146.190.228.148/gGsS7C?click_id=1gmmghgr1626
146.190.228.148302 Found 0 B URL HTTP/1.1 146.190.228.148/gGsS7C?click_id=1gmmghgr1626
IP 146.190.228.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /gGsS7C?click_id=1gmmghgr1626 HTTP/1.1
Host: 146.190.228.148
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.20.1
Date: Thu, 06 Oct 2022 23:53:59 GMT
Content-Type: text/html; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-cache, no-store, must-revalidate,post-check=0,pre-check=0
Expires: 0
Last-Modified: Thu, 06 Oct 2022 23:53:59 GMT
Location: http://humadecure.gq?s1=mqmq&s3=el
Pragma: no-cache
Set-Cookie: _subid=376l60jr163e;Expires=Sunday, 06-Nov-2022 23:53:59 GMT;Max-Age=2678400;Path=/
b15e4=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJkYXRhIjoie1wic3RyZWFtc1wiOntcIjE0NFwiOjE2NjUxMDA0Mzl9LFwiY2FtcGFpZ25zXCI6e1wiNDJcIjoxNjY1MTAwNDM5fSxcInRpbWVcIjoxNjY1MTAwNDM5fSJ9.1FlQfxPpBLTCi_aXTBuHWp6MaYAR02OW-209up2iSFY;Expires=Saturday, 13-Jul-2075 23:47:58 GMT;Max-Age=1665186839;Path=/
Vary: Accept-Encoding
Access-Control-Allow-Origin: *
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 282f6e1328452c1cb41f6a6272fff757
20b9ff1b5f4f81b645769bd4b4cf7bf7dfc16262
6a8070ebe51259cb11db68cca2c81f3c7408fad481d8c14cc1c38912442c63f4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6A8070EBE51259CB11DB68CCA2C81F3C7408FAD481D8C14CC1C38912442C63F4"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6318
Expires: Fri, 07 Oct 2022 01:39:17 GMT
Date: Thu, 06 Oct 2022 23:53:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
54.230.111.7200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 2d12f67fe57a87e7366b662d153a5582
d7b02d81cc74f24a251d9363e0f4b0a149264ec1
73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: hqwbv7mb4pH8fAjRAwsMPgQQsSON0rb8MPKdcQTdHM0iUyEPQxxa8w==
Age: 115601
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 4ab7d8709d334de0e46dcb86aabfbff1
f221138a8ad9d0bfa3c054370dcdb363a67dc310
b91d37f606eaf448b9c7dfc05566a11de004ce44503409e1a776288ee2622805
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B91D37F606EAF448B9C7DFC05566A11DE004CE44503409E1A776288EE2622805"
Last-Modified: Wed, 05 Oct 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2175
Expires: Fri, 07 Oct 2022 00:30:14 GMT
Date: Thu, 06 Oct 2022 23:53:59 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: 7YyIahkzsQu2KreC8s40uV9AZbWT9A9tNLWN6EtLZJgFh8PtkGlJYRikp8FCQyR7y6B43oiQo14=
x-amz-request-id: WMBJRKNEWWKTWC49
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 22:58:55 GMT
age: 3304
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 06 Oct 2022 23:53:59 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
humadecure.gq/?s1=mqmq&s3=el
160.20.147.80200 OK 7.6 kB URL HTTP/1.1 humadecure.gq/?s1=mqmq&s3=el
IP 160.20.147.80:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text
Hash 752852ec9323b24c48827ccad423dc32
577ba582ec7220dd651a493310400b681a059509
08c3e8b69ca2906ea4177cb31d29f1ff375f5610f8e547083df9397432f1efcb
Analyzer Verdict Alert quad9 Sinkholed
GET /?s1=mqmq&s3=el HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:53:59 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
set-cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; expires=Fri, 07-Oct-2022 01:53:59 GMT; Max-Age=7200; path=/; samesite=lax
laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; expires=Fri, 07-Oct-2022 01:53:59 GMT; Max-Age=7200; path=/; httponly; samesite=lax
SRVNAME=w1; path=/
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 63b078fc3ce9baeb0f33acad40ef01e6
c0871cfccaa01855a859f43f0b0c394527fc1cbd
96432da0893447228b5872deb636fb959bdeed602276630ba8b10b429a9e015d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "96432DA0893447228B5872DEB636FB959BDEED602276630BA8B10B429A9E015D"
Last-Modified: Thu, 06 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16820
Expires: Fri, 07 Oct 2022 04:34:19 GMT
Date: Thu, 06 Oct 2022 23:53:59 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
54.230.111.7200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 54.230.111.7:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Alert, Content-Type, Expires, Backoff, ETag, Last-Modified, Pragma, Cache-Control, Content-Length, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600, max-age=3600
Date: Thu, 06 Oct 2022 23:29:41 GMT
Expires: Thu, 06 Oct 2022 23:58:46 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: jVL-rguhZFADfNQmpvXdzwRKPHt2V4ER9RzSNPcECAtEpU6D7jvFMA==
Age: 1459
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 8be5570b9a5ca76c580da007a824b029
38840f2ac6476bdd5608121c5653e338c7ad9715
0b94e05080ef85432b1815eb3c6c7594c9613cfde1b51eeabee46d0d9fde64b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 870
Cache-Control: max-age=116840
Content-Type: application/ocsp-response
Date: Thu, 06 Oct 2022 23:54:00 GMT
Etag: "633e8c9a-1d7"
Expires: Sat, 08 Oct 2022 08:21:20 GMT
Last-Modified: Thu, 06 Oct 2022 08:06:50 GMT
Server: ECS (ska/F70B)
X-Cache: HIT
Content-Length: 471
humadecure.gq/landings/17/fonts/vendor.css
160.20.147.80200 OK 121 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/vendor.css
IP 160.20.147.80:0
File type ASCII text, with very long lines (49493)
Size 121 kB (120609 bytes)
Hash 01f904df11cd10f6ff8f29731485f304
55e70949c60374242bf7ce93fc082a409d26b6fe
367102f73a4861c71158191208065583bdfc10e8b9554a9c3deeb5f40af30e51
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/vendor.css HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: text/css
Content-Length: 120609
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1d721"
accept-ranges: bytes
humadecure.gq/landings/17/js/vendor.js
160.20.147.80200 OK 195 kB URL HTTP/1.1 humadecure.gq/landings/17/js/vendor.js
IP 160.20.147.80:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 195 kB (194855 bytes)
Hash ba198f9e43c92eec2887de87eccec2a6
b1fd7f56f8309c8e53a2f6a62c9a854faf007d40
8066213f466e5a0fcebc4e97811f43e1775a4c1781e391eb43c6554ed45ba9b5
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/js/vendor.js HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: application/javascript; charset=utf-8
Content-Length: 194855
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-2f927"
accept-ranges: bytes
e1.o.lencr.org/
23.36.77.32200 OK 345 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 63b078fc3ce9baeb0f33acad40ef01e6
c0871cfccaa01855a859f43f0b0c394527fc1cbd
96432da0893447228b5872deb636fb959bdeed602276630ba8b10b429a9e015d
POST / HTTP/1.1
Host: e1.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 345
ETag: "96432DA0893447228B5872DEB636FB959BDEED602276630BA8B10B429A9E015D"
Last-Modified: Thu, 06 Oct 2022 22:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16819
Expires: Fri, 07 Oct 2022 04:34:19 GMT
Date: Thu, 06 Oct 2022 23:54:00 GMT
Connection: keep-alive
push.services.mozilla.com/
44.236.232.139101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 44.236.232.139:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: N+QyBjr2rrru2d/NcY8Ybg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: rymegjvT2kZ9R295L4yNdPjuqz8=
humadecure.gq/landings/17/images/page1/p1-girl-img.jpg
160.20.147.80200 OK 78 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 156478bb64b12d13b172193e673919fa
de473bd453f83ab1a9ec74f93fb6853027925f4d
013138cc6ff023386964456c6f9297e7b890ead65ce473b4800f84e8de0b9186
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: image/jpeg
Content-Length: 77746
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-12fb2"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img2.jpg
160.20.147.80200 OK 58 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img2.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 41f5b0bd6d22c848fc4b725857e560b3
5dd3bc4678047af7e709f32e6e4799eeda9aba80
cf7856a52335793f741900775c8ff28c9e6fdb75e4c263d12506df51fb55ae65
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img2.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: image/jpeg
Content-Length: 57868
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-e20c"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img5.jpg
160.20.147.80200 OK 103 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img5.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Size 103 kB (103390 bytes)
Hash 1b16a7fde51d4d9ad4b9db53e9267998
8c96c1e4cbb1651f1309d47f4fc8952dd8435006
399b02871ae94691303047faff4eecbb905b7fe790ce73d3f40085ce39721277
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img5.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: image/jpeg
Content-Length: 103390
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-193de"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-Semibold.ttf
160.20.147.80200 OK 131 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-Semibold.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 28 names, Macintosh\012- data
Size 131 kB (130760 bytes)
Hash 3625e925425cb102cadb2f5db79c9aa0
106088d385e32a3b0379b78ec9f56fc684472d74
de23a78916216fb473a903735966a35f4044aa47d804c7ab7628e5f5ab906c9f
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-Semibold.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: application/octet-stream
Content-Length: 130760
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1fec8"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-BoldIt.ttf
160.20.147.80200 OK 138 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-BoldIt.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size 138 kB (137676 bytes)
Hash 96366fa6f55986e948f5dab0b824194a
dea3789913cd447bfdf008f50e96b3445617bd7f
7780f5cc43fb80c90558704e77c483e00e9a151a33c87e776e7775bc69f0e459
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-BoldIt.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: application/octet-stream
Content-Length: 137676
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-219cc"
accept-ranges: bytes
humadecure.gq/landings/17/fonts/ProximaNova-Extrabld.ttf
160.20.147.80200 OK 129 kB URL HTTP/1.1 humadecure.gq/landings/17/fonts/ProximaNova-Extrabld.ttf
IP 160.20.147.80:0
File type TrueType Font data, 15 tables, 1st "FFTM", 30 names, Macintosh\012- data
Size 129 kB (129440 bytes)
Hash 4f71ba59d591d75981e9cbc4fef7526e
59fb259580b822f7977fc36cb1d375ec867f94f9
09a1a520bf50b7ca656ad9b4faf88426903c34abdcbbd56c4748050c8b69e488
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/fonts/ProximaNova-Extrabld.ttf HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:00 GMT
Content-Type: application/octet-stream
Content-Length: 129440
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1f9a0"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-layer-title.png
160.20.147.80200 OK 10 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-layer-title.png
IP 160.20.147.80:0
File type PNG image data, 765 x 112, 8-bit colormap, non-interlaced\012- data
Hash 197e1d092a3a41471b180d677f8679c4
be9821f7e5bdd4c1e716a1eafe78859679a1e6c7
2824f275d69a030e3e874350dd8681c70f5b1025fd6a252b9ef685096616b9b6
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-layer-title.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 10265
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-2819"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-heart-icon.png
160.20.147.80200 OK 578 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-heart-icon.png
IP 160.20.147.80:0
File type PNG image data, 28 x 50, 8-bit colormap, non-interlaced\012- data
Hash a02a6a2963a0ff827a156a8c9cb49f14
9a31acc3945b331e19779b2eb6e0a312746cb0c0
024902301a07305573dbde2ea60352498e94d29a119ca9e3c1d50e4c24a74bd3
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-heart-icon.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 578
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-242"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-layer-title2.png
160.20.147.80200 OK 15 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-layer-title2.png
IP 160.20.147.80:0
File type PNG image data, 928 x 155, 8-bit colormap, non-interlaced\012- data
Hash d33db1896ec5c224b549fde933d4790a
a3c4217a680b54addd3b7e603dd42bcd728afee1
cc5fdcc8134a0866449bc62b152eb6902234f285fe0140c96f5b973ed93083e2
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-layer-title2.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 15089
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-3af1"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-circle-arrow.png
160.20.147.80200 OK 1.2 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-circle-arrow.png
IP 160.20.147.80:0
File type PNG image data, 131 x 140, 4-bit colormap, non-interlaced\012- data
Hash 73ffbeae8feb54651e74a08cb898757a
c46c9bd7cfda7d5e34b26fdfea951b129eab5dae
ee830c16ec23d702a9f7fa3cc71430b33e91e29dbcc39daee7268f7dde05fb8e
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-circle-arrow.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 1158
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-486"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/pink-arrow-ico.png
160.20.147.80200 OK 375 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/pink-arrow-ico.png
IP 160.20.147.80:0
File type PNG image data, 21 x 66, 8-bit colormap, non-interlaced\012- data
Hash b2d576ebfcbaea51c463e47f0b7c7971
2e6675d327d43065e4fe129b165ffd0fd989117b
fa36c74be59a43b217e97b99562f2e2b774f6ac1d35ec6b495c33ab965f78f0f
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/pink-arrow-ico.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 375
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-177"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/range-icon.png
160.20.147.80200 OK 935 B URL HTTP/1.1 humadecure.gq/landings/17/images/page1/range-icon.png
IP 160.20.147.80:0
File type PNG image data, 67 x 67, 8-bit colormap, non-interlaced\012- data
Hash 0558b960da94d555e71938b4f645118c
0d7072b30edda4f5e6a87b973255a56eb927f7b6
572c99f8161acc1077485be400a2f8c28ad11c1b3353a4c7a91976010da46298
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/range-icon.png HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://humadecure.gq/landings/17/fonts/vendor.css
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/png
Content-Length: 935
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-3a7"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img3.jpg
160.20.147.80200 OK 67 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img3.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash f9056c6b92df3a56da3d805c0cbfef27
550d1524d79c0f1867f5e63f5cbfc62d0155ab08
23d8809e2b309ff9ed71dc5013dddb0a5e17ea8dd97f34dac2f72aaae0ab1fea
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img3.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 67130
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-1063a"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img4.jpg
160.20.147.80200 OK 81 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img4.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 51ca602b5e1ea0debce2c8f7a6791f99
35466659ad65940727fbb51144f41bd27c58e308
90fc6bf5198106945255e22bde57a1ed313178e4e4e06d06e6a39d3d835abbe8
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img4.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 81300
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-13d94"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img6.jpg
160.20.147.80200 OK 60 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img6.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash ea7a88dbcb50240afff530338c51b7e8
dd3836d8eac8fec13a78cf84773a4024c33e2c81
a51c35273d2004c37717c9a9d6f36185249ca902813a22b943c2046f89d10bd7
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img6.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 59927
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-ea17"
accept-ranges: bytes
svntrk.com/assets/mqmq_633f6a979eee7.js
172.67.197.110200 OK 57 kB URL HTTP/2 svntrk.com/assets/mqmq_633f6a979eee7.js
IP 172.67.197.110:0
Hash 58061d5333677d83ec5a4f5407a70a42
2c680ebc015052ede1fc4ac294c10289167b82f5
8897dd3995b24ba9d4f75c9bb5e11e3cc364f339a700dbfffd42858c94a745d2
GET /assets/mqmq_633f6a979eee7.js HTTP/1.1
Host: svntrk.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 06 Oct 2022 23:54:00 GMT
content-type: text/javascript; charset=UTF-8
cache-control: no-cache, private
cf-cache-status: BYPASS
set-cookie: svnimp=633f6a9840f88; path=/; secure; httponly; samesite=none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o9vKXhwfvzQkI%2Bwo%2Bk%2BtLGOYMGoLniztF20upHPyEnrDvdikrL0UcPi5cV0CQ5ljxPG4%2FVOuheGuflxhH84qHgFdoREQkGtv7iTN894ynN1z3ax8GjoIeYCpxYd%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 756251d51ca0b4e8-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
humadecure.gq/landings/17/images/page1/p1-girl-img8.jpg
160.20.147.80200 OK 61 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img8.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash b60c92f7532b2286e834d8afa2aad4ec
24f75a134251d1999cf8b9241463e7a009d7929d
1f66028d9e54363d3e891c190b0cb99bb759e984962990992f7f2798784f73b8
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img8.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 60676
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-ed04"
accept-ranges: bytes
humadecure.gq/landings/17/images/page1/p1-girl-img9.jpg
160.20.147.80200 OK 57 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img9.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 82487c231ad3024c4f3486c674720d69
7886832154c0f7a21889540e93eb535319e1bd10
c4aae3f566ef8054a6598777824a7241bc881b166d0e378265580ed0ca6902c0
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img9.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 56670
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-dd5e"
accept-ranges: bytes
ocsp.globalsign.com/gseccovsslca2018
104.18.20.226200 OK 938 B URL HTTP/1.1 ocsp.globalsign.com/gseccovsslca2018
IP 104.18.20.226:0
Hash aa650f4b5b471d13bb54c8bc2aab54da
ddedea853f29daf06cd7f61d23ec6279964ce94b
bf8b08edb464b4fd2b759a97f752928a78944527284c3d3a7019a8d2ed64f864
POST /gseccovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: application/ocsp-response
Content-Length: 938
Connection: keep-alive
Expires: Mon, 10 Oct 2022 22:30:46 GMT
ETag: "ddedea853f29daf06cd7f61d23ec6279964ce94b"
Last-Modified: Thu, 06 Oct 2022 22:30:47 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3282
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 756251e0596cb500-OSL
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 07 Oct 2022 01:39:18 GMT
Date: Thu, 06 Oct 2022 23:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 07 Oct 2022 01:39:18 GMT
Date: Thu, 06 Oct 2022 23:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 07 Oct 2022 01:39:18 GMT
Date: Thu, 06 Oct 2022 23:54:01 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 31e440ccd993c4ee793f50511c2ac7c4
4380327d50b7001d158aee05a57c6078e57c94e4
65d8a97f6df1e110333a01d1f6dcb4982db7bb4b1c5f3f1498fafa716e250c0f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "65D8A97F6DF1E110333A01D1F6DCB4982DB7BB4B1C5F3F1498FAFA716E250C0F"
Last-Modified: Thu, 06 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6317
Expires: Fri, 07 Oct 2022 01:39:18 GMT
Date: Thu, 06 Oct 2022 23:54:01 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 06283ec49d3981b60b28731fd8a9940d
10c0d991f7ad234557792c175fdbf81e3356416a
0d8d932cd46fa377ce3dfe5fe1287ab1cd0daad0ef52a42baad2462d10e5a80f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4cfb29b1-34eb-4ec3-8390-1145a644534c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6052
x-amzn-requestid: 6c8abd32-7499-4636-bf8a-3baaa88bf1ff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi-HWOoAMFalA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-464364630dd2dbfa0d69f6f5;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: L13zNwITYkfg7x7UlAs_eVjJWRJsdxV5R7g5GHSAE8BgjN-1FB1AHQ==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 1352c0a623ff0601dd16439f3f225f70.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 22:08:16 GMT
etag: "10c0d991f7ad234557792c175fdbf81e3356416a"
content-type: image/jpeg
age: 6345
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
34.120.237.76200 OK 8.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d1a9bad9942d25ecf711a6b2e137a270
1ac4d5e32010b78b9599d7db12c64a4f11f75c32
a4e8eb30784a461fbac9df587eb8b06c84f827d8ef6cfe5d302d45f0cbb5e3ce
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F8dd1fdac-30bd-43cd-b99a-3f5a563e0892.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8325
x-amzn-requestid: c190f0ac-92e7-4d58-b70d-06c6986292c9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmihDHP_oAMFc9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4ad3-11f93f222ee59f8c61feb974;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:38:27 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: Q2Tmr5IEgSZ13V6JCFu75ypdw2faw01Y7FSMZX-xp5rmmLmuuuuotw==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 9b21fd56256eda6d1379e32829c4c446.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:38:27 GMT
age: 8134
etag: "1ac4d5e32010b78b9599d7db12c64a4f11f75c32"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F837dece8-fc6a-4543-a1b5-e8504c153d81.jpeg
34.120.237.76200 OK 6.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F837dece8-fc6a-4543-a1b5-e8504c153d81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a4d23ef36836d4691f44e51885513cc3
10fc52375fd8946bfd468eb96e4aaf592c239663
fb3d2d52e1dbbe4225c3df920b36eeb73dc52a1010db52018bc1eb5c5bfbd028
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F837dece8-fc6a-4543-a1b5-e8504c153d81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6063
x-amzn-requestid: e4067d2e-5fe8-4c80-ab2c-15e98605d458
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZQw32GbTIAMFx0Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633694fe-5d650b9433007db41ea51a35;Sampled=0
x-amzn-remapped-date: Fri, 30 Sep 2022 07:04:30 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: a8Wrtvoc1hKrYtCETPZXyOZJbdNZxPq71SJ6fy1iLDyRPqXGALgyzA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 1508efc4152aa1778ed4adecb328b374.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 23:09:03 GMT
age: 2698
etag: "10fc52375fd8946bfd468eb96e4aaf592c239663"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
34.120.237.76200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7e30ca5022768294665070cafc9d489c
c6ebf53c21206cfcf8e70279d3ae43f0170ade3a
6b834cdae692318a114c0d82ebff4fa8f4e65526983758e08ffb130d4d86020f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd0135ba0-9033-445f-8155-a6c093862ccb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9046
x-amzn-requestid: d560c8ba-6e81-46f7-a451-30c40fbfce6f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: Zmhi_F7qIAMFkQg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4946-012e65d675558ec8544a1f30;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:31:50 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: a9tOPCySPRdXpvJf239ycM7_3PJS7GcITvM52Sxic_FwYr_-n2XQHA==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 de8fc80b494d3d381f7e006918dcc588.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
etag: "c6ebf53c21206cfcf8e70279d3ae43f0170ade3a"
content-type: image/jpeg
age: 7783
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash ed3fa86bbe319c9a2f81ff625e677cb0
e3d5210207f6ff922bc28e328285059c19a523a4
5919694bd942a4f25d5b7ffc3f8aee1af6cdb8461d4ba3dba9a2e72cf19164c8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F38d969a0-82cd-4d27-8f25-f1b95cacc89f.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7261
x-amzn-requestid: e1bdf299-b29e-4f58-9c8a-33f5dacdb081
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZmirBELYoAMFfgA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633f4b13-1969b32c6f4f7e5749e7caa0;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 21:39:31 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: V3fTgH8URZ1iWMxWPy49--20mtdJvMK6XTG_aPKk68pvwCxPl8lULw==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 583992e175976bd59a21b4416890271e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 21:44:18 GMT
age: 7783
etag: "e3d5210207f6ff922bc28e328285059c19a523a4"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a3a09d5d16b53ee4490d882ed48c0075
ce9546b225787f1c765be9bbef42f585c83a10d3
ac27484dba78ee6657f5aa791999d4958ccdfba8e67a011f4ab4034fa235a26f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F622cb832-8fef-4fe9-9445-c157aaf29d57.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6847
x-amzn-requestid: 9af16d4c-106c-4e8d-912b-e6f4fa44daa6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZkjcNHkAIAMFsDw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633e7f81-35fc285b7639a1a879d89f00;Sampled=0
x-amzn-remapped-date: Thu, 06 Oct 2022 07:10:57 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Hit from cloudfront
x-amz-cf-id: 4d5W1LjWo-F3wimuYTXZo_pEZ8vIyXPZub9qQGHa5dmOGU_RBXlArw==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 45d6a557ecb29942f314e3dd736d817a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 07:20:02 GMT
age: 59639
etag: "ce9546b225787f1c765be9bbef42f585c83a10d3"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
humadecure.gq/landings/17/images/page1/p1-girl-img10.jpg
160.20.147.80200 OK 71 kB URL HTTP/1.1 humadecure.gq/landings/17/images/page1/p1-girl-img10.jpg
IP 160.20.147.80:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 867x950, components 3\012- data
Hash 82cdad946592abf69fbc1be9e4a9d906
ab38b78445a5ccd16c164c4a6d6f3491061718ea
b150a0c266ff657534401afde5c8f7532d34550efd7542c1b11af05c69d6f0a2
Analyzer Verdict Alert quad9 Sinkholed
GET /landings/17/images/page1/p1-girl-img10.jpg HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/jpeg
Content-Length: 71085
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-115ad"
accept-ranges: bytes
humadecure.gq/favicon.ico
160.20.147.80200 OK 0 B URL HTTP/1.1 humadecure.gq/favicon.ico
IP 160.20.147.80:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert quad9 Sinkholed
GET /favicon.ico HTTP/1.1
Host: humadecure.gq
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: XSRF-TOKEN=eyJpdiI6ImQ2SW03Q0xzODRCcWdXUUh6STV2MUE9PSIsInZhbHVlIjoidW5XUFFRZlhMZVZwaDhFamlpOCtjTytjTWhtM2tMTWxOZFFRd1Z3TngwOHdWcnRUK0FXZldsMW5vNFFoQ2FzTyIsIm1hYyI6IjA0Yjc5ODNjOGMyNWU1NmVjMTVmZmY3M2JjNWNlNmZlYzM2ZTVmZDg0YzkyNzM4YWE2ZDI1YTkzYWFjNzlhNTgifQ%3D%3D; laravel_session=eyJpdiI6Ink4Tlh2dFZKS0tteW9JSFI4UFQwT2c9PSIsInZhbHVlIjoiZmlQclF3V2NkU1hRU3ErUUVoR2ZWUWZYRXFoTURxc08wRGl6SGgyL2NMZ2NiYWZXeGdlT3crZ3pUcWJnRHViRiIsIm1hYyI6IjNhZWUyOTE0ZjYwZWU0MTI3ODczNzhlMTE2MTExYTE3ODZlYzBkNjI4ZDUwODU2ZmFhZjNhNjYzMjhlZjIwMGYifQ%3D%3D; SRVNAME=w1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Thu, 06 Oct 2022 23:54:01 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
last-modified: Fri, 29 Jul 2022 11:39:49 GMT
etag: "62e3c705-0"
accept-ranges: bytes
mc.yandex.ru/metrika/tag.js
93.158.134.119200 OK 72 kB URL HTTP/2 mc.yandex.ru/metrika/tag.js
IP 93.158.134.119:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (593)
Hash 7a68c8644032413981e4ba5bc0d66c4a
2d46ca8055e8577ae7138140e34a6e633434973c
e0573e9a9cbfc3f00a921fa64c50270f5941a1ebb253ab70af2cc0dac45cb0d5
GET /metrika/tag.js HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-length: 72341
date: Thu, 06 Oct 2022 23:54:01 GMT
access-control-allow-origin: *
etag: "633be002-11a95"
expires: Fri, 07 Oct 2022 00:54:01 GMT
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-encoding: br
content-type: application/javascript
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/metrika/advert.gif
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/metrika/advert.gif
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /metrika/advert.gif HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 06 Oct 2022 23:54:01 GMT
access-control-allow-origin: *
etag: "633be002-2b"
expires: Fri, 07 Oct 2022 00:54:01 GMT
accept-ranges: bytes
last-modified: Tue, 04 Oct 2022 10:25:54 GMT
cache-control: max-age=3600
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235401%3Aet%3A1665100442%3Ac%3A1%3Arn%3A1026275597%3Arqn%3A1%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C203%2C1%2C367%2C0%2C%2C748%2C113%2C%2C%2C%2C1432%3Ans%3A1665100439040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665100442%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
93.158.134.119302 Found 419 B URL HTTP/2 mc.yandex.ru/watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235401%3Aet%3A1665100442%3Ac%3A1%3Arn%3A1026275597%3Arqn%3A1%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C203%2C1%2C367%2C0%2C%2C748%2C113%2C%2C%2C%2C1432%3Ans%3A1665100439040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665100442%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2)
IP 93.158.134.119:0
File type JSON data\012- , ASCII text, with very long lines (419), with no line terminators
Hash 0fface5d0e5b1d710d84e87b89515aa0
e58be629b874bee9a9d4fd69d1d3f707355b3cbb
a8f9fa39b5094a26a7b65c1fa979b8addc2dc1cd28680130df11b191909a5542
GET /watch/54239065?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235401%3Aet%3A1665100442%3Ac%3A1%3Arn%3A1026275597%3Arqn%3A1%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C203%2C1%2C367%2C0%2C%2C748%2C113%2C%2C%2C%2C1432%3Ans%3A1665100439040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665100442%3At%3AGirl&t=gdpr(14)clc(0-0-0)aw(1)rqnt(1)fip(1)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: http://humadecure.gq
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: /watch/54239065/1?wmode=7&page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afp%3A1417%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235401%3Aet%3A1665100442%3Ac%3A1%3Arn%3A1026275597%3Arqn%3A1%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Awv%3A2%3Ads%3A29%2C39%2C203%2C1%2C367%2C0%2C%2C748%2C113%2C%2C%2C%2C1432%3Ans%3A1665100439040%3Afip%3Aa81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-a81f3b9bcdd80a361c14af38dc09b309-4bd84c89c35a312599d807af285e7b5f-4335742423629acc806791d3e9f585f3-5b56a9f28e63b1a76c5f94a136cc484e-61b9878bbce18de73aafc8582a198c0c-e9c964637c807fcca817e718cc2d1338-a81f3b9bcdd80a361c14af38dc09b309-5cbccea2ed3dd5c7a75380ef1cbfadf6-2facd2c41a0047c68391f933b930bc3a%3Arqnl%3A1%3Ast%3A1665100442%3At%3AGirl&t=gdpr%2814%29clc%280-0-0%29aw%281%29rqnt%281%29fip%281%29rqnl%281%29ti%282%29
date: Thu, 06 Oct 2022 23:54:01 GMT
access-control-allow-origin: http://humadecure.gq
set-cookie: yandexuid=3455653561665100441; Expires=Fri, 06-Oct-2023 23:54:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yuidss=3455653561665100441; Expires=Fri, 06-Oct-2023 23:54:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
yabs-sid=875324271665100441; Path=/; SameSite=None; Secure
i=Lh6BHa1+H6gWMdsZY6bgDIl1wn/rATVLBIXDt5/PEdNI5oEHzMkQEB/ZvzekD6jH2Ait8cotU3Go1L/th0Ti3EjqFJU=; Expires=Sun, 03-Oct-2032 23:53:56 GMT; Domain=.yandex.ru; Path=/; Secure; HttpOnly; SameSite=None
ymex=1696636441.yrts.1665100441#1696636441.yrtsi.1665100441; Expires=Fri, 06-Oct-2023 23:54:01 GMT; Domain=.yandex.ru; Path=/; SameSite=None; Secure
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 23:54:01 GMT
last-modified: Thu, 06-Oct-2022 23:54:01 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2
mc.yandex.ru/watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665100442_6255422859ad2c831f6cabe9971b6e76d84fb4973765ad883a189f7e78371db9&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235402%3Aet%3A1665100442%3Ac%3A1%3Arn%3A705646798%3Arqn%3A2%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2896%2C2896%2C2%2C%3Ans%3A1665100439040%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665100442&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
93.158.134.119200 OK 43 B URL HTTP/2 mc.yandex.ru/watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665100442_6255422859ad2c831f6cabe9971b6e76d84fb4973765ad883a189f7e78371db9&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235402%3Aet%3A1665100442%3Ac%3A1%3Arn%3A705646798%3Arqn%3A2%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2896%2C2896%2C2%2C%3Ans%3A1665100439040%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665100442&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2)
IP 93.158.134.119:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
POST /watch/54239065/1?page-url=http%3A%2F%2Fhumadecure.gq%2F%3Fs1%3Dmqmq%26s3%3Del&charset=utf-8&hittoken=1665100442_6255422859ad2c831f6cabe9971b6e76d84fb4973765ad883a189f7e78371db9&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3Aat6op7b9z7b01ildsv2t4%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A904%3Acn%3A1%3Adp%3A0%3Als%3A1084685885524%3Ahid%3A673531761%3Az%3A0%3Ai%3A20221006235402%3Aet%3A1665100442%3Ac%3A1%3Arn%3A705646798%3Arqn%3A2%3Au%3A1665100442484549676%3Aw%3A1268x939%3As%3A1280x1024x24%3Ask%3A1%3Apri%3A1%3Awv%3A2%3Ads%3A%2C%2C%2C%2C%2C%2C%2C%2C%2C2896%2C2896%2C2%2C%3Ans%3A1665100439040%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1665100442&t=gdpr(14)mc(p-1)clc(0-0-0)aw(1)rqnt(2)rqnl(1)ti(2) HTTP/1.1
Host: mc.yandex.ru
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 142
Origin: http://humadecure.gq
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-length: 43
date: Thu, 06 Oct 2022 23:54:02 GMT
access-control-allow-origin: http://humadecure.gq
access-control-allow-credentials: true
pragma: no-cache
x-xss-protection: 1; mode=block
expires: Thu, 06-Oct-2022 23:54:02 GMT
last-modified: Thu, 06-Oct-2022 23:54:02 GMT
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-type: image/gif
strict-transport-security: max-age=31536000
X-Firefox-Spdy: h2