dominantcodes-ip.com/clicks/MjEwNjlfMjYyMzEwXzI0LjExM18xM18xNjcxNjI3NDYzMTMxNDE5NDY1MV5jZGM5ZjE2ZDI5NjRiNjkyOTM2NWE5NGQ2ZWM4YmNhZF4xNi4xMi4yMS4yMDIy
193.200.64.20200 OK 175 B URL HTTP/1.1 dominantcodes-ip.com/clicks/MjEwNjlfMjYyMzEwXzI0LjExM18xM18xNjcxNjI3NDYzMTMxNDE5NDY1MV5jZGM5ZjE2ZDI5NjRiNjkyOTM2NWE5NGQ2ZWM4YmNhZF4xNi4xMi4yMS4yMDIy
IP 193.200.64.20:0
ASN #6681 Rozetka Sp. z o.o.
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with no line terminators
Hash 5d4637271669962aa386e488b6a3cf23
b2a0986d68467f753d96bda012f2e46a65cfc18d
d31ca7ee5adb9cac1f86fafe48b6237eac916c864d04a0cf343af38cafcf97fc
GET /clicks/MjEwNjlfMjYyMzEwXzI0LjExM18xM18xNjcxNjI3NDYzMTMxNDE5NDY1MV5jZGM5ZjE2ZDI5NjRiNjkyOTM2NWE5NGQ2ZWM4YmNhZF4xNi4xMi4yMS4yMDIy HTTP/1.1
Host: dominantcodes-ip.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-cache, must-revalidate
Expires: Sat, 26 Jul 1997 05:00:00 GMT
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uuid=16716274631314194651; expires=Fri, 20-Dec-2024 14:02:09 GMT; Max-Age=63072000; path=/; samesite=None; domain=.dominantcodes-ip.com; secure
Vary: Accept-Encoding
Content-Encoding: gzip
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash bbea1550fedd5eb9c265712fab75b137
2c2f981747898a380265f766345f2bb9c8c983fd
c728286e38c31a4d3f7a39702e0a5f69c14bf69e01a88bc4479714953fbda278
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C728286E38C31A4D3F7A39702E0A5F69C14BF69E01A88BC4479714953FBDA278"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=20761
Expires: Wed, 21 Dec 2022 19:48:10 GMT
Date: Wed, 21 Dec 2022 14:02:09 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 04c14564c7083355371e41c5a09acada
ea488e34661be5420c798c7e26f193b4dee7bb37
d7e5c37d8e6cbed236670d050f84f288539642f7a41a54b0abd39357f7c42232
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D7E5C37D8E6CBED236670D050F84F288539642F7A41A54B0ABD39357F7C42232"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3534
Expires: Wed, 21 Dec 2022 15:01:03 GMT
Date: Wed, 21 Dec 2022 14:02:09 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Content-Type, Content-Length, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 21 Dec 2022 13:45:55 GMT
content-type: application/json
age: 974
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash f4b32de26d9af2cba6afcdcf716d3fb8
644ead4436a8f2fc1f0dd25e4484b64f6ed63347
525123034cb53d750d5ebd487015911452d2cd3c34301e6628f2f52f3f0bfc88
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "525123034CB53D750D5EBD487015911452D2CD3C34301E6628F2F52F3F0BFC88"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21010
Expires: Wed, 21 Dec 2022 19:52:19 GMT
Date: Wed, 21 Dec 2022 14:02:09 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 53341dea33f4f3d9b4966f80589f429a
20f7b07c686c986d2ed1e3e9ad1bb2aef8edaf0d
651683e52cdbc96b289f8f123155f0b96d9f67432689e89156fa56f5a346c6a0
GET /chains/remote-settings.content-signature.mozilla.org-2023-01-19-10-06-33.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rchz7w1D4Jf+sJ5mFdDZQ6BF9MKHTegzbuASGLcxKqnpHMa8QZ+JjYMT1nXmiyAF5lK9JoBS6xY=
x-amz-request-id: 28ZM1SQHAKB494FW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 21 Dec 2022 13:29:52 GMT
age: 1937
last-modified: Wed, 30 Nov 2022 10:06:34 GMT
etag: "53341dea33f4f3d9b4966f80589f429a"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 21 Dec 2022 14:02:09 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
wegoodstator.com/click/?id=12077&subid_1=&click_id=21069_262310_7_1_s44&subid_2=25178&subid_3=13556&subid_4=262310&subid_5=
193.200.64.30302 Found 0 B URL HTTP/1.1 wegoodstator.com/click/?id=12077&subid_1=&click_id=21069_262310_7_1_s44&subid_2=25178&subid_3=13556&subid_4=262310&subid_5=
IP 193.200.64.30:0
ASN #6681 Rozetka Sp. z o.o.
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /click/?id=12077&subid_1=&click_id=21069_262310_7_1_s44&subid_2=25178&subid_3=13556&subid_4=262310&subid_5= HTTP/1.1
Host: wegoodstator.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dominantcodes-ip.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx
Date: Wed, 21 Dec 2022 14:02:09 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
P3P: CP="NON DSP COR CURa TIA"
Set-Cookie: uid=15326358021671631329; expires=Fri, 20-Dec-2024 14:02:09 GMT; Max-Age=63072000; path=/; domain=.wegoodstator.com
rotator_12077=12077; expires=Wed, 21-Dec-2022 14:02:10 GMT; Max-Age=1; path=/; domain=.wegoodstator.com
Location: http://weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
185.177.94.117200 OK 1.2 kB URL HTTP/1.1 weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text
Hash 2a3d45db57d1fadca5ebd714d3c94746
0699c30039c4434b666ed0901dc227e378b681a0
6b0356d76ded56f5b33fdce559b235576b8af0abaf70a6145194be3e95e1d8b1
GET /news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0= HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://dominantcodes-ip.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:09 GMT
Content-Type: text/html
Content-Length: 1237
Connection: keep-alive
Last-Modified: Wed, 26 Oct 2022 11:36:29 GMT
ETag: "a1c-5ebee6f81c3ba-gzip"
Accept-Ranges: bytes
Vary: Accept-Encoding
Content-Encoding: gzip
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Last-Modified, Retry-After, Content-Type, Alert, Pragma, ETag, Cache-Control, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 21 Dec 2022 13:33:24 GMT
age: 1725
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
weprodspage.com/news/whats_appwhite/css/main-style.css
185.177.94.117200 OK 3.4 kB URL HTTP/1.1 weprodspage.com/news/whats_appwhite/css/main-style.css
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type Unicode text, UTF-8 text, with very long lines (492)
Hash 57dc3eb5e43742342ad6603c69ebf6ad
00fe3294e0c6901dd98b730205aecb54af9fb24f
1cfa23c2039190a6a73fdc8dbabe21a39fd052cf9a600d2a40c0bb7f4433defe
GET /news/whats_appwhite/css/main-style.css HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: text/css
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 08:51:37 GMT
ETag: W/"61b70999-39a0"
Content-Encoding: gzip
weprodspage.com/news/whats_appwhite/css/css.css
185.177.94.117200 OK 173 B URL HTTP/1.1 weprodspage.com/news/whats_appwhite/css/css.css
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
Hash 93f2cbc386ec7c66524690c2f355f25e
e136f12861c61378a8b0111afbcf00367debf863
69e21eff33fd97108cf7097c48ffb8931a63ee42f96c8e7e7247ea2bccf07c59
GET /news/whats_appwhite/css/css.css HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/css/main-style.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: text/css
Content-Length: 173
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 08:51:37 GMT
ETag: "61b70999-ad"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 859d899d982bb69df5fb16b8393fa119
580215f1d4f81cda04012c0889cfd9b18ba11863
38159dd549e94d45798b614efa5f968de7b74830c845220d1b6c1435f3940a94
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1149
Cache-Control: max-age=156229
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 14:02:10 GMT
Etag: "63a2ccaa-1d7"
Expires: Fri, 23 Dec 2022 09:25:59 GMT
Last-Modified: Wed, 21 Dec 2022 09:06:50 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 471
jsscrpt.com/js/adult.js
193.200.64.30200 OK 3.0 kB IP 193.200.64.30:0
ASN #6681 Rozetka Sp. z o.o.
File type Unicode text, UTF-8 text, with very long lines (1842), with CRLF line terminators
Hash 29011bf3699cdc2d2c3a0be127c46c99
122484522e92a1149538abf3f39a2021a624bb22
367a66dac817cb49ac3fa00083e08a712c4a98105fe7ae9a4f02aaef11e51a96
GET /js/adult.js HTTP/1.1
Host: jsscrpt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 3041
Last-Modified: Tue, 09 Jun 2020 10:28:10 GMT
Connection: keep-alive
ETag: "5edf643a-be1"
Accept-Ranges: bytes
jsscrpt.com/js/prelend-utils.js
193.200.64.30200 OK 35 kB URL HTTP/1.1 jsscrpt.com/js/prelend-utils.js
IP 193.200.64.30:0
ASN #6681 Rozetka Sp. z o.o.
File type Unicode text, UTF-8 text, with very long lines (21726), with CRLF line terminators
Hash 0dc99c13db83ec6c8306f5dc78334850
8e78c4b85dd2d47b59f90e9cea39f0f344a00254
4964b434107ed9d53004fff8c6ad85da709d3e1f24319b823766aad59085ef9c
GET /js/prelend-utils.js HTTP/1.1
Host: jsscrpt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: application/javascript; charset=UTF-8
Content-Length: 34977
Last-Modified: Mon, 08 Jun 2020 15:32:27 GMT
Connection: keep-alive
ETag: "5ede5a0b-88a1"
Accept-Ranges: bytes
weprodspage.com/news/whats_appwhite/images/tik_tok.png
185.177.94.117200 OK 15 kB URL HTTP/1.1 weprodspage.com/news/whats_appwhite/images/tik_tok.png
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type PNG image data, 440 x 119, 8-bit/color RGBA, non-interlaced\012- data
Hash d33de24203f194c3e2a483963207d069
aed47481147c87ad60e365697f5a2cbc1754aa75
c6108bca6b939460145298ccad6da843576d82d1d632ebe05849e9a80b793c9a
GET /news/whats_appwhite/images/tik_tok.png HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: image/png
Content-Length: 15011
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 08:51:37 GMT
ETag: "61b70999-3aa3"
Accept-Ranges: bytes
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e7bae7301876daa053d652f35a5f4f4f
5fb85fcb958b3d61e9bc521cb8d5dfe3d000e792
050cac775468b7ded8b158d1e390cae19956178fad0d4603897ed8f72d305ebc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1996
Cache-Control: max-age=171126
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 14:02:10 GMT
Etag: "63a3038c-118"
Expires: Fri, 23 Dec 2022 13:34:16 GMT
Last-Modified: Wed, 21 Dec 2022 13:01:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
weprodspage.com/news/whats_appwhite/images/g__7_.gif
185.177.94.117200 OK 154 kB URL HTTP/1.1 weprodspage.com/news/whats_appwhite/images/g__7_.gif
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type GIF image data, version 89a, 235 x 376\012- data
Size 154 kB (154542 bytes)
Hash 506480afa76deeb841f276b57ff9e715
4f11dc2eea1e36c8f3744543dc04fc9c358e4145
d748a959e42e00c2a5181d6888d09b35bf67c95ee7a0b2282ea73d35004690bf
GET /news/whats_appwhite/images/g__7_.gif HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: image/gif
Content-Length: 154542
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 08:51:37 GMT
ETag: "61b70999-25bae"
Accept-Ranges: bytes
weprodspage.com/news/whats_appwhite/fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
185.177.94.117200 OK 41 kB URL HTTP/1.1 weprodspage.com/news/whats_appwhite/fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type TrueType Font data, 17 tables, 1st "GDEF", 8 names, Microsoft, language 0x409, Copyright 2010, 2012, 2014 Adobe Systems Incorporated (http://www.adobe.com/), with Reserved Fon\012- data
Hash 8a5f548004e5d929f439c4a6eb822105
cc022a4a0857ac0b67a60dd89d79abbd09f287f2
5703c7f23685a6adbea2ea9ffde69d3d8f9fc8085e7f9f00a09c5be9c9a0ad7f
GET /news/whats_appwhite/fonts/6xKydSBYKcSV-LCoeQqfX1RYOo3ik4zwlxdr.ttf HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/css/css.css
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: font/ttf
Content-Length: 40600
Connection: keep-alive
Last-Modified: Mon, 13 Dec 2021 08:51:37 GMT
ETag: "9e98-5d3032e3ec23f"
Accept-Ranges: bytes
weprodspage.com/favicon.ico
185.177.94.117404 Not Found 277 B URL HTTP/1.1 weprodspage.com/favicon.ico
IP 185.177.94.117:0
ASN #39572 DataWeb Global Group B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash bf315f818d4e5ca61c6865b46f50d78b
4e16c8ee6988d5fc9e2508554d3c5026d0759670
3c86e8b50a9c943d1f93b9d9d7498daecfd7f6752d13ee0572b4d2d866390008
GET /favicon.ico HTTP/1.1
Host: weprodspage.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://weprodspage.com/news/whats_appwhite/?a1=2&a2=1&k=1&e=2&c=2&u=aHR0cHM6Ly90cnVlLmxvdmVhbmRzZXguYml6L2NsaWNrP2FmZmlkPTY5Nzkmb2ZmZXJpZD0xMDA0JnN1YjE9MTUzMjYzNTgwMjE2NzE2MzEzMjkmc3ViMj0zMTU2JnN1YjM9MTM1NTYmbHA9MzhkNDE1ZmE=&u2=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0yJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=&u3=Ly93ZWdvb2RzdGF0b3IuY29tL2NsaWNrL2NsaWNrLnBocD9pZD0zJnJvdGF0b3I9MTIwNzcmcHJlbGFuZGluZz01MDMzJmxhbmRpbmc9NzM1NiZzdWJpZF8xPSZzdWJpZF8yPTI1MTc4JnN1YmlkXzM9MTM1NTYmc3ViaWRfND0yNjIzMTAmc3ViaWRfNT0=
HTTP/1.1 404 Not Found
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 277
Connection: keep-alive
push.services.mozilla.com/
54.186.209.73101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 54.186.209.73:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZxECi29aAe8iPJZu6OGxeQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: TqL7uXtBM1Zb/DjuImmzzlOQaps=
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash e7bae7301876daa053d652f35a5f4f4f
5fb85fcb958b3d61e9bc521cb8d5dfe3d000e792
050cac775468b7ded8b158d1e390cae19956178fad0d4603897ed8f72d305ebc
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1996
Cache-Control: max-age=171126
Content-Type: application/ocsp-response
Date: Wed, 21 Dec 2022 14:02:10 GMT
Etag: "63a3038c-118"
Expires: Fri, 23 Dec 2022 13:34:16 GMT
Last-Modified: Wed, 21 Dec 2022 13:01:00 GMT
Server: ECS (ska/F6FC)
X-Cache: HIT
Content-Length: 280
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 7a5680e09965e703321152767d3ba192
f0cf7569dc663fdb616c777c7aad8795a164b4e0
e19be67f1c9d05d03b4264114d55e3bb8066598aa6d803e66601343f9582d97c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E19BE67F1C9D05D03B4264114D55E3BB8066598AA6D803E66601343F9582D97C"
Last-Modified: Tue, 20 Dec 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21592
Expires: Wed, 21 Dec 2022 20:02:02 GMT
Date: Wed, 21 Dec 2022 14:02:10 GMT
Connection: keep-alive
casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
23.88.40.171200 OK 2.2 kB URL HTTP/1.1 casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 (with BOM) text, with very long lines (480), with CRLF line terminators
Hash 1d3f34e8dea239d9e2194fe2a13df303
7e9ccb4f0dfc056c35cd4f8bdeea1251f8b38ce0
8e3936c46ca510f3625fbb2310a018cf1d70875911640418e07f6809c2091ed2
Analyzer Verdict Alert quad9 Sinkholed
GET /?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0 HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: text/html
Content-Length: 2242
Connection: keep-alive
content-encoding: gzip
vary: Accept-Encoding
set-cookie: sid=t1~n0js32rrqxdhd15oqpndo3b3; path=/
cache-control: private, no-transform
casualdatinghere.life/media/casual/toon3/css/style_alt.css
23.88.40.171200 OK 5.1 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/css/style_alt.css
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash faef7172cb03c340a5df27533a002d1a
d84c0103e7996d5558026aa9253afeeca390d654
5b2cf586d1b6a80ea096b4df5f234fddce3d6cedef138ac48b93b1f38d8307ad
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/css/style_alt.css HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:10 GMT
Content-Type: text/css
Content-Length: 5097
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "faef7172cb03c340a5df27533a002d1a"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D2B84F48E888
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:10 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/cookie/js.cookie11.js
23.88.40.171200 OK 4.2 kB URL HTTP/1.1 casualdatinghere.life/cookie/js.cookie11.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (1709), with CRLF line terminators
Hash d69ea699f15818eb39d4f4898f75a7e3
0209181a1da02eaf3857d30efd7092ea85f4c7eb
1d6379dcee88d76c4895ef26cc84e178b995e0a8e1effc943691fe9c59ccdb60
Analyzer Verdict Alert quad9 Sinkholed
GET /cookie/js.cookie11.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 4157
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "d69ea699f15818eb39d4f4898f75a7e3"
Last-Modified: Wed, 31 Aug 2022 09:31:17 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D3C3E898A306
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/js/main.js
23.88.40.171200 OK 405 B URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/js/main.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
Hash f2eab5d5860befa6e1b4eca345006bf1
f4f7958b8de4822f1b2e946f8ca2a4d104484866
c00613979fdbf8d2850f0e08260b582bb8745265c28c216444bc31d475416bc3
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/js/main.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 405
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "f2eab5d5860befa6e1b4eca345006bf1"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D31F1DEE6744
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/util/utils.js
23.88.40.171200 OK 7.5 kB URL HTTP/1.1 casualdatinghere.life/util/utils.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (641), with CRLF line terminators
Hash 01816d15ca03032751161a746e2fb7c3
dcc72ea5fa1356490ba473288159df9786b4a3c3
8b3c83a330bf1120a13eff6ef60c1e268b827b7bc49b42a7a1f5d8ad6941f2ea
Analyzer Verdict Alert quad9 Sinkholed
GET /util/utils.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 7512
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "01816d15ca03032751161a746e2fb7c3"
Last-Modified: Wed, 31 Aug 2022 09:38:20 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D3C3EA8D442C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/bbc.js
23.88.40.171200 OK 1.1 kB URL HTTP/1.1 casualdatinghere.life/media/bbc.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with CRLF line terminators
Hash 57e25a20c9962ce9c7077e46c69a265f
cba5f15234d9059feacd95fe60fcd7165b45295b
329ed89ce6841f591a258c691e89ca2a55d0c8f481a7ba7c167df8f8198f2791
Analyzer Verdict Alert quad9 Sinkholed
GET /media/bbc.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 1132
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "57e25a20c9962ce9c7077e46c69a265f"
Last-Modified: Wed, 31 Aug 2022 09:32:33 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D3C3FD12501B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
true.loveandsex.biz/click?affid=6979&offerid=1004&sub1=15326358021671631329&sub2=3156&sub3=13556&lp=38d415fa
172.67.192.35302 Found 7.6 kB URL HTTP/2 true.loveandsex.biz/click?affid=6979&offerid=1004&sub1=15326358021671631329&sub2=3156&sub3=13556&lp=38d415fa
IP 172.67.192.35:0
Hash 46a1702e5f1f1522ef3a494a57e8c39b
046770718893aa42dff450db425472f149179457
517bfa0999533fe75fa1e42082dec1ce7b04c1958592a93b58c0d4b80f3c1482
GET /click?affid=6979&offerid=1004&sub1=15326358021671631329&sub2=3156&sub3=13556&lp=38d415fa HTTP/1.1
Host: true.loveandsex.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://weprodspage.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 21 Dec 2022 14:02:10 GMT
content-type: text/html; charset=UTF-8
location: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
referrer-policy: no-referrer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Jjwz23eLy2pl%2BdgbCfGatC2FQUBbYK932BkalQunzboR%2BcKt3jYPgg455i3cLx6zkYeJl%2F1GabSlaN2rPcMNc5oPf9d8UnEjpLmGTyUruenBlZyyeCxQ%2FZld6evUn2Xmty23HMRP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 77d127662ff6b503-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
casualdatinghere.life/media/casual/toon3/images/body4_o.jpg
23.88.40.171200 OK 4.7 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/body4_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 6bfe731b38785116e374e8afd448473b
ce318d0506e12cb3f373b791e78fb60c183e6366
f64c0ecdf9c70f46bbd9a30de7d9b7eba62730b88084543d31037eace2807a68
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/body4_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 4708
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "6bfe731b38785116e374e8afd448473b"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C789F6386
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/age1_o.jpg
23.88.40.171200 OK 6.1 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/age1_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 412c98a48bd4e5f3095860f53e2fab25
f06ffecbc1f132beb4ec81a149cc79cb5b78559b
1e26c71724f0061870300be2d22c080c376f3189783e4b07f13e9457b9ace154
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/age1_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 6051
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "412c98a48bd4e5f3095860f53e2fab25"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C82BAEE8B
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/js/trls.js
23.88.40.171200 OK 25 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/js/trls.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
Hash 2187f773a9ee4d03d21448c6856698b9
ad93a8e10e0a04c4c32caba37ea54253e22c1369
a6551598594d2f7e4dc32dcb406efdae0538435ef49fc83308cb1a5f40f3353e
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/js/trls.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 25348
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "2187f773a9ee4d03d21448c6856698b9"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C538F9B18
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/age2_o.jpg
23.88.40.171200 OK 9.5 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/age2_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash bdee974dfa1bd0381fb37d21c6a24d2b
71c58820bdcd2353850aa2efdf9bcf707198673b
0e9ec0e7494a79661fe5644cda9c4d6c5fe12260606ad1f3ba8105cb953d830b
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/age2_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 9472
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "bdee974dfa1bd0381fb37d21c6a24d2b"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C82DFA9AC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/age3_o.jpg
23.88.40.171200 OK 7.7 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/age3_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 47f8432cca02f63b701c2999eeea43ba
56d51f3b5039c7e60ad400f17e123a5dff714304
3cf09326ff416c5f53d81127aca350009110721c6ea1e879a363d71018bf2b88
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/age3_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 7696
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "47f8432cca02f63b701c2999eeea43ba"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C82C6A726
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/age4_o.jpg
23.88.40.171200 OK 6.9 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/age4_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 7d81b6b005bf4b955b5e6297172c5a8d
0bae48d0799d12602b3166a19472e1db6fedc248
d4c8c2b2cc9bf5d502fc17d4f83ca73c4c9cbfbdff6624b3d00ba2e05f3efe94
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/age4_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 6924
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7d81b6b005bf4b955b5e6297172c5a8d"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C896114D2
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/age5_o.jpg
23.88.40.171200 OK 7.2 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/age5_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 7f23ba7584e5f2f5f5bc1129a7a21492
141963c0678f4591441797f99a45a03616f5c8fb
a3f7fb4399ca65391f898e2346c079e1706165a02c04db92babe675b5cdeb490
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/age5_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 7158
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "7f23ba7584e5f2f5f5bc1129a7a21492"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C8DE8604D
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/relations1_o.jpg
23.88.40.171200 OK 9.6 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/relations1_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 974ca1664d2cea320c17179302d33d4e
dc48c7bc4b20d281f190ff2ad5579df2f853864e
a66348a7dfa7072dedec904d8069b573678ca9bb73168170ed010640ef929af1
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/relations1_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 9613
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "974ca1664d2cea320c17179302d33d4e"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C9126157A
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/relations2_o.jpg
23.88.40.171200 OK 9.1 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/relations2_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 90448128e70479a071e70b19b0f8b187
4a4e5f480b8df6e6fa4fd1ce2579a7eb33afdaf6
ca08d85836df6ab8247acd0df5c027ec6e5d63fd436b9ebef5769fae98252638
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/relations2_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 9079
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "90448128e70479a071e70b19b0f8b187"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C91062E05
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/js/jquery-1.11.1.min.js
23.88.40.171200 OK 96 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/js/jquery-1.11.1.min.js
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type ASCII text, with very long lines (65536), with no line terminators
Hash 612ce073e0525fda305524a4a9949587
a87a1ec66b4a404b2f793f2de9f806955e8952cf
a181a613a6eeab77259b1d6537f82fd28f4cb38fa41e43af8d1677a3542e74bf
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/js/jquery-1.11.1.min.js HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: application/javascript
Content-Length: 95699
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "612ce073e0525fda305524a4a9949587"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D31F0FD253EC
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/relations3_o.jpg
23.88.40.171200 OK 9.4 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/relations3_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 4d3d38adf2f0ce332b20112bd35cd8bf
6b4c3de36268a2459f4970779ab51efbf5b5ccf5
2f824639869c4c24dc402ace4994ff5e628f7a48dd39dc5598ce36136f26719f
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/relations3_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 9360
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "4d3d38adf2f0ce332b20112bd35cd8bf"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C91D4ACFF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/relations4_o.jpg
23.88.40.171200 OK 7.5 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/relations4_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash b3160168c65670576b0c54f6ef80c972
4b4c73fea6466f0733dbe55b7b60d0fa5b05ccd7
d26ed7a1ce5bc3a33d1d88b0b04c0c7ee156c59149af8409eb308581eea87f45
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/relations4_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 7546
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "b3160168c65670576b0c54f6ef80c972"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C971B21EF
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/relations5_o.jpg
23.88.40.171200 OK 8.3 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/relations5_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash c8977e9f072bac461be435c71ffd01d0
f13fbff743f380f87271d37af099e83ad8186e61
ad74a6271b89a55e3df1ec7dfd3c938024b701b0d5ef3bf939793e30b8100bf8
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/relations5_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 8333
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "c8977e9f072bac461be435c71ffd01d0"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C9AF5E51F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/girl.png
23.88.40.171200 OK 20 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/girl.png
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type PNG image data, 320 x 352, 8-bit colormap, non-interlaced\012- data
Hash 3e9715aca14895be6809d18ee806d561
584fb439c7a6c3d9ac2cda1f3ee24212546d316c
5c30263d90e5109b19aec665afcf22292bff66fd158c31e34c08de212e14ecb7
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/girl.png HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/png
Content-Length: 20415
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "3e9715aca14895be6809d18ee806d561"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C6AB32E81
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/body1_o.jpg
23.88.40.171200 OK 9.4 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/body1_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 85ccecbbf23425d18c7c012f7341ce27
7317eda85c061ee60c072d89fe407f37c26c0d1e
1b10dd2a543fef61a4a61836377e5461b57c95dd95d12f1e35c57b26d7edf834
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/body1_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 9351
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "85ccecbbf23425d18c7c012f7341ce27"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C6E2B596E
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/body2_o.jpg
23.88.40.171200 OK 7.1 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/body2_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 25ead115fd19de86d001b9ea0e530b98
2f87b29630774c703ddd5b3f63c598099741589c
3b654731702ea10a66129af5b97f7dad0db5f60ef6ee0960ce99b7bf9ee6face
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/body2_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 7139
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "25ead115fd19de86d001b9ea0e530b98"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C751AC92F
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/fonts/QuattrocentoSans.ttf
23.88.40.171200 OK 78 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/fonts/QuattrocentoSans.ttf
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansRegularPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans: 2011Version 2\012- data
Hash ce091a3d610240f8ea45c336266b5792
240eb69d6e901909208105620256e0871ef9737f
8a1e4d8cb32309d03e754bbff5cf0dea8cb14973a0a650c1cb58b8592f5da13a
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/fonts/QuattrocentoSans.ttf HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/media/casual/toon3/css/style_alt.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: font/ttf
Content-Length: 78036
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://casualdatinghere.life
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
Content-Security-Policy: block-all-mixed-content
ETag: "ce091a3d610240f8ea45c336266b5792"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C6A5CD1D4
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/fonts/QuattrocentoSansBold.ttf
23.88.40.171200 OK 80 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/fonts/QuattrocentoSansBold.ttf
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type TrueType Font data, 16 tables, 1st "GPOS", 7 names, Microsoft, language 0x409, type 1 string, Quattrocento SansBoldPabloImpallari,IginoMarini,BrendaGallo: Quattrocento Sans Bold: 2011Quattro\012- data
Hash b80c7c5dc4739cd94fbc56b2f57509c4
ae800186fbcf2c85b1d9f271b69455c8ad5c8f40
fc24aac0d90f109b21b91a1c7171a9e96cf056ac8eb888be2a9d3d35d35ac795
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/fonts/QuattrocentoSansBold.ttf HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/media/casual/toon3/css/style_alt.css
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: font/ttf
Content-Length: 79848
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://casualdatinghere.life
Access-Control-Expose-Headers: Date, Etag, Server, Connection, Accept-Ranges, Content-Range, Content-Encoding, Content-Length, Content-Type, Content-Disposition, Last-Modified, Content-Language, Cache-Control, Retry-After, X-Amz-Bucket-Region, Expires, X-Amz*, X-Amz*, *
Content-Security-Policy: block-all-mixed-content
ETag: "b80c7c5dc4739cd94fbc56b2f57509c4"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C5EABA54C
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
casualdatinghere.life/media/casual/toon3/images/body3_o.jpg
23.88.40.171200 OK 7.1 kB URL HTTP/1.1 casualdatinghere.life/media/casual/toon3/images/body3_o.jpg
IP 23.88.40.171:0
ASN #24940 Hetzner Online GmbH
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 220x220, components 3\012- data
Hash 25f4616348a1f5076ddaaf43b8be0d99
1ebb536691f648bcfc91b6e0e8e7b0de099873d9
a738b84f2486de67b74a3ce03617e248b592b3e316bc9ad5b471f13e29924210
Analyzer Verdict Alert quad9 Sinkholed
GET /media/casual/toon3/images/body3_o.jpg HTTP/1.1
Host: casualdatinghere.life
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://casualdatinghere.life/?u=nnv8hw0&o=a07k08z&cid=1c4e7fcd-c4e3-44b4-931d-e3da17716940&t=6979_13556&b=0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 21 Dec 2022 14:02:11 GMT
Content-Type: image/jpeg
Content-Length: 7115
Connection: keep-alive
Content-Security-Policy: block-all-mixed-content
ETag: "25f4616348a1f5076ddaaf43b8be0d99"
Last-Modified: Wed, 31 Aug 2022 09:33:21 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin, Accept-Encoding
X-Amz-Request-Id: 1732D32C75B84487
X-Content-Type-Options: nosniff
X-Xss-Protection: 1; mode=block
Expires: Thu, 21 Dec 2023 14:02:11 GMT
Cache-Control: max-age=31536000, no-transform
Accept-Ranges: bytes
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5794
Expires: Wed, 21 Dec 2022 15:38:45 GMT
Date: Wed, 21 Dec 2022 14:02:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5794
Expires: Wed, 21 Dec 2022 15:38:45 GMT
Date: Wed, 21 Dec 2022 14:02:11 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 746409a88b1342fe7b570306c302c71e
e08a7bf55e08a498f2eed6a35b90107fc0bdb303
9352308fd047bafceddfaf2a9a6eab650593f16ff5632330a4bf745750704650
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9352308FD047BAFCEDDFAF2A9A6EAB650593F16FF5632330A4BF745750704650"
Last-Modified: Tue, 20 Dec 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5794
Expires: Wed, 21 Dec 2022 15:38:45 GMT
Date: Wed, 21 Dec 2022 14:02:11 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash db151f8790fc80bb535b13560972296a
768a8261c1529ccdd5f7ecd2f3b4e65d8e6fa0d1
36b57f1a1229e6700cef5491018a90ec4fe375a4c7bb8e3c7ac8a4cf2ad73d5a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "36B57F1A1229E6700CEF5491018A90EC4FE375A4C7BB8E3C7AC8A4CF2AD73D5A"
Last-Modified: Tue, 20 Dec 2022 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3256
Expires: Wed, 21 Dec 2022 14:56:27 GMT
Date: Wed, 21 Dec 2022 14:02:11 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 551946a77ac86428763e22bc008d68b1
04f4a422bd872990f47b802326e386ee26a967e3
58dce19008346e668c2a1219aee7f54b940c9c2b541a8bd860731cc05031cd60
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1d031850-22eb-4b68-b31f-b6442037953e.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10717
x-amzn-requestid: ca8b43b6-7ffd-43df-9a77-b9352a2e8dfe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dT66DEbfoAMFw4g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-639e3ea6-5f8f5745418a41cd6fb9e2c6;Sampled=0
x-amzn-remapped-date: Sat, 17 Dec 2022 22:11:50 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: W36D_wgBNbbKxYyXXOz1Tm8VKUeOjL3iVDP4TbC6fkeGuNr4ChvS0g==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 3bb2b699cd244bf37141ea08a6a61732.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 22:12:59 GMT
age: 56952
etag: "04f4a422bd872990f47b802326e386ee26a967e3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8f5b2e482a0944dfc0de3a69659fa002
64dd897d9163a6eceadc0c5460cdd135d323abb3
feb1a63a27859b88257d50c3c8723131978fd1f363a6f9e1297b91549b4aed9d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdefad689-8a78-41c9-8774-f0b8a1135d15.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9044
x-amzn-requestid: 981a0010-ec53-4659-818b-4cfa39fa8cd5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbuhqGUbIAMF_QQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a15e0a-65b084547c4d2b4414236f84;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 07:02:34 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: -AR7jIQqHV2XWDLH1W7rybyRGcDQ4oSGQsneAScw7MHK3nwjYYkjWg==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 82893cc36087a50f9a150a621d10e740.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 07:02:35 GMT
age: 25176
etag: "64dd897d9163a6eceadc0c5460cdd135d323abb3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
34.120.237.76200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3bd6359db3b908389343275ee839466b
9094f8e9275252a8e9d5e65fd3e87851b2f80bd7
7380590a93f8a21907c39ddce2f51c599161f219522df4099e9c1a82bcd1e40e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fefe0191e-7441-4083-843d-18a9446de816.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9069
x-amzn-requestid: 103b5caf-fa82-4d66-97e6-99c77027f759
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ddt_DG_hoAMFoKA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a229f9-1a4accb80dbf5e9f2f696c85;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 21:32:41 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: D8V_RlBCxL1RHxtCyWkX7_IsCCrOdv2o1Wdic0N_aUz0qguhANp88A==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 29a825d8a219984d47bec4350779b558.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:37:41 GMT
age: 59070
etag: "9094f8e9275252a8e9d5e65fd3e87851b2f80bd7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d412dc903a0b59ad7b621087ea0ac761
f2ea37308a210ac16412bac93b63a83a5a018c39
08afbc5941a511b6c536d33a8975fae902f5c4c814de0ed1b7f444c1c4233aad
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F755d2e29-1b21-4b5a-bf07-7e8c9b9fa5ef.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9661
x-amzn-requestid: 7046f4e1-0f80-4ae7-9500-1b1a07839232
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dbuz0F-OoAMF9Mw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a15e7e-720525d72a8ce03b45b37d86;Sampled=0
x-amzn-remapped-date: Tue, 20 Dec 2022 07:04:30 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: DFhw6VQYvJWY5-UKONEP7sH5rhw7sMPD5Z1zrEYZKDdfu6NVTt4mHA==
via: 1.1 c34da255183aa208dd1c722ff211f9b2.cloudfront.net (CloudFront), 1.1 ea699166e6ec77aa410ff505b0a8ce18.cloudfront.net (CloudFront), 1.1 google
date: Wed, 21 Dec 2022 07:07:39 GMT
age: 24872
etag: "f2ea37308a210ac16412bac93b63a83a5a018c39"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d4aa7e9e3fe28e9c401786f7415171f7
8482a47175ff105957d640269bc14ee1fbc97448
2215ff2537f927e2baf4f713fc947afefc83b416719113ce516aa00f2a4e0708
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd8c50f43-5bd1-47f3-9801-3d69c2401091.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11535
x-amzn-requestid: 4fb9a698-c429-49e1-a2c5-b9388f03b044
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: daGQIEuSoAMFnBg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0b733-53b8088f0d8863f813b9967e;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 19:10:43 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: axz1LSfJfBvAFuJl53Sl6Kh7r2R4FiTuDB3Xb_XI5AwXB20Gs4rg5A==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 2c6b5dd77f1abe60653ce0454f344b64.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:49:59 GMT
age: 58332
etag: "8482a47175ff105957d640269bc14ee1fbc97448"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c7ac0b5738bab6b4ed770c26ca922250
e56fd4ee2f5354a54a6271db2be528f98eecd3d7
5997d5be6bbeb189ef08af2f6c6dd5bb0cfa70ad7b40daab8712efe5adc2c6e1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d762722-a130-4c65-99b1-2f6fb91155e5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8450
x-amzn-requestid: a9f11c68-8327-46ba-9075-e316a2f9fdbb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: dabr3FoSIAMFdtQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63a0d97e-61b788f5675fe0e815e1e967;Sampled=0
x-amzn-remapped-date: Mon, 19 Dec 2022 21:37:02 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: _nupdrdRDG-S085FRNoJgzDQVg9Ngb_nYDR5C1AkkterWy8vlXBxGw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ac463f3377446e4c603deca30feb744a.cloudfront.net (CloudFront), 1.1 google
date: Tue, 20 Dec 2022 21:41:22 GMT
age: 58849
etag: "e56fd4ee2f5354a54a6271db2be528f98eecd3d7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2