| r20.rs6.net/tn.jsp?f=001S8xcQv12rBaGcidVP8wAcjYBdwnB6cexo9h-qgoB-UOuch0tDiYN0kQhDymNcXLVmJYYVKqcDM59rWnUbZUYxmxPw2uDiFi0mwkt7PbI8T9UmvF_VezdOnNH9h9RNj3JDRvxrJMTaJHiE8FyfyK04jeh2bPU6pDT&c=&ch==&__=/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== |  208.75.122.11 | | 0 B |
URL r20.rs6.net/tn.jsp?f=001S8xcQv12rBaGcidVP8wAcjYBdwnB6cexo9h-qgoB-UOuch0tDiYN0kQhDymNcXLVmJYYVKqcDM59rWnUbZUYxmxPw2uDiFi0mwkt7PbI8T9UmvF_VezdOnNH9h9RNj3JDRvxrJMTaJHiE8FyfyK04jeh2bPU6pDT&c=&ch==&__=/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== IP208.75.122.11:0
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tn.jsp?f=001S8xcQv12rBaGcidVP8wAcjYBdwnB6cexo9h-qgoB-UOuch0tDiYN0kQhDymNcXLVmJYYVKqcDM59rWnUbZUYxmxPw2uDiFi0mwkt7PbI8T9UmvF_VezdOnNH9h9RNj3JDRvxrJMTaJHiE8FyfyK04jeh2bPU6pDT&c=&ch==&__=/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== HTTP/1.1
Host: r20.rs6.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 302 Found
Date: Wed, 17 Apr 2024 00:59:42 GMT
Server: Apache
P3P: CP="CAO DSP TAIa OUR NOR UNI"
Location: https://thegate-hotel.com/jss/css/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ==
Content-Length: 0
Cache-Control: private, no-cache, no-store, max-age=0, must-revalidate, no-cache="Set-Cookie"
Pragma: no-cache
Connection: close
Content-Type: text/html;charset=ISO-8859-1
|
|
| thegate-hotel.com/jss/css/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== | 162.240.20.58 | | 0 B |
URL thegate-hotel.com/jss/css/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== IP162.240.20.58:0 ASN#46606 UNIFIEDLAYER-AS-1
Hashd41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /jss/css/BR5rOVEtvgSHLC7fP4z6/Z2VvcmdpYS5idXRsZXJAdWNwemVsbGVyLmNvbQ== HTTP/1.1
Host: thegate-hotel.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
refresh: 0;url=https://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq#georgia.butler@ucpzeller.com
content-length: 0
content-type: text/html; charset=UTF-8
date: Wed, 17 Apr 2024 00:59:42 GMT
server: Apache
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css |  104.17.96.13 | 200 OK | 14 kB |
URL GET HTTP/3cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css IP104.17.96.13:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq#georgia.butler@ucpzeller.com CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
File typegzip compressed data, from Unix Hashcb7e77244393e9f9d46fd2e035e19941 3515d4d8781265afd733f792a8fbdc29151ca252 3c35c584fca6edd2144deffa3a188ac0c244a3c45b512a6d83d2975fb23a54cd
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other |
GET /cdn-cgi/styles/cf.errors.css HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 00:59:44 GMT
content-type: text/css
last-modified: Mon, 15 Apr 2024 08:31:33 GMT
etag: W/"661ce5e5-5df3"
server: cloudflare
cf-ray: 8758795ffae2b4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 17 Apr 2024 02:59:43 GMT
cache-control: max-age=7200, public
content-encoding: gzip
|
|
| cloudflare-ipfs.com/cdn-cgi/images/icon-exclamation.png?1376755637 | 104.17.96.13 | 200 OK | 452 B |
URL GET HTTP/3cloudflare-ipfs.com/cdn-cgi/images/icon-exclamation.png?1376755637 IP104.17.96.13:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq#georgia.butler@ucpzeller.com CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
File typePNG image data, 54 x 54, 8-bit colormap, non-interlaced Hashc33de66281e933259772399d10a6afe8 b9f9d500f8814381451011d4dcf59cd2d90ad94f f1591a5221136c49438642155691ae6c68e25b7241f3d7ebe975b09a77662016
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other |
GET /cdn-cgi/images/icon-exclamation.png?1376755637 HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/cdn-cgi/styles/cf.errors.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 200 OK
date: Wed, 17 Apr 2024 00:59:44 GMT
content-type: image/png
content-length: 452
last-modified: Mon, 15 Apr 2024 08:31:33 GMT
etag: "661ce5e5-1c4"
server: cloudflare
cf-ray: 875879603af5b4fa-OSL
x-frame-options: DENY
x-content-type-options: nosniff
vary: Accept-Encoding
expires: Wed, 17 Apr 2024 02:59:44 GMT
cache-control: max-age=7200, public
accept-ranges: bytes
|
|
| cloudflare-ipfs.com/favicon.ico | 104.17.96.13 | 404 Not Found | 14 B |
URL GET HTTP/3cloudflare-ipfs.com/favicon.ico IP104.17.96.13:443
Requested byhttps://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq#georgia.butler@ucpzeller.com CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
File typeASCII text, with no line terminators Hashd0fbda9855d118740f1105334305c126 bc3023b36063a7681db24681472b54fa11f0d4ec a469ab4ca4e55bf547566e9ebfa1b809c933207e9d558156bc0c4252b17533fe
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other |
GET /favicon.ico HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/3 404 Not Found
date: Wed, 17 Apr 2024 00:59:44 GMT
content-type: text/plain;charset=UTF-8
content-length: 14
set-cookie: __cf_bm=mTBrnWCiy1t7RnlcFdVbh7mjZhJH4H_MZkjYmEAi1Ko-1713315584-1.0.1.1-owdqoY8KdN41.ssVSSODo2x4gpFnnwxBw72z0qaOkFaHIJkF0YfeNJSjjh7AxpmC7g0yp3A2uHhffuaZg2FrDQ; path=/; expires=Wed, 17-Apr-24 01:29:44 GMT; domain=.cloudflare-ipfs.com; HttpOnly; Secure; SameSite=None
vary: Accept-Encoding
server: cloudflare
cf-ray: 875879602aefb4fa-OSL
alt-svc: h3=":443"; ma=86400
|
|
| normandy.cdn.mozilla.net/api/v1/ | 35.201.103.21 | | 598 B |
URL normandy.cdn.mozilla.net/api/v1/ IP35.201.103.21:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash3076f9a5cb273105528b893ff7111e41 b8990c145fe71b9a2410eea41a60a712b43b82bf 69c578fb0c03a28141a975833f660f4571e7991dc28ae7f9cead37672ee2c9b3
GET /api/v1/ HTTP/1.1
Host: normandy.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 598
allow: GET, HEAD, OPTIONS
content-security-policy: base-uri 'none'; default-src 'self' https://normandy.cdn.mozilla.net/; worker-src 'none'; frame-src 'none'; object-src 'none'; form-action 'self'; block-all-mixed-content; report-uri /__cspreport__
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
strict-transport-security: max-age=31536000
via: 1.1 google
date: Tue, 16 Apr 2024 23:22:32 GMT
cache-control: public, max-age=86400
content-type: application/json
vary: Accept, Origin
age: 5841
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| classify-client.services.mozilla.com/api/v1/classify_client/ | 34.98.75.36 | | 64 B |
URL classify-client.services.mozilla.com/api/v1/classify_client/ IP34.98.75.36:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
Hash83e245b1557ad5c7e82c9f6aef4aaa79 72a366958ee99fb734d67e86641e7511d0d6f827 c29add8675586b726275de174483585873813cd67388eb1e24b77b6406cd261e
GET /api/v1/classify_client/ HTTP/1.1
Host: classify-client.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 17 Apr 2024 00:59:54 GMT
content-type: application/json
content-length: 64
cache-control: max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml | 35.244.181.201 | | 444 B |
URL aus5.mozilla.org/update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml IP35.244.181.201:0 ASN#396982 GOOGLE-CLOUD-PLATFORM
File typeXML 1.0 document, ASCII text, with very long lines (332) Hash3b324dec137a87ef7e24a30a65b13dd0 c0faa95b2f1018e264b3a14aaf50d1003e6c27b3 6cd0b591d9239fc8564627e92a804fc261951b1cbaf5fa58a8ada3cc13f51463
GET /update/3/GMP/111.0a1/20240129201730/Linux_x86_64-gcc3/null/default/Linux%205.15.0-101-generic%20(GTK%203.24.37%2Clibpulse%20not-available)/default/default/update.xml HTTP/1.1
Host: aus5.mozilla.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Cache-Control: no-cache
Pragma: no-cache
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
rule-id: unknown
rule-data-version: unknown
content-signature: x5u=https://content-signature-2.cdn.mozilla.net/chains/aus.content-signature.mozilla.org-2024-05-20-00-15-28.chain; p384ecdsa=3083yn9IW217uLF99eM2zmHauOh9IJaNroCvA-2h0NdkLoaLH71Z_SQ9BxeIjtpYLruIDujJnggGDiQgJohTWGlV8vPfHe_cHX3jjzzeuq0crUz5gxmw0-1ohdZM_fOj
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: default-src 'none'; frame-ancestors 'none'
x-proxy-cache-status: EXPIRED
content-encoding: gzip
via: 1.1 google
date: Wed, 17 Apr 2024 00:59:41 GMT
content-type: text/xml; charset=utf-8
vary: Accept-Encoding
content-length: 444
age: 20
cache-control: public,max-age=90
alt-svc: clear
X-Firefox-Spdy: h2
|
|
| cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq | 104.17.96.13 | 200 OK | 4.5 kB |
URL User Request GET HTTP/2cloudflare-ipfs.com/ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq IP104.17.96.13:443
CertificateIssuerLet's Encrypt Subjectcloudflare-ipfs.com Fingerprint18:E5:C9:71:96:8A:A9:48:E2:79:2A:29:91:D2:4E:46:90:B7:5D:9F ValiditySun, 25 Feb 2024 02:55:05 GMT - Sat, 25 May 2024 02:55:04 GMT
File typeHTML document, ASCII text, with very long lines (4703), with no line terminators Hash279990043f4019cf2b352005a7e42d91 1b1c45acb7e031e5e23f233a8ba65add88ea7a2a a91c1016443df371c686e3ac0c934237d8bba83a55a549ffdfec297455b6e967
| Analyzer | Verdict | Alert |
|---|
| PhishTank | phishing | Other |
GET /ipfs/bafkreigxs4snkdqdehsxn6jphftszt3vboelrbntvkafquseu62x4tyonq HTTP/1.1
Host: cloudflare-ipfs.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Wed, 17 Apr 2024 00:59:43 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
server: cloudflare
cf-ray: 8758795f19745695-OSL
content-encoding: gzip
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
|
|
0.0.0.0