Report - carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2

Report Overview

URL

carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2
IP

202.172.28.198

ASN

#37907 DigiRock, Inc.
Submitted

2023-04-04T23:29:25Z

Access

public
Tags

None
urlquery detections

No alerts detected

Detections

urlquery

0
Network Intrusion Detection

0
Threat Detection Systems

2

Domain Summary

Domain	Rank	First Seen	Last Seen	Sent	Received	IP
www.google.com (1)	7	2015-05-10T13:11:19Z	2023-04-04T21:32:30Z	512	578	216.58.207.228
r3.o.lencr.org (9)	344	2020-12-02T09:52:13Z	2023-04-04T18:12:09Z	3042	7977	23.36.76.226
content-signature-2.cdn.mozilla.net (1)	1152	2020-11-03T13:26:46Z	2023-04-04T18:20:05Z	413	5882	34.160.144.191
push.services.mozilla.com (1)	2140	2014-10-24T10:27:06Z	2023-04-04T18:19:16Z	606	238	34.117.65.55
ajax.googleapis.com (1)	12905	2013-08-16T11:51:31Z	2023-04-04T22:01:39Z	309	34485	142.250.74.106
www.google-analytics.com (2)	40	2012-10-03T03:04:21Z	2023-04-04T22:18:02Z	1321	21059	142.250.74.142
stats.g.doubleclick.net (1)	96	2013-06-10T22:21:11Z	2023-04-04T18:25:09Z	599	592	64.233.161.157
www.google.no (1)	25607	2016-04-05T21:50:59Z	2023-04-04T19:45:57Z	511	578	142.250.74.163
firefox.settings.services.mozilla.com (2)	867	2020-06-04T22:08:41Z	2023-04-04T18:13:55Z	782	2372	35.241.9.150
contile.services.mozilla.com (1)	1114	2021-05-27T20:32:35Z	2023-04-04T18:13:50Z	333	391	34.117.237.239
carnaval.co.jp (23)	unknown	2017-07-05T11:41:36Z	2023-03-20T13:44:46Z	9075	169496	202.172.28.198
img-getpocket.cdn.mozilla.net (6)	1631	2018-06-22T01:36:00Z	2023-04-04T13:13:40Z	3246	53039	34.120.237.76
ocsp.pki.goog (8)	175	2018-07-01T08:43:07Z	2023-04-04T18:12:04Z	2744	5599	142.250.74.35

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2023-04-04	medium	carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2	Malware
2023-04-04	medium	carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/	Malware

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

ThreatFox

No alerts detected

HTTP Transactions (57)

URL IP Response Size

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

a4074549843769a3da3f055bcb5a78ff

f99062d34cf71bda6a9c64061fb9e61008f94021

895e3801806f031611a25bec5652cc1a46dfa76ea6784f5064d859c1a5b9ddf7

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "895E3801806F031611A25BEC5652CC1A46DFA76EA6784F5064D859C1A5B9DDF7"
Last-Modified: Tue, 04 Apr 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15762
Expires: Wed, 05 Apr 2023 03:51:56 GMT
Date: Tue, 04 Apr 2023 23:29:14 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

e50dac5108a698d61ca49516033d1a20

53d243b89fc00deb9bfae07351bbe36ddb7c1df3

e9e0ad98c485b56fe65ea0a8bc4974fff3f804fcf2d8f6266ada9acd27c7b7cc

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E9E0AD98C485B56FE65EA0A8BC4974FFF3F804FCF2D8F6266ADA9ACD27C7B7CC"
Last-Modified: Tue, 04 Apr 2023 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10382
Expires: Wed, 05 Apr 2023 02:22:16 GMT
Date: Tue, 04 Apr 2023 23:29:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/

35.241.9.150

200 OK

939

URL HTTP/2

firefox.settings.services.mozilla.com/v1/
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (939), with no line terminators

Size

939
Hash

4ad6984a756720fbfff47b37a75513a2

355e35258114452af8b9638985ed9d8ef3bf0aca

43181fccb10652c68cae86e5e32b4e8f426fb5ad49d8125cb99e072cff573cf5

HTTP Headers

                                        GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 04 Apr 2023 23:16:43 GMT
content-type: application/json
age: 751
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

903ed2d58f1f33d069b70c4b53f1cb1f

0ef89cd6eb79a2ddd74434f9233cf486fffc1142

d8c984b50f04fcdb1ebc99d982502d85193302c85239ee7497666247edfc0061

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8C984B50F04FCDB1EBC99D982502D85193302C85239EE7497666247EDFC0061"
Last-Modified: Sun, 02 Apr 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19370
Expires: Wed, 05 Apr 2023 04:52:04 GMT
Date: Tue, 04 Apr 2023 23:29:14 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain

34.160.144.191

200 OK

5348

URL HTTP/2

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain
IP

34.160.144.191:0
ASN

#15169 GOOGLE

Magic

PEM certificate\012- , ASCII text

Size

5348
Hash

95f61d351f5fc9533cc78e255ce9bc06

fba284117f347782ac23c51d141d7e3ec15a867e

7fcc5f9e52e389d8d7c6df7f1f2a1291ae0aaae8e554f3022239ab092b2ef3c3

HTTP Headers

                                        GET /chains/remote-settings.content-signature.mozilla.org-2023-05-20-17-04-38.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
x-amz-id-2: 6v/PK9RVhqay4DvhvUMpoA/WmoIDxHQbDBNSh6Vs/JR140PwkGWsV2ePG4/3iiTFDdwTl7gZ+YE=
x-amz-request-id: J7GFKXPACM01ZJX2
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 04 Apr 2023 22:53:19 GMT
age: 2155
last-modified: Fri, 31 Mar 2023 17:04:39 GMT
etag: "95f61d351f5fc9533cc78e255ce9bc06"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

URL HTTP/2

contile.services.mozilla.com/v1/tiles
IP

34.117.237.239:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with no line terminators

Size

12
Hash

23e88fb7b99543fb33315b29b1fad9d6

a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce

7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

                                        GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
date: Tue, 04 Apr 2023 23:29:14 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

27326a64990c6f698a83600491674790

a6bdb4743ace6be80673f6899605bf9177a75b69

e4a8d3c3016130e47580098183bcea5ae369697b7907eafd65ac3450dc2eb265

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E4A8D3C3016130E47580098183BCEA5AE369697B7907EAFD65AC3450DC2EB265"
Last-Modified: Mon, 03 Apr 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3924
Expires: Wed, 05 Apr 2023 00:34:38 GMT
Date: Tue, 04 Apr 2023 23:29:14 GMT
Connection: keep-alive

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

35.241.9.150

200 OK

329

URL HTTP/2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP

35.241.9.150:0
ASN

#15169 GOOGLE

Magic

JSON data\012- , ASCII text, with very long lines (329), with no line terminators

Size

329
Hash

0333b0655111aa68de771adfcc4db243

63f295a144ac87a7c8e23417626724eeca68a7eb

60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

                                        GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Expires, Retry-After, Cache-Control, Alert, Backoff, Pragma, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 04 Apr 2023 23:14:45 GMT
age: 869
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2

push.services.mozilla.com/

34.117.65.55

101 Switching Protocols

URL HTTP/1.1

push.services.mozilla.com/
IP

34.117.65.55:0
ASN

#15169 GOOGLE

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

                                        GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D8NgYCGMLvmFhUkt8FWCSg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                        HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: p72yN+4SjcOggQjZbnAl3djblYs=
Date: Tue, 04 Apr 2023 23:29:14 GMT
Via: 1.1 google
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2

202.172.28.198

301 Moved Permanently

URL HTTP/1.1

carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

Size

0
Hash

d41d8cd98f00b204e9800998ecf8427e

da39a3ee5e6b4b0d3255bfef95601890afd80709

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /shortly-on-how-to-write-an-assessment-from-an-2 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 301 Moved Permanently
Date: Tue, 04 Apr 2023 23:29:14 GMT
Server: Apache
X-Pingback: http://carnaval.co.jp/wordpress/xmlrpc.php
Location: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/
Vary: User-Agent
Content-Length: 0
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8

carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

202.172.28.198

200 OK

6368

URL HTTP/1.1

carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (932), with CRLF, LF line terminators

Size

6368
Hash

e053aa0bae5364864b54d2979d121e8a

1b41fbd819550efd0905439a58f8dfacd7cf94f4

ce48d1f6e00e6141b6817e9a7a0b31afd9218ecdeb0f6726e3da9bcbcf8d1986

Detections

Analyzer	Verdict	Alert
fortinet	Malware

HTTP Headers

                                        GET /shortly-on-how-to-write-an-assessment-from-an-2/ HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
X-Pingback: http://carnaval.co.jp/wordpress/xmlrpc.php
Link: <http://carnaval.co.jp/?p=399>; rel=shortlink
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

142.250.74.106

200 OK

33576

URL HTTP/1.1

ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js
IP

142.250.74.106:0
ASN

#15169 GOOGLE

Magic

ASCII text, with very long lines (32341)

Size

33576
Hash

856f85cc1b07156fa844b44a10c236c2

7cef457c0e1cd0c20f4e699564ea8997f0332021

c61aa9ce7b32f93630abac1a4b27382f9333e0ff69477c9d9099070ae0742b01

HTTP Headers

                                        GET /ajax/libs/jquery/1.11.0/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/

                                        HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Encoding: gzip
Access-Control-Allow-Origin: *
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="hosted-libraries-pushers"
Report-To: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Timing-Allow-Origin: *
Content-Length: 33576
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Fri, 31 Mar 2023 15:26:54 GMT
Expires: Sat, 30 Mar 2024 15:26:54 GMT
Cache-Control: public, max-age=31536000, stale-while-revalidate=2592000
Last-Modified: Tue, 03 Mar 2020 19:15:00 GMT
Content-Type: text/javascript; charset=UTF-8
Vary: Accept-Encoding
Age: 374541

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/jquery.easingscroll.js?ver=4.1.37

202.172.28.198

200 OK

2299

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/jquery.easingscroll.js?ver=4.1.37
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (3705), with CRLF line terminators

Size

2299
Hash

92219167ac1bf0dcfdc40182812a6eaf

c9e2815889f8bd3b262c8fdf500fe70fb317f7ea

b9708757f672de3be98514c07d37d791772cda1398a733b76c6f5ecfd6884f29

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/js/jquery.easingscroll.js?ver=4.1.37 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Fri, 13 Feb 2015 06:47:45 GMT
ETag: "19ba-50ef29d26e640-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 2299
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/themes/carnaval/style.css?1576723560

202.172.28.198

200 OK

3492

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/style.css?1576723560
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

Unicode text, UTF-8 text, with CRLF line terminators

Size

3492
Hash

6cadcf8be9b49f721609bd25593b2b9a

331b30887b6c602c8139175b158caaddabd137c3

d396f8780a0723add52c97175ad37b633d2d9df73181e666e88c4f0f0b1d24cf

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/style.css?1576723560 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Thu, 19 Dec 2019 02:46:00 GMT
ETag: "2b24-59a058fb3ea00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3492
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: text/css

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/styles/lightbox.min.css?ver=1.4

202.172.28.198

200 OK

824

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/styles/lightbox.min.css?ver=1.4
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (2128), with no line terminators

Size

824
Hash

6a47c73f8d1508c029c5fb1e602e3828

1eebd544c369b44bae75db17cacfd9326adb3bba

3fdd077174c98df4a20c391649afdba92d72cbb2d08844773d3a0487980d9ad1

HTTP Headers

                                        GET /wordpress/wp-content/plugins/wp-jquery-lightbox/styles/lightbox.min.css?ver=1.4 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Sat, 14 Feb 2015 02:36:00 GMT
ETag: "850-50f0336aa4400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 824
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: text/css

carnaval.co.jp/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1

202.172.28.198

200 OK

3068

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (7085), with CRLF line terminators

Size

3068
Hash

be877782551a115e6da253d62cc3a6b2

b06a56238dcc28a6343c66d41aab3ad12a9c4f08

aba99fe4bef6b2ef9f9f0824e9dbdf7dede23e22a98b2305820c1f25a37e7380

HTTP Headers

                                        GET /wordpress/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Tue, 23 Jul 2013 06:28:00 GMT
ETag: "1c20-4e227e4f97c00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3068
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.touchwipe.min.js?ver=1.4

202.172.28.198

200 OK

739

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.touchwipe.min.js?ver=1.4
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (1075)

Size

739
Hash

7e1d7a4d9cd990648d7a113e533f6622

6439b7b671fcc1f5b8041ee09313b5ef75a308cc

d7deb2640af753c279a644a48265704a70844165af136f6821e77cf6b54f3ac7

HTTP Headers

                                        GET /wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.touchwipe.min.js?ver=1.4 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Sat, 14 Feb 2015 02:36:00 GMT
ETag: "610-50f0336aa4400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 739
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js?ver=1.4

202.172.28.198

200 OK

3549

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js?ver=1.4
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

HTML document, Unicode text, UTF-8 text, with very long lines (10602), with no line terminators

Size

3549
Hash

cec9323ad6ee8c7f64ae29910f3645b6

a338a5fc64c2628bc7d8f035e540aa707198c2ad

c51d91e497b952230e495659d776abafd7ca23f8b47b412d939d442e86e24264

HTTP Headers

                                        GET /wordpress/wp-content/plugins/wp-jquery-lightbox/jquery.lightbox.min.js?ver=1.4 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Sat, 14 Feb 2015 02:36:00 GMT
ETag: "296c-50f0336aa4400-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 3549
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/jquery.share.js?ver=4.1.37

202.172.28.198

200 OK

464

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/jquery.share.js?ver=4.1.37
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

Unicode text, UTF-8 text, with CRLF line terminators

Size

464
Hash

5a83878285e5d3ae432b4dedf6fcd56b

a7bc288bdee038e78c2fbeb16b390501f320d65b

38c4e38520a7943c56d8c05faf94c2f8666f1a3c5556eeb998f71a21a20e67e5

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/js/jquery.share.js?ver=4.1.37 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "334-50e515fec1300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 464
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/flexcroll.js?ver=4.1.37

202.172.28.198

200 OK

8539

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/js/flexcroll.js?ver=4.1.37
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

Unicode text, UTF-8 (with BOM) text, with very long lines (17232), with CRLF line terminators

Size

8539
Hash

f6c010e34ddfa78bb97a807e7be6fcaa

f1d7bf4d0be84cb0a990efc9c45ce3dcf1be981a

351b1a3acce31a1c97fd750124e3838f67bf64408a8be4c4fdd3b8f23c1e23ba

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/js/flexcroll.js?ver=4.1.37 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "45ec-50e515fec1300-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 8539
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-includes/js/jquery/jquery.js?ver=1.11.1

202.172.28.198

200 OK

33231

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-includes/js/jquery/jquery.js?ver=1.11.1
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (32086)

Size

33231
Hash

2c7a4be98841b87655ea1a878ebd973a

85bda3edd0b5e85cb3c299b3ffddb75c0481b450

e35fb7237e4023807528e7a4661b604df88fd3b5d8941bcd82e0abfb6d751491

HTTP Headers

                                        GET /wordpress/wp-includes/js/jquery/jquery.js?ver=1.11.1 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:15 GMT
Server: Apache
Last-Modified: Fri, 02 May 2014 00:29:00 GMT
ETag: "1763f-4f85fde2e4b00-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 33231
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-includes/js/comment-reply.min.js?ver=4.1.37

202.172.28.198

200 OK

401

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-includes/js/comment-reply.min.js?ver=4.1.37
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

ASCII text, with very long lines (755), with no line terminators

Size

401
Hash

e9cb6e75782e5803dc9bf3eaf9f1cf0e

a5a292f86fa72064f3deb7465abc7f1dacfa1193

fbc662ac5ff99f39b8b98b502f29660c387296fe4b321808adce4ce09411d68a

HTTP Headers

                                        GET /wordpress/wp-includes/js/comment-reply.min.js?ver=4.1.37 HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 13 May 2021 02:33:45 GMT
ETag: "2f3-5c22cf4d175be-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding,User-Agent
Content-Encoding: gzip
Content-Length: 401
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: application/javascript

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/footer.jpg

202.172.28.198

200 OK

7398

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/footer.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 1000x40, components 3\012- data

Size

7398
Hash

0fbc8a35865e91cf775564083e8f18e2

cd6d69f355d43a94273e440952d87bf1ef7d36ec

d295a252baa479300ead4ecbf20ac7c4de8a5ffe7e392a6012945931c29e97ff

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/footer.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "1ce6-50e515fec1300"
Accept-Ranges: bytes
Content-Length: 7398
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_logo.jpg

202.172.28.198

200 OK

7010

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_logo.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 193x41, components 3\012- data

Size

7010
Hash

232f2cf6280d938a5be9e12fbc864c5d

4460aa82d4b44a5b7c5d0a9ebee8e524bcd3846d

fe48994a22dda208b826fc56fd2cc93acdfb42123f6967f1f4e1084818d37b9f

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/header_logo.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "1b62-50e515fec1300"
Accept-Ranges: bytes
Content-Length: 7010
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_ca.jpg

202.172.28.198

200 OK

10070

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_ca.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 260x79, components 3\012- data

Size

10070
Hash

d6f009827111756e7488629f25b26428

0d455ca55f3fface175ae17e70d967edf0649673

c312bc31498fdee3f5c290557dbbecac75218f06200aa7da4b17af1115395fa9

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/index/button_blog_ca.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:47 GMT
ETag: "2756-50e515fdcd0c0"
Accept-Ranges: bytes
Content-Length: 10070
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_tel1.jpg

202.172.28.198

200 OK

13139

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_tel1.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 250x85, components 3\012- data

Size

13139
Hash

2ffa4e5b3448d890387548dd7849b46f

769393fd5efff97710b9cfa644d9d7cf6c8c273d

078455c57e3f597cef36cdddd1e992e87b8168d49e66d12a66c06738021a4683

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/header_tel1.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Sat, 14 Feb 2015 04:34:04 GMT
ETag: "3353-50f04dce78700"
Accept-Ranges: bytes
Content-Length: 13139
Keep-Alive: timeout=15, max=100
Connection: Keep-Alive
Content-Type: image/jpeg

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

869fe4a8dc549ffa1023d3adc184e4f2

37b95d88dd3f6f251bb651b130e09b202850033f

9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:29:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

869fe4a8dc549ffa1023d3adc184e4f2

37b95d88dd3f6f251bb651b130e09b202850033f

9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:29:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

869fe4a8dc549ffa1023d3adc184e4f2

37b95d88dd3f6f251bb651b130e09b202850033f

9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:29:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

869fe4a8dc549ffa1023d3adc184e4f2

37b95d88dd3f6f251bb651b130e09b202850033f

9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:29:16 GMT
Connection: keep-alive

r3.o.lencr.org/

23.36.76.226

200 OK

503

URL HTTP/1.1

r3.o.lencr.org/
IP

23.36.76.226:0
ASN

#20940 Akamai International B.V.

Magic

data

Size

503
Hash

869fe4a8dc549ffa1023d3adc184e4f2

37b95d88dd3f6f251bb651b130e09b202850033f

9387d0291fa66cc98248bae7724ec34f884c766302d2a99e734585cc591ad304

HTTP Headers

                                        POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                        HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9387D0291FA66CC98248BAE7724EC34F884C766302D2A99E734585CC591AD304"
Last-Modified: Mon, 03 Apr 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6332
Expires: Wed, 05 Apr 2023 01:14:48 GMT
Date: Tue, 04 Apr 2023 23:29:16 GMT
Connection: keep-alive

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/body_bg.jpg

202.172.28.198

200 OK

2672

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/body_bg.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 99x101, components 3\012- data

Size

2672
Hash

a38f8810f898b9de9c9079a24a3c5969

fd5a9e3d72b23e08f543c83fb1e499d8d83d76ca

0886892a9061eb084ed2f4c820684169e885ffe10af25d61e0857be1a4625155

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/body_bg.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/wordpress/wp-content/themes/carnaval/style.css?1576723560

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "a70-50e515fec1300"
Accept-Ranges: bytes
Content-Length: 2672
Keep-Alive: timeout=15, max=97
Connection: Keep-Alive
Content-Type: image/jpeg

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg

34.120.237.76

200 OK

5686

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

5686
Hash

9132183080e6510ff7309e59efa59e75

9ce62f7aee64552638ff948e89b2ddf4f20bdff7

b888ab47550e87b46ed8377a0a6e8679fda7b2751473827bcba328aa4ce207ab

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F74ab7a15-f867-4797-989f-7adeb80e9c1e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 5686
x-amzn-requestid: 3900b1cb-78c9-43d6-9c98-6f00d8635e3b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CooSOHAaoAMF6RA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64268741-002861655352e48c6a833c80;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Fri, 31 Mar 2023 07:09:53 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: XPqgiYowyfmy22TeKddE1Q7KybhFQNNaBi6XE7HRoCW9gWWIb-kVHA==
via: 1.1 50cc3f0b039433daebdf343a3f4489ae.cloudfront.net (CloudFront), 1.1 8cb7de37a1655236518810d0aabb8656.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 19:58:14 GMT
age: 12662
etag: "9ce62f7aee64552638ff948e89b2ddf4f20bdff7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

13772

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94db052-75b3-4eb0-8fba-da79a6186b48.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

13772
Hash

b20d6fa5063d7f97cabeae5c3b90a666

d4f5e356e47b3f7bd00349c0c60811fe9913ad09

98e16371931d033b94ac530ae94fda71730d001c55aeb331e0340e95bc97d0c9

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb94db052-75b3-4eb0-8fba-da79a6186b48.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 13772
x-amzn-requestid: 744963e6-853b-4036-8fe4-0d02b41ce7ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cyf-QEtdoAMFo2g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a79f4-1788e80d58756ef0027924bd;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:02:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: ulWZwLggT-eqZA2cK4x1QcasdvtItDZdEZ77IBQtLQrpBvDEA1ElJA==
via: 1.1 773bf3616e85ce2b187fa78710a6beb2.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 22:31:58 GMT
age: 3438
etag: "d4f5e356e47b3f7bd00349c0c60811fe9913ad09"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4424

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06d31622-0a13-44c5-af26-f54d7858062c.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

4424
Hash

a1f459480dc0b55ae4825d3a1c329c65

993e5077165cf389c986c7c73d39384bf21b24ec

360931163e5d707215d9a273661d364e6ae6a71b1821cb39a2e52619812312ed

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06d31622-0a13-44c5-af26-f54d7858062c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 4424
x-amzn-requestid: cfcba3e0-1e91-44de-883d-b059229834ee
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cyg_1H2roAMFU7A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a7b98-022b97ae47933289670cd3ad;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:09:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: nMYIqxb9lOzP01Tcs4KbNkYgMQukQ0aU-K1-zVerItMe5g8S_s2s6A==
via: 1.1 02f1a759e4ec9fab6fc17c080dd851dc.cloudfront.net (CloudFront), 1.1 1f41b5f27f3ec2e93db2155dbc56900c.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:14:31 GMT
age: 58485
etag: "993e5077165cf389c986c7c73d39384bf21b24ec"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4774

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59d6989a-36a1-4ed7-9694-00dfbfc9b386.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

4774
Hash

6d504943bc15b039b6813b2d1a8a8783

865a647f277bf9234adce200cb6c3e0735f2c9e7

5906ddbaf547fcc998dc1121a1e345b34f575ffe867e32453121354f91df7d53

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59d6989a-36a1-4ed7-9694-00dfbfc9b386.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 4774
x-amzn-requestid: 8c43d597-5000-48a3-be58-7157558d119e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CvNtSGTqoAMF-Aw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64292987-66a228e347e1fd032c920287;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Sun, 02 Apr 2023 07:06:47 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: eMj9Fv9kO_r5yNKqjA2px4vX6UgpDNgP0GmtAz-g5dBikHR2dhikEA==
via: 1.1 6af36c6902a46beec743522a9bbb3ab0.cloudfront.net (CloudFront), 1.1 c9b161639a9353c2354b895548ea9fca.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:50:08 GMT
age: 56348
etag: "865a647f277bf9234adce200cb6c3e0735f2c9e7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6606

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79da5da9-3d26-4695-ae7f-58d008a2530b.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

6606
Hash

20ff30ea98e9f9086ee28d4ac369e938

40aee6f21d4958a8e36bb9e9359a1784bb4e059d

1fa8c56d96a34e8971f580a83ef30b460b622d43ed7486ccb2c317366cb2179c

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F79da5da9-3d26-4695-ae7f-58d008a2530b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 6606
x-amzn-requestid: 2e52472d-4c31-46af-b2e7-4ffc169c2222
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: C34yhEGhIAMF1sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642ca1a9-4f0faa13315fe1e76cbb09a3;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Tue, 04 Apr 2023 22:16:09 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -3eyeauXxMTnrWCD5BX_WX2pakIj6fexjGzeXiTotEkJi7tkQBFFjA==
via: 1.1 b6cdb2111444305bd4957a473b711ad6.cloudfront.net (CloudFront), 1.1 a9e73292d0b92053c3e38dcec15fd0e2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 22:47:01 GMT
age: 2535
etag: "40aee6f21d4958a8e36bb9e9359a1784bb4e059d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

11335

URL HTTP/2

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b68391b-cdda-4a95-83ea-6e91fc7fd975.jpeg
IP

34.120.237.76:0
ASN

#15169 GOOGLE

Magic

JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data

Size

11335
Hash

7192737e0718d2b093fd4f4365d51a66

728ce44f7ba8a21e158e474899fcbec9e6894a95

4177a474202cc2679c4bf5050d6d23d65e64f1d07bfa3e8fc573f00789cc445f

HTTP Headers

                                        GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3b68391b-cdda-4a95-83ea-6e91fc7fd975.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                        HTTP/2 200 OK
server: nginx
content-length: 11335
x-amzn-requestid: fcd7ec3b-2d7a-49f7-a764-a2cdff135f55
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Cyg_2GY-IAMFZRA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-642a7b98-19103e85416d52897e5ea091;Sampled=0;lineage=69363f46:0
x-amzn-remapped-date: Mon, 03 Apr 2023 07:09:12 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qCx7zoELd6W9fqriuqLU7zIzVzNKA0lxEADTYzSnmaA6QleYgP19GA==
via: 1.1 e92cc925fc8895560cd0628c67f58828.cloudfront.net (CloudFront), 1.1 21618d080c6bfbcd465fc55a167a8c1a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 04 Apr 2023 07:22:19 GMT
age: 58017
etag: "728ce44f7ba8a21e158e474899fcbec9e6894a95"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_tel2.jpg

202.172.28.198

200 OK

16221

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/header_tel2.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, JFIF standard 1.02, aspect ratio, density 100x100, segment length 16, baseline, precision 8, 250x85, components 3\012- data

Size

16221
Hash

d481f0e978e7f1b402472dbfdba79bef

e949679ae4fd7bc65665edf0708ffe91acf98ac5

d3c2dbb2bc2d857c0f205a6fd514f2bc7b1958b11f4e88d21c5df65940cc98b9

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/header_tel2.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Sat, 14 Feb 2015 04:34:34 GMT
ETag: "3f5d-50f04deb14a80"
Accept-Ranges: bytes
Content-Length: 16221
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/news_bak.png

202.172.28.198

200 OK

2745

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/news_bak.png
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

PNG image data, 708 x 35, 8-bit/color RGBA, non-interlaced\012- data

Size

2745
Hash

818175e06f29e3ac0efa821b3232825e

15f7239149c89b160a5528a3041c5ee6cd24e1df

c7991049e73cb6e685379ceef2df6a157069d8a5236ffa1bdc812ae701195aca

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/index/news_bak.png HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/wordpress/wp-content/themes/carnaval/style.css?1576723560
Cookie: redirect=1680737356

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Fri, 13 Feb 2015 12:18:43 GMT
ETag: "ab9-50ef73cc7eec0"
Accept-Ranges: bytes
Content-Length: 2745
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/png

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_pet.jpg

202.172.28.198

200 OK

9415

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_pet.jpg
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 260x79, components 3\012- data

Size

9415
Hash

ff06381944264bfcd35fb255e21b73f9

12030e4fdb903b0e3ac51932cbeaf5640ae98d62

e434b2fa2c3f23ca6066f16bb5b0dd958698152eb84c1a03fbea0e60540abe0e

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/index/button_blog_pet.jpg HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Mon, 06 Jan 2020 09:39:00 GMT
ETag: "24c7-59b756dd97500"
Accept-Ranges: bytes
Content-Length: 9415
Keep-Alive: timeout=15, max=99
Connection: Keep-Alive
Content-Type: image/jpeg

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_ro.png

202.172.28.198

200 OK

2030

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/index/button_blog_ro.png
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

PNG image data, 34 x 32, 8-bit/color RGBA, non-interlaced\012- data

Size

2030
Hash

d7454bcf32178e8b567aa7df3b3dd3f8

438856b42542ff3967e4f7aed992dc57b829ebe9

f8262a1d6a8cd20e1ff4915019dc40993dc70a224d39fb6515416f4958030f68

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/index/button_blog_ro.png HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/shortly-on-how-to-write-an-assessment-from-an-2/

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:47 GMT
ETag: "7ee-50e515fdcd0c0"
Accept-Ranges: bytes
Content-Length: 2030
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/png

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/nav.png

202.172.28.198

200 OK

28780

URL HTTP/1.1

carnaval.co.jp/wordpress/wp-content/themes/carnaval/img/share/nav.png
IP

202.172.28.198:0
ASN

#37907 DigiRock, Inc.

Magic

PNG image data, 676 x 104, 8-bit/color RGBA, non-interlaced\012- data

Size

28780
Hash

f557b4780fdf1f45787ee948888b16eb

e539a9488310e25ecfca18afe2edffbb85a00568

9a4842dd2ab6e74b9a44cc1637a6af298352ce0bdffc1cbac9a5874e02ac0728

HTTP Headers

                                        GET /wordpress/wp-content/themes/carnaval/img/share/nav.png HTTP/1.1
Host: carnaval.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://carnaval.co.jp/wordpress/wp-content/themes/carnaval/style.css?1576723560
Cookie: redirect=1680737356

                                        HTTP/1.1 200 OK
Date: Tue, 04 Apr 2023 23:29:16 GMT
Server: Apache
Last-Modified: Thu, 05 Feb 2015 06:25:48 GMT
ETag: "706c-50e515fec1300"
Accept-Ranges: bytes
Content-Length: 28780
Keep-Alive: timeout=15, max=98
Connection: Keep-Alive
Content-Type: image/png

www.google-analytics.com/analytics.js

142.250.74.142

200 OK

20085

URL HTTP/1.1

www.google-analytics.com/analytics.js

Report Overview

URL

IP

ASN

Submitted

Access

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

ThreatFox

JavaScript (15)

#1 JS:Script (size: 7200)

#2 JS:Script (size: 820)

#3 JS:Script (size: 17897)

#4 JS:Script (size: 95807)

#5 JS:Script (size: 778)

#6 JS:Script (size: 50234)

#7 JS:Script (size: 96381)

#8 JS:Script (size: 6586)

#9 JS:Script (size: 191)

#10 JS:Script (size: 10604)

#11 JS:Script (size: 391)

#1 JS:Eval (size: 26013)

#1 JS:Write (size: 85)

#2 JS:Write (size: 308)

#3 JS:Write (size: 54)

HTTP Transactions (57)

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/1.1

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size

Hash

HTTP Headers

URL HTTP/2

IP

ASN

Magic

Size