| | 172.67.177.201 | 403 Forbidden | 1.7 kB |
URL User Request GET HTTP/1.1IP172.67.177.201:80
File typeHTML document, ASCII text, with very long lines (394) Hash8c70c5d254ff7eecf2c403ecd73ba6f5 de0ee37762fb5b97b6f575fef453b0021c92fbd7 e0fb0ebd8441bb73cf4bad826162584f0c722347ffaa4b3d0ec5fb472f8c9b98
GET / HTTP/1.1
Host: ladangmpoc.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 18:55:29 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Tue, 23 Apr 2024 18:55:44 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=p40xS7f3msRXShhgB34Ic%2Fldr3niXuV%2BDsnCrv%2BGoPrg%2FoU4TY9h1TsG1iW8nEorPxErqiatQsJIxdnkHasAMq9YtzzHecXYDHZhhWq%2F3e5fGcxDOsDtycbayKizYR86%2F6Q%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 87901173c9ce56bb-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| ladangmpoc.site/cdn-cgi/styles/cf.errors.css | 172.67.177.201 | 200 OK | 4.5 kB |
URL GET HTTP/1.1ladangmpoc.site/cdn-cgi/styles/cf.errors.css IP172.67.177.201:80
File typeASCII text, with very long lines (24050) Hash5e8c69a459a691b5d1b9be442332c87d f24dd1ad7c9080575d92a9a9a2c42620725ef836 84e3c77025ace5af143972b4a40fc834dcdfd4e449d4b36a57e62326f16b3091
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: ladangmpoc.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ladangmpoc.site/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 18:55:30 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Fri, 19 Apr 2024 20:54:07 GMT
ETag: W/"6622d9ef-5df3"
Server: cloudflare
CF-RAY: 87901175ac7b56bb-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 23 Apr 2024 20:55:30 GMT
Cache-Control: max-age=7200, public
Content-Encoding: gzip
|
|
| ladangmpoc.site/cdn-cgi/images/browser-bar.png?1376755637 | 172.67.177.201 | 200 OK | 715 B |
URL GET HTTP/1.1ladangmpoc.site/cdn-cgi/images/browser-bar.png?1376755637 IP172.67.177.201:80
File typePNG image data, 960 x 53, 8-bit colormap, non-interlaced Hash226dcb8f6144bdaafdfbd8f2f354be64 3785cc5b3bf52f8e398177b0ff1020b24aa86b8c 8c873472f4925d5d47521db4d52532d2983e9cb1bde8b43143a6cc6db56c35db
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/browser-bar.png?1376755637 HTTP/1.1
Host: ladangmpoc.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ladangmpoc.site/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 18:55:30 GMT
Content-Type: image/png
Content-Length: 715
Connection: keep-alive
Last-Modified: Fri, 19 Apr 2024 20:54:07 GMT
ETag: "6622d9ef-2cb"
Server: cloudflare
CF-RAY: 87901175fd0056bb-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 23 Apr 2024 20:55:30 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
|
|
| ladangmpoc.site/cdn-cgi/images/cf-no-screenshot-error.png | 172.67.177.201 | 200 OK | 3.2 kB |
URL GET HTTP/1.1ladangmpoc.site/cdn-cgi/images/cf-no-screenshot-error.png IP172.67.177.201:80
File typePNG image data, 178 x 175, 8-bit colormap, non-interlaced Hash0d768cbc261841d3affc933b9ac3130e aff136a4c761e1df1ada7e5d9a6ed0ebea74a4b7 1c53772285052e52bb7c12ad46a85a55747ed7bf66963fe1993fcef91ff5b0d0
Analyzer | Verdict | Alert | urlquery | suspicious | Suspicious - Sinkholed / Blocked |
GET /cdn-cgi/images/cf-no-screenshot-error.png HTTP/1.1
Host: ladangmpoc.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Referer: http://ladangmpoc.site/cdn-cgi/styles/cf.errors.css
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 23 Apr 2024 18:55:30 GMT
Content-Type: image/png
Content-Length: 3213
Connection: keep-alive
Last-Modified: Fri, 19 Apr 2024 20:54:07 GMT
ETag: "6622d9ef-c8d"
Server: cloudflare
CF-RAY: 87901175fc595685-OSL
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
Vary: Accept-Encoding
Expires: Tue, 23 Apr 2024 20:55:30 GMT
Cache-Control: max-age=7200, public
Accept-Ranges: bytes
|
|
| ladangmpoc.site/favicon.ico | 172.67.177.201 | 403 Forbidden | 1.7 kB |
URL GET HTTP/1.1ladangmpoc.site/favicon.ico IP172.67.177.201:80
File typeHTML document, ASCII text, with very long lines (394) Hash8cc7d0ea313a79e1c5cb8d7d91c49d7e 4fede6a2552b9d1651312a6d04c0864cb49894b2 377ee1c4ff37f3f4e760a82f2249423d3ac2287dc66ee824b88752edd9f66506
GET /favicon.ico HTTP/1.1
Host: ladangmpoc.site
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://ladangmpoc.site/
DNT: 1
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 403 Forbidden
Date: Tue, 23 Apr 2024 18:55:30 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Frame-Options: SAMEORIGIN
Referrer-Policy: same-origin
Cache-Control: max-age=15
Expires: Tue, 23 Apr 2024 18:55:45 GMT
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nrDptiHwPV1nE1N6iZ1DJcbnn1i3SP7T7qW1%2FGFtzRR%2FNAIeuO8aiP2D6dlB%2FBkGZ%2FRfSZiTXvbhf0rW%2BbcskxKkr7eb0rwA%2FYy5HdDpHOghVUTzie9FuXfw5voa8TZuoVc%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 879011762c865685-OSL
Content-Encoding: gzip
alt-svc: h2=":443"; ma=60
|
|
| normandy.cdn.mozilla.net/api/v1/ | 35.201.103.21 | | 598 B |
URL normandy.cdn.mozilla.net/api/v1/ IP35.201.103.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: default-src 'self' https://normandy.cdn.mozilla.net/; base-uri 'none'; form-action 'self'; block-all-mixed-content; worker-src 'none'; object-src 'none'; frame-src 'none'; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Mon, 22 Apr 2024 23:46:24 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 68950
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hashd56cbc4a0ac36a926ba83785518a25a3 80926b64ca38515ab0473ac665643dfc14a949eb 1c3db5721c29678df4a4a8ca13a81c456132b5aa8b9f5f01842df119da33ccaa
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 23 Apr 2024 18:55:34 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-102-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-06-09-11-51-10.chain; p384ecdsa=dNPT24WcJWv5MFU1Ahn360cSca09_7ADWRu4zgVrDeoRltfG-piQtDuyRqDSJ3NbzYt_EJtOojSe2Op8G-9nZRRn8AUjTyT8kiiwJoTTCJZ1_NelrPeytvHl3U2Asm84
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Tue, 23 Apr 2024 18:54:01 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 107
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|