85e6e37c
a7b74d11494fb3254df907e5cc1eead070d84617
b2706961eb756383e0988dfdb501dc424aea59697aedd1e4a6c294c314a31935
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe18f9e12-0986-423b-911d-6271bb996db4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5356
x-amzn-requestid: fef22c83-35a4-4990-9008-af5853f838d1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5BEB6oAMFczg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6c-68d3017555c069bc3107d150;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:44 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: XyDZc0F-b0rxwoS5wvSXBuBfYE7JljMmuXseBjLOBk4HvxU5gE7Oqg==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:18:55 GMT
age: 85118
etag: "a7b74d11494fb3254df907e5cc1eead070d84617"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
34.120.237.76200 OK 16 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4bb3a6fba496d54cdbbccaf2b9600386
8e30002699e9fbf2047f9ac11a36d2175fc9c591
927bf3a04b011b4e3bc8d8772a3d5813507f7f523312d43627767b64615562f3
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe2d02739-590e-4a37-9ca5-c27003f9e416.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15857
x-amzn-requestid: cfe36b9d-34f6-4f3f-896e-e70ec45c4a04
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fmJ2JGGWoAMFSLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d8bcf3-0dd68dd778b9aba268a129b0;Sampled=0
x-amzn-remapped-date: Tue, 31 Jan 2023 07:02:11 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: C1kqthy0eZop0UZfG3_op5xeBOVGiPLYfia4uS1l4-kchEzV6ccE9w==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 07:28:37 GMT
age: 52136
etag: "8e30002699e9fbf2047f9ac11a36d2175fc9c591"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 395bb0f71f9eba82f5ca23548d08900f
b1fada280c7ea3eb775a6fa46ce173a51eb045f5
7443babb69532e1ee3ee779e05ad4f62de2c5bf62548bcb5702f8290a527664c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F496723d4-47ce-49a5-b3b3-9ae546523015.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11367
x-amzn-requestid: 67702c15-9a68-46ec-95e5-efb57f08e2f1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc5OGfBoAMF3Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb6e-033182ba55fdd0230ad5a270;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:46 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: H1HIK6zdv95V96NxqSfHCqYtDQNPZ9NLAwG5oM5mwRr3nAUR0BPxlg==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:25:11 GMT
age: 84742
etag: "b1fada280c7ea3eb775a6fa46ce173a51eb045f5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
34.120.237.76200 OK 15 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6bb5b89e738516f4862491eec286bf6d
8fb46b9ca85f2c578eb2a56d0007859183e12209
7f164a37b675bf39f8473392b07a2a383397da003303965fb190fd4f455bb43b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdab614ba-4572-4b54-9079-a26b68b1ece7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 15051
x-amzn-requestid: 72a3f2ae-538e-40dc-9496-86c28334ba0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frc6jGTAIAMFy4A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadb76-72178ed13a2e70d462785b90;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:36:54 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CKTfQzCvXa4oL6Lm2n8Rw_9Uhj69YfgpDTP9s0zoaX5qW1vcqWIXDA==
via: 1.1 5a1753718d8b33365e5f693dd338c510.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 02 Feb 2023 21:44:41 GMT
age: 772
etag: "8fb46b9ca85f2c578eb2a56d0007859183e12209"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
34.120.237.76200 OK 5.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d910c24f5a6108cb74103cd70692a703
9fe648fa464e46d16f685aca1704f3414eda4107
5cbe5e571e62555225621440203ae24a3b8c41ac7f49b6b731bc2c94e620797f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F85f439bb-b615-43ac-bd20-2466bff7ff50.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5561
x-amzn-requestid: 76ca969b-a840-4d5c-97c1-2dfd93b8f630
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: frdKYE3-IAMFqbw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dadbdb-2729fe22420bcc0563c39aff;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 21:38:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: E91BIw8QT3vXXQY8GIPpnRqnTZV4paZ3wynf7UjLnjeIfwS0tiC1Gg==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Wed, 01 Feb 2023 22:12:07 GMT
age: 85526
etag: "9fe648fa464e46d16f685aca1704f3414eda4107"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2