r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a9f1d4d98705c281fed3b60343463200
db6f8aa98d2eda4e5473b116a222c3055568bb78
164d11173045b569cafb32e300e4c1ec6d6ab177fd34d0414cc40c541268779f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "164D11173045B569CAFB32E300E4C1EC6D6AB177FD34D0414CC40C541268779F"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5548
Expires: Thu, 24 Nov 2022 21:04:30 GMT
Date: Thu, 24 Nov 2022 19:32:02 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af40a2fcf8debb90c3608002da6c907a
3c75d6c0b557a3bd8d5db50155b8d896e852c145
555617a51ee3077552545a29a3baf0b43e8a82367e4c08110ee480ebedc8b523
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4164
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:02 GMT
Last-Modified: Thu, 24 Nov 2022 18:22:39 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 260e9998c20d831b66f1029c8f47aac9
716d630f647c54dc69a7f9c63a6cac294b3df7f7
c9951a909f354174f0075a01c01c3c3aa6960983040e328bfbbbea81aeb405c2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C9951A909F354174F0075A01C01C3C3AA6960983040E328BFBBBEA81AEB405C2"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7415
Expires: Thu, 24 Nov 2022 21:35:37 GMT
Date: Thu, 24 Nov 2022 19:32:02 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 4d7e4eed097b9c4e5d509419f1cfc85a
290bb3d428a7c6330e2e3d73a952b16f820896c8
0dc9ca0f57af15adcd416035e92794711434e3d53a1feff21d8481d6d500986c
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Content-Length, Alert, Backoff, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 24 Nov 2022 19:18:59 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 783
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: VhPWCsdremQehcIHYjMqRUxOMIFeyzVRA01WX16EDzr6L0Ekm23uELZBFbcQCHOtRAYH+iE+3k8=
x-amz-request-id: M41EX79E6SGEB2NQ
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 24 Nov 2022 18:43:30 GMT
age: 2912
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 24 Nov 2022 19:32:02 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
rotaryclubsalemmajestic.com/
192.185.117.63200 OK 9.1 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8601), with CRLF, LF line terminators
Hash e63267a9cc3c72dd0f815940d593b575
0a47b6e1bec0f6ed536431f27407f98a175da380
f5899091b20e2d0fd88c3cb26ce4051e25c4ef5df3a860f062068d9776093bdb
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET / HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 9054
Keep-Alive: timeout=5, max=75
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Alert, Cache-Control, ETag, Pragma, Expires, Backoff, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 24 Nov 2022 19:11:11 GMT
cache-control: public,max-age=3600
age: 1251
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
rotaryclubsalemmajestic.com/css/revolution-slider.css
192.185.117.63200 OK 15 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/revolution-slider.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65536), with no line terminators
Hash db71848111045e74c3da6513a511d3a7
ccd52102cbf5a8f0775620b934c8126a2943c8c6
2042605322c45176e59e50f90fd9fa6a2362ed45a124f88ee90856dc749f525e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/revolution-slider.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 15312
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/responsive.css
192.185.117.63200 OK 3.2 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/responsive.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 358e9f3fe4409c7f1d092efb7119112d
604b64d9c594996acf5c077c02f60d6777d587c4
3eb0d5a2b3f83fcc8e429e5acdd8b006b0b1809bf9897be6b2cb7682d08345df
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/responsive.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 19 Jun 2019 08:00:55 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3188
Keep-Alive: timeout=5, max=75
Content-Type: text/css
rotaryclubsalemmajestic.com/css/bootstrap.css
192.185.117.63200 OK 27 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/bootstrap.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (65371)
Hash ba6e8ef51b09802aa429373392f06bb1
908671152862deb1076ffc66bb9762d9b39f7034
1d3e6530ffb96d67c264d837625094ada0a1fc0402e25ea3bb463a3951d36774
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/bootstrap.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 19 Jun 2019 08:00:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash fb6949e7abaa473393f7c604691de14f
599681bba3947709baa603bbae2dd7afd04059a4
36c5165526ea9d34de14d36655ed494d0cffaa11ca3271ee47824ac11246ba13
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2729
Cache-Control: max-age=138016
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:02 GMT
Etag: "637f3429-1d7"
Expires: Sat, 26 Nov 2022 09:52:18 GMT
Last-Modified: Thu, 24 Nov 2022 09:06:49 GMT
Server: ECS (ska/F706)
X-Cache: HIT
Content-Length: 471
rotaryclubsalemmajestic.com/js/bootstrap.min.js
192.185.117.63200 OK 14 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/bootstrap.min.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32025)
Hash 0c3633e0ede975a837e9cf8aa5d7b1c8
393aab95b3638ecd38ad6827e32b7f2c04bdff53
b1cd1e929ecfb10bdc8f4e635861371cda24884acabb8ec51be4753ee53f84c8
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/bootstrap.min.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 19 Jun 2019 08:01:32 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 14005
Keep-Alive: timeout=5, max=75
Content-Type: application/javascript
rotaryclubsalemmajestic.com/css/style.css
192.185.117.63200 OK 23 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/style.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash edac8a1334b61a35dd875a839057e771
7bf578fd8c13ee79583b51a96951767be2f25798
34e35c2f28b86af0e68e6d1c24d74a25be442147afaa414d83e97220040a2a11
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 31 Jul 2019 10:25:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: text/css
rotaryclubsalemmajestic.com/js/revolution.min.js
192.185.117.63200 OK 80 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/revolution.min.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (26113)
Hash 2df29fbf0c2fcdd3a25f15c8b731e527
36ea95765b318ac145c28e74e27f190b792f94f6
542d7759f69efc6a25397e5e6150e14beb03f436b8947af5747644d60f68a083
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/revolution.min.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:38 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/jquery.bxslider.min.js
192.185.117.63200 OK 6.4 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.bxslider.min.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (19040)
Hash 3c45b35ba504f57470e6afd4358b3c89
7c57a5643b0eeb524f8ca9bd2eac1c517aba5ac8
9de6c9850e592a77c1b0722dc70fc86ac4c61c7b76461174c5effbce5b11ed31
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.bxslider.min.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 6375
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/jquery.fancybox.pack.js
192.185.117.63200 OK 10 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.fancybox.pack.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (645)
Hash 044b6bfd4fde3124f72eb20a984516ad
dcc4f52687b9d058c9a5e5268ee45e25575fd963
5430ab8c730223d31b9350d2735eb11b8fb9d5594d61dbe653957fa34a967131
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.fancybox.pack.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 10428
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rotaryclubsalemmajestic.com/js/jquery.js
192.185.117.63200 OK 42 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (32038)
Hash 1c5d421386e35046463d22f34cea23c8
fdc97ae825c464d4722eabdc27eabebe5b1c0f34
3384c26d6840d118f263b0e473ef5638dd87b6a0c1a6f158c3f502e0e461dd54
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:02 GMT
Server: Apache
Upgrade: h2,h2c
Connection: Upgrade, Keep-Alive
Last-Modified: Wed, 19 Jun 2019 08:01:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=75
Transfer-Encoding: chunked
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/jquery.fancybox-media.js
192.185.117.63200 OK 2.1 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.fancybox-media.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 733fa04ec3f525a0940cf3a8a6072c0f
4f701e75fa37845d24db9f57aa16c1581634e423
710ceebdffbdb3d0dc5e231b48548202c27c59b3cd2f1d8d27007256e8665b51
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.fancybox-media.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:35 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2105
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/mixitup.js
192.185.117.63200 OK 16 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/mixitup.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (367)
Hash d315ef276def5783ecf0a0de69bfaf4f
235fc3770b02d209d0d24b6040b4089876ec0d93
a9aafe9ba8570bbda48a8334f5a54343a10c3f2bf43b214af67a3dc4bb2d7575
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/mixitup.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:36 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 16252
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/owl.js
192.185.117.63200 OK 27 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/owl.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash fb08f14e28a52318762dc3959b5d5eb9
818e320d630d340bf3d8afca5cba7ec3fa83323a
70449560f730f90702b9076506c48a07208d3072ed8a9c4b9926ba91b8680d9f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/owl.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/circle-progress.js
192.185.117.63200 OK 4.2 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/circle-progress.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 3e06ebfc8e9d0d2028575a60b2ba2f4c
c294bfe295aec0ce6e84c8f48a735a2f276c64f4
a9fb18ba9d30091917cf5354be8ba5d1a64767f071fb5e2047b19c197006c30d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/circle-progress.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:31 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4247
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/wow.js
192.185.117.63200 OK 2.5 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/wow.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (6269)
Hash 7a47d2dd28d44ac7ff913d065e5b6a3d
22b113d0440f0f9bd3347a9a26d5d7aaea7f4cb8
7d4253f52aee7018e41b851bb41359f8d38ca4f2b2aa3b928914264a3a5710d5
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/wow.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 2506
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 4af780570d49b327d38dc189095448e9
1dd4193a2afeb237c5e475b603b1cbd137f7f97e
f25ef2e65d3c2acbba49b5d36c2fe37f8d404fa3b0ea5cdd6c93ac1685a6129a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
54.186.117.16101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.117.16:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Jq+B8aNUffNQajRyuPbDGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 81izETqrCn5uqYSST1xmVVnV3Yc=
rotaryclubsalemmajestic.com/js/jquery.appear.js
192.185.117.63200 OK 712 B URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.appear.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type ASCII text, with very long lines (1285)
Hash ca977c56255442da46eb315ca4d5ed1d
1ad98ae036d5db35c8dbbed4719b09d1d86403cd
92c00efdf0d86af0321b7680738015d2b846a2543960b79288744426fe9d738d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.appear.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:33 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 712
Keep-Alive: timeout=5, max=74
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/js/jquery.countTo.js
192.185.117.63200 OK 1.1 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/jquery.countTo.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 38e951f4edd21167ac4de765c306d576
5def5717b9a0dbac70f10150aace65c7eed8bd7d
001233df8dfa54794db07cb0b3e4d9c7d54087c2b5d41914a56962815f9b54a6
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/jquery.countTo.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:34 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1090
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/css/font-awesome.css
192.185.117.63200 OK 5.8 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/font-awesome.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type troff or preprocessor input, ASCII text, with very long lines (392)
Hash e77706a6796e21c55f4e840855d5db7a
92abe457160401ce567ada3752fccacc49b918bf
b6101e4c69d1bd6b1d180204dfb3f30a56202f69c6771642715300d1ebee48e8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/font-awesome.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 5804
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/js/script.js
192.185.117.63200 OK 3.6 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/js/script.js
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash e06a5aea46dd3aced8506cadc79bb86e
37d28829a080afa14df8d9500eb8912dfcac9a6e
c8212ceccaace753bf804dccecafb2a8f779d15cd59dd60fa0743711f234500b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /js/script.js HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:37 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3605
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: application/javascript
rotaryclubsalemmajestic.com/css/flaticon.css
192.185.117.63200 OK 1.5 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/flaticon.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c1b7901ee41a43e383ef510a5b965342
50717fdfa038125115b300a83e357bf06e9533ab
f6f10e9cf62bf5044113e20b8833e38423187aea66992c80fb65ac7e671c34f0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/flaticon.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:51 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1527
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/animate.css
192.185.117.63200 OK 7.1 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/animate.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 07c2a8812d8c2ad672ac97c4fee6e62e
7897efa30d229afc3150b2f6373470c553dea705
0e77021bccf1ffd183e2356f4a3f2d37c037e6885fa2136e9c39e7ca6d8602b9
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/animate.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:52 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 7105
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/jquery.bxslider.css
192.185.117.63200 OK 1.3 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/jquery.bxslider.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 2824703ba508137f4510046dd4b6a4b2
4b6806e6cf592cc2e549a866350e5f0196ba1578
81000a76059699847070bde94aac865e0339ac283f905325a0432e092fedecd1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/jquery.bxslider.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1329
Keep-Alive: timeout=5, max=73
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/owl.css
192.185.117.63200 OK 1.6 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/owl.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash d137648d7b3984a637fef254fc17fc3a
a54828a0264288fb8f35010fe32d7bcf598631fc
a32f29172e05eebe82629d45592036b387c1c8fc9fdab2f952cd95c26c462fcc
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/owl.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1567
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/jquery.fancybox.css
192.185.117.63200 OK 1.7 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/jquery.fancybox.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash c51f8565e6275b73acebe22eb6134404
137b4cfd0f9f9b1ca8d7513943f1bce5da0eaad7
0dbad4e0f123236c73bdea2e28a77dece3a6e46f9bd8a462f895172e33c58522
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/jquery.fancybox.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:53 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1686
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: text/css
rotaryclubsalemmajestic.com/css/hover.css
192.185.117.63200 OK 31 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/css/hover.css
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash cb6c5001842b077243ae7a7460027f7d
4bdb215c24f3b7426cf4d4c8db5a225f28e0525d
6e5b78176ca03b6ba34c2b4a585ce50ca0eb29f59bee31f786b77168aee2cc2b
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/hover.css HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:54 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15744, version 1.0\012- data
Hash 15d9f621c3bd1599f0169dcf0bd5e63e
7ca9c5967f3bb8bffeab24b639b49c1e7d03fa52
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
GET /s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rotaryclubsalemmajestic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15744
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 19:34:08 GMT
expires: Thu, 23 Nov 2023 19:34:08 GMT
cache-control: public, max-age=31536000
age: 86275
last-modified: Wed, 11 May 2022 19:24:48 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15860, version 1.0\012- data
Hash e9f5aaf547f165386cd313b995dddd8e
acdef5603c2387b0e5bffd744b679a24a8bc1968
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
GET /s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rotaryclubsalemmajestic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 18:53:49 GMT
expires: Thu, 23 Nov 2023 18:53:49 GMT
cache-control: public, max-age=31536000
age: 88694
last-modified: Wed, 11 May 2022 19:24:42 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
rotaryclubsalemmajestic.com/images/president.jpg
192.185.117.63200 OK 46 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/president.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 345x220, components 3\012- data
Hash 65fc533ca6e5d1a820400b92e5e228da
1c02ca9c5589c49543b8bdce132a67420887731f
2e886f39a480200b6ef780ac4beddecc0c041cafe7d4b82c93b6cf000132580a
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/president.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:47 GMT
Accept-Ranges: bytes
Content-Length: 46493
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/images/logo.jpg
192.185.117.63200 OK 29 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/logo.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 280x80, components 3\012- data
Hash b18cc6f7050d51d398731a2ec497d879
ffa381ffa6984fda93b2b87da7f374e740376119
b3c404d84fa2a36892806e66c3e5e7c2727c4bbd87b81159c062dc013f2e2b5c
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/logo.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:47 GMT
Accept-Ranges: bytes
Content-Length: 29241
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/jpeg
fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
216.58.207.195200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 15920, version 1.0\012- data
Hash 3a44e06eb954b96aa043227f3534189d
23cef6993ddb2b2979e8e7647fc3763694e2ba7d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
GET /s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://rotaryclubsalemmajestic.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15920
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 23 Nov 2022 14:07:32 GMT
expires: Thu, 23 Nov 2023 14:07:32 GMT
cache-control: public, max-age=31536000
age: 105871
last-modified: Wed, 11 May 2022 19:24:45 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic
142.250.74.10200 OK 48 kB URL HTTP/2 fonts.googleapis.com/css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic
IP 142.250.74.10:0
Hash 188c48be5b70d0ef1e3b17501fbdf7a7
d496569a2fceba9fa1f60c0da3a234dbdc1b2367
0640ecfe19cdfe5c58d7b5ec0eadba9f0e6eb530e4e7a073a882e44dfe6d003e
GET /css?family=Roboto:400,300,300italic,400italic,500,500italic,700,700italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 19:32:03 GMT
date: Thu, 24 Nov 2022 19:32:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash aee1eaa2ef2d0edbb0bc5703979e6439
8baa6d1cdd85ce2c5b6e30bd7a60096eeafce4db
095cc1e6ce8241ba22f88cb66d752587909fea3dc66936a72c369ef74b3134f1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 24 Nov 2022 19:32:03 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rotaryclubsalemmajestic.com/images/Secretary.jpg
192.185.117.63200 OK 51 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/Secretary.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 345x220, components 3\012- data
Hash f1632bc2ed2ef24f4bed4540926fb80f
ac17d02d39abd4324faedca9984a06c08d72e302
0001a5240ba4b166d022cd12fdf461b27d01c7f42965febf55b63845a5f2ba56
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/Secretary.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:56:23 GMT
Accept-Ranges: bytes
Content-Length: 50974
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/fonts/fontawesome-webfonte0a5.woff2?v=4.3.0
192.185.117.63200 OK 57 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/fonts/fontawesome-webfonte0a5.woff2?v=4.3.0
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format (Version 2), TrueType, length 56780, version 4.197\012- data
Hash 97493d3f11c0a3bd5cbd959f5d19b699
1075231650f579955905bb2f6527148a8e2b4b16
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/fontawesome-webfonte0a5.woff2?v=4.3.0 HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/font-awesome.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:54 GMT
Accept-Ranges: bytes
Content-Length: 56780
Keep-Alive: timeout=5, max=68
Connection: Keep-Alive
Content-Type: font/woff2
rotaryclubsalemmajestic.com/fonts/flaticon.woff
192.185.117.63200 OK 30 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/fonts/flaticon.woff
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
Hash 849ec13486de78b8ed781efa4c8e3144
fe0b10cde4cf92918d4dbc1b1a724bd1ce052d53
6500bcfd052ad8890a390306309aced56b6c9d4ddf8af78e41e95d62649d7e4f
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/flaticon.woff HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/flaticon.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:51 GMT
Accept-Ranges: bytes
Content-Length: 30372
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff
rotaryclubsalemmajestic.com/gallery/17-06-2019-121817_16964.jpg
192.185.117.63200 OK 373 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/17-06-2019-121817_16964.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 100", baseline, precision 8, 1280x494, components 3\012- data
Size 373 kB (372977 bytes)
Hash 9ac0778bbf0536f7cabd5d22849caf26
da941def57fd17a599ab8888ab5ac07cfe4d6237
28d74d181f4fc327bcd0f2da8ab12a29ccd1f2395bc2ff5da6a88e119cafac66
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/17-06-2019-121817_16964.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:09 GMT
Accept-Ranges: bytes
Content-Length: 372977
Keep-Alive: timeout=5, max=72
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/fonts/revicons90c690c6.woff?5510888
192.185.117.63200 OK 7.5 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/fonts/revicons90c690c6.woff?5510888
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type Web Open Font Format, TrueType, length 7536, version 1.0\012- data
Hash 04eb8fc57f27498e5ae37523e3bfb2c7
d942ae11706c3f7e511e3c49b0e4574d7ad199c4
f7b9c3065e55fa3b9e320093612e7b30dcb14355a44ec461247b495a3e729686
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/revicons90c690c6.woff?5510888 HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/revolution-slider.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:57 GMT
Accept-Ranges: bytes
Content-Length: 7536
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: font/woff
rotaryclubsalemmajestic.com/images/icons/preloader.GIF
192.185.117.63200 OK 17 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/icons/preloader.GIF
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type GIF image data, version 89a, 48 x 48\012- data
Hash 22b82e0c8e1e49556b08426bad89ccaf
47218c50b2a7749c6a3aa1b41be511ee1db87a86
1be04d267b3454ae6853ee374c4c0243ab78c97885df82ff0b81db5c5f8e238d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/icons/preloader.GIF HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/style.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:02:07 GMT
Accept-Ranges: bytes
Content-Length: 16740
Keep-Alive: timeout=5, max=67
Connection: Keep-Alive
Content-Type: image/gif
rotaryclubsalemmajestic.com/gallery/10-07-2019-075144_1482527264.jpg
192.185.117.63200 OK 256 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/10-07-2019-075144_1482527264.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1040x493, components 3\012- data
Size 256 kB (255836 bytes)
Hash b6b103941e05e81ef4ec1eac6c0780d0
8fca58064fbd9226eb0ebe04f5822ccf5f61f8a1
b979d693d32b351e5cdf421e40c8184f06b0d27d9a7f71c7a63cc8dcc9241396
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/10-07-2019-075144_1482527264.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 10 Jul 2019 12:51:44 GMT
Accept-Ranges: bytes
Content-Length: 255836
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/gallery/04-08-2021-152820_1984323343.jpg
192.185.117.63200 OK 353 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/04-08-2021-152820_1984323343.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1280x622, components 3\012- data
Size 353 kB (353363 bytes)
Hash ef68d7581764cc38496005ee31af28de
30b90666d80b3df5c05ce03cc2b9c9b972e5891d
4c79570ce801a934a435e111dc7ca2085493b7b5c2c96cbc632e1d655da5afd8
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/04-08-2021-152820_1984323343.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 09:58:20 GMT
Accept-Ranges: bytes
Content-Length: 353363
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/fonts/flaticon.ttf
192.185.117.63200 OK 49 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/fonts/flaticon.ttf
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type TrueType Font data, 13 tables, 1st "FFTM", 14 names, Macintosh\012- data
Hash adc44f7f6b8cc75921294ccd45a50ea2
e9c3f275d8cf6fd231089327b663f175f850be78
51f1a8c86444455bf34044b0910b223993b7a62ac21ce6bc8c070cf8057f4e6b
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /fonts/flaticon.ttf HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/flaticon.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:51 GMT
Accept-Ranges: bytes
Content-Length: 49004
Keep-Alive: timeout=5, max=71
Connection: Keep-Alive
Content-Type: font/ttf
rotaryclubsalemmajestic.com/images/background/footer-bg.jpg
192.185.117.63404 Not Found 4.7 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/background/footer-bg.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/background/footer-bg.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 16:16:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4677
Keep-Alive: timeout=5, max=66
Connection: Keep-Alive
Content-Type: text/html
rotaryclubsalemmajestic.com/images/2982logo.png
192.185.117.63200 OK 11 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/images/2982logo.png
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 305 x 80, 8-bit/color RGBA, non-interlaced\012- data
Hash 3b852796100711d17fd31cb9f97d5bcd
022246566ee73048986e7bf785d5947c5eff25ce
9c671f08914f4b0113c19b0801177f6009d42fe38bfa13d5f67fb5287cd0aac6
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /images/2982logo.png HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:04 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:00:44 GMT
Accept-Ranges: bytes
Content-Length: 10753
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
rotaryclubsalemmajestic.com/gallery/04-08-2021-151722_1203104726.jpg
192.185.117.63200 OK 203 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/04-08-2021-151722_1203104726.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1120x504, components 3\012- data
Size 203 kB (202662 bytes)
Hash 6f095b6e49fcdb10c4be737714a7ff08
49ebcd2850b3ae146ec63d2f4ce44ba2e7350e2c
a8d4b9d6eb1c17d25b202fecaacfc16cc1c27e2315aeb689d4c75203960760ec
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/04-08-2021-151722_1203104726.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 09:47:22 GMT
Accept-Ranges: bytes
Content-Length: 202662
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/css/assets/timer.png
192.185.117.63200 OK 125 B URL HTTP/1.1 rotaryclubsalemmajestic.com/css/assets/timer.png
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type PNG image data, 1 x 10, 8-bit/color RGBA, non-interlaced\012- data
Hash ba593bd9fc9e07110f3dc74f728b3768
9620e53c9e0a5b5d55e15b23f556e2089e903fc1
a15348b049a18c85702dde38f379aa78d3809af8c07adcf25236c69b03f6f746
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /css/assets/timer.png HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/css/revolution-slider.css
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:04 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:02:13 GMT
Accept-Ranges: bytes
Content-Length: 125
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/png
rotaryclubsalemmajestic.com/gallery/17-06-2019-121935_28138.jpg
192.185.117.63200 OK 268 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/17-06-2019-121935_28138.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v90), quality = 100", baseline, precision 8, 1029x319, components 3\012- data
Size 268 kB (267475 bytes)
Hash b2ecdf4a0e864b3287db813cd6f3ee67
13f71d05f15d7b0b827f3027013e8bdcc5c8124b
978d07d80162ac1f50834a4ced2a7fb5840bd06766caba2781546b388999bd3e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/17-06-2019-121935_28138.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:04 GMT
Server: Apache
Last-Modified: Wed, 19 Jun 2019 08:01:09 GMT
Accept-Ranges: bytes
Content-Length: 267475
Keep-Alive: timeout=5, max=70
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/gallery/04-08-2021-152325_13441312.jpg
192.185.117.63200 OK 304 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/gallery/04-08-2021-152325_13441312.jpg
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, comment: "CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 100", baseline, precision 8, 1040x493, components 3\012- data
Size 304 kB (303850 bytes)
Hash 77ef3859b28e6b99a7e7aeb48957192a
eed99633b0b06a55cc3407d27c7b21e3fd79fe46
9ee96262a542a4c4155d52b8aba9521d7e1299da7bd8f01e92801a50b20cf154
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /gallery/04-08-2021-152325_13441312.jpg HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 200 OK
Date: Thu, 24 Nov 2022 19:32:03 GMT
Server: Apache
Last-Modified: Wed, 04 Aug 2021 09:53:25 GMT
Accept-Ranges: bytes
Content-Length: 303850
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: image/jpeg
rotaryclubsalemmajestic.com/favicon.ico
192.185.117.63404 Not Found 4.7 kB URL HTTP/1.1 rotaryclubsalemmajestic.com/favicon.ico
IP 192.185.117.63:0
ASN #46606 UNIFIEDLAYER-AS-1
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (358)
Hash e6aae2410885df2f2629465b60a2691d
859d3d883fb8ca2aadedf5753abcd7acce922479
a113d210f17827a95d9d1eee68bf4e0aa8bd39d67df1d9420ff5e9c0f49b1d48
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: rotaryclubsalemmajestic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
HTTP/1.1 404 Not Found
Date: Thu, 24 Nov 2022 19:32:04 GMT
Server: Apache
Last-Modified: Fri, 30 Sep 2022 16:16:17 GMT
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4677
Keep-Alive: timeout=5, max=69
Connection: Keep-Alive
Content-Type: text/html
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:32:04 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 6827d82f488045e02e40d6a2fdbae4b3
4944139a4b08769511ffc6aa913857d88a0db7bc
0e4ef6ddef97ec03d43df4c0bada61d792b9f030e4d9fab5bd3cf904aeaa3bc9
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0E4EF6DDEF97EC03D43DF4C0BADA61D792B9F030E4D9FAB5BD3CF904AEAA3BC9"
Last-Modified: Thu, 24 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11300
Expires: Thu, 24 Nov 2022 22:40:24 GMT
Date: Thu, 24 Nov 2022 19:32:04 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
34.120.237.76200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 0856fdb55f19f03a1bec38b3d6e0ac77
89accd230fba95fe0049678070817b36ead015fa
17c6e6f9bb8f4261fff2dc2a43ed994986418761624b8afead768e89927594f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F433fbaf5-7c54-485b-af70-542e1e788832.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5070
x-amzn-requestid: d86d95ad-9b78-4047-82e7-04e83a97e330
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwViF1GIAMF_PQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9423-10809ba1634776171cf79cb8;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:03 GMT
x-amz-cf-pop: SFO5-P2, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 8rbsN9OVJmneT9ov-Q7V4RB8DP5UWhhn-7cnukHiBpl06zmMM0zJTg==
via: 1.1 0dc4feb22bb4657ce2bb95fd05ec7122.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:57:20 GMT
age: 77684
etag: "89accd230fba95fe0049678070817b36ead015fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d9d93b2a6875d446c3467eb49767eef5
303c571b13b05fcf27ee1159d8fdf6369aaef0a2
2a2345a925e0187979930a7f2de8548957ad9f2baae77364dcb157286e2b3fcf
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F50d7d834-f80d-4fd9-a728-24643ed00c45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6789
x-amzn-requestid: 4d94ce1b-d18f-43b8-bb4d-e7093f9bea42
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cCvd2G9UIAMFrEg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637dc5f2-64a570135be59b83031811da;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 07:04:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: JygkDI7XSvlgurUTot874ZAXlOIqnv4cntMQ55IvHVqw93JBcksZjQ==
via: 1.1 4d7fa73f804f1c93f20cfc24c4b1266e.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:15:22 GMT
age: 44202
etag: "303c571b13b05fcf27ee1159d8fdf6369aaef0a2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
34.120.237.76200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b4157f2c5c3c77ce699324ecb08f47c7
a7d9135f9d01ba13c3cdaf8b038c70212f159297
2305f7afee95bb34d9e8dbff571c6b146ba7b694be96e9e925c32d1f41785916
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3d85d03d-8fcf-42f4-bada-e7f488f04307.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7462
x-amzn-requestid: 1f6fb14d-83e0-43d3-9dab-5bc83af1a7c4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEwV3HV9oAMFs9w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9425-634d43db6308e0be596aa5a0;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:44:05 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: GW5UTfY7-TwPWTno9z1e21a2cA9fmU7GfHFYWdL-zQvMLxeq-S9Trg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 22:03:54 GMT
age: 77290
etag: "a7d9135f9d01ba13c3cdaf8b038c70212f159297"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 64d79191f005c9876b952c5f948aa0f7
1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a
00fb36c3d322e8302c5ce202d6d4119d637510cd6f3b63e1347781ec3bb9d7fc
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F81517ad5-7c1b-49aa-9ba9-dbfa36fbb071.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13882
x-amzn-requestid: 9022b0b3-31d5-4149-a969-02514f11b95a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvzNHjMoAMFWMg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9347-0e8354a02bef623644714e31;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ve4q5FDkwMGhPK6ZVVVCZtoBTaGaz43r_PwINzwS5Nx5tcZeQkVIfw==
via: 1.1 000f4a2f631bace380a0afa747a82482.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:49:47 GMT
age: 78137
etag: "1102dbdcbcabf5c25d17840f8f00d5b55b9b8f0a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 841a4b110022a99ddea6f7bf66df0fa1
126771b86638108050cf57c0d12faa27f80f0edb
240fbffc1f9104433297d3ff7afba2d0b58d7f1b13d9a9260a1bad25216665db
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1dd98515-d0af-440a-8f3d-4c9986928081.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4309
x-amzn-requestid: a22b4d7e-e208-4bda-81c2-d13e6463380e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: blE0hGNioAMF_Tg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6371e81c-1b13846866f56a0e47675e56;Sampled=0
x-amzn-remapped-date: Mon, 14 Nov 2022 07:02:52 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 0sYKpJWi2Tv9Atz3PYXm5j7kmncAOxjcLcK4hgAkJ5b4pNMDmjdB6g==
via: 1.1 ddd913fbbe7367d44af4ac06097e7a2a.cloudfront.net (CloudFront), 1.1 28390a4d24ed4fdccd685d99cd06cf4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 24 Nov 2022 07:14:07 GMT
age: 44277
etag: "126771b86638108050cf57c0d12faa27f80f0edb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 92c78302bcce1568eb6a5563100b932c
43d1dec7fc06879988c9c3cadd800cc8145df988
0dda9914306c8e3a7ea75eade8e762652d93907dd6c5a8cc81707d6d8098b60a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca5cb469-21a0-420a-875c-a81635b33f53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7993
x-amzn-requestid: 9f0ff853-4819-47cd-959d-658401ea5748
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cEvCsG5mIAMFqAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-637e9211-1c48b9223684f2942f8dd42d;Sampled=0
x-amzn-remapped-date: Wed, 23 Nov 2022 21:35:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 7YSXUV-LZpsI7vciFhuqt1EVr6YRkhxcOgMg8z8bxLcOE01_baf6Gg==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 1b74ccf4cb51eacf97a0e6d60ae46a3e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 23 Nov 2022 21:47:06 GMT
etag: "43d1dec7fc06879988c9c3cadd800cc8145df988"
content-type: image/jpeg
age: 78298
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:800,700,600,500,400,400italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:800,700,600,500,400,400italic
IP 142.250.74.10:0
GET /css?family=Raleway:800,700,600,500,400,400italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://rotaryclubsalemmajestic.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 24 Nov 2022 19:32:03 GMT
date: Thu, 24 Nov 2022 19:32:03 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2