r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 4c9ec202b798d350b6582220b7bb8457
d16ca24cd60b349231ad06fa5db32f54a3bc9e09
df036d315a613ac6396b77afb0a4ea5f793091786be0cbf3f3a0d043bc1d1d3c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "DF036D315A613AC6396B77AFB0A4EA5F793091786BE0CBF3F3A0D043BC1D1D3C"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11191
Expires: Thu, 27 Oct 2022 09:48:23 GMT
Date: Thu, 27 Oct 2022 06:41:52 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 45bfdf3b823cd24564c8ac296a8b5b19
b0c442eb4f87556b3beb18ca8039dd4399b73f16
32113c679dda1f710ba67e537fdd0d435ccc186a238e3b14e48deb7b0700c693
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6374
Cache-Control: max-age=102924
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:52 GMT
Etag: "6358fe56-1d7"
Expires: Fri, 28 Oct 2022 11:17:16 GMT
Last-Modified: Wed, 26 Oct 2022 09:31:02 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash a39eea1096852891690eaee02a64383e
c273000f799fc3676e8e3ef3617611a31252cffc
d9d95319013d64bc2ef6d9870f4adba902ee970b6f9e96279c9ed86f556e0001
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D9D95319013D64BC2EF6D9870F4ADBA902EE970B6F9E96279C9ED86F556E0001"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9590
Expires: Thu, 27 Oct 2022 09:21:42 GMT
Date: Thu, 27 Oct 2022 06:41:52 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: KvnN/p8sR0RNKLD3zFcBkXjf6UowVg8krtAH1OwOlinzJHeg++Um/csLGFLxh7/7xvrY/VwxCJY=
x-amz-request-id: M0ASF15S9BFS8V3K
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 27 Oct 2022 06:39:30 GMT
age: 142
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 27 Oct 2022 06:41:52 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 20b514c1c94d0e6f104db7106702a300
4f1d71c8fe158c210da843db80cbbda8ddcf9f29
a01615ff8e9f6dbd150fcf774e5abf678ec98ab1065828e8f5330b864ce8e15c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105171
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:52 GMT
Etag: "63592003-118"
Expires: Fri, 28 Oct 2022 11:54:43 GMT
Last-Modified: Wed, 26 Oct 2022 11:54:43 GMT
Server: nginx
Content-Length: 280
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dd283dfc036535bdeb8a8be1310ef930
d3b1c300dd75d7af630e0f3112e49d7492d66c17
578f9256faa188facb3f2d68b02b0c7fb2e30e02e2e74234d015429563cba7aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4212
Cache-Control: max-age=95707
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:52 GMT
Etag: "6358ea97-1d7"
Expires: Fri, 28 Oct 2022 09:16:59 GMT
Last-Modified: Wed, 26 Oct 2022 08:06:47 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash f046e6113dd1e5e499c765516be08b17
c2253055e09b46209469853cad8720e64f84a1bf
18663a8f0b5d4d7581b771da6c2dc897bc2b82d51d7dac1a56d22f9bebab6fb3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
34.214.17.205101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 34.214.17.205:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ukVrOXXryvFz/2x3WVVrPQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8tqiArROwZixlItxp1PwqGNWxkc=
fonts.googleapis.com/css?family=Fascinate
142.250.74.10200 OK 743 B URL HTTP/2 fonts.googleapis.com/css?family=Fascinate
IP 142.250.74.10:0
Hash dc043b9f252c4dd8091fc20a20139c7d
dcf967fe5ab64007ad3f1a7e3b5cc8e23b777549
69494729313256a3b6ed52179f7bc15472592358abc7b6256bfbbf93340ac419
GET /css?family=Fascinate HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 06:41:53 GMT
date: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=AW-779147405
142.250.74.168200 OK 48 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-779147405
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 85ee89dac29c1233531b3738d6c39205
94c92a0c728ba6ec90ad21fc8d9514466ef4b4eb
e4cc53ba1747b82f5c373fb3498315ffb2c1e267a0b2789ee107beafcd11695f
GET /gtag/js?id=AW-779147405 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 06:41:53 GMT
expires: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 47754
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-132317012-1
142.250.74.168200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-132317012-1
IP 142.250.74.168:0
File type ASCII text, with very long lines (1588)
Hash 84d6dab4124365476d2e7ad57197df81
482021364adc4cce07bdd3c58fcac38fb5068718
b1ad1226f8f8e0650bf4333db727f4cbd5eb84db536a708863eec1c480acbe9e
GET /gtag/js?id=UA-132317012-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 27 Oct 2022 06:41:53 GMT
expires: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=900
last-modified: Thu, 27 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 43634
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 20b514c1c94d0e6f104db7106702a300
4f1d71c8fe158c210da843db80cbbda8ddcf9f29
a01615ff8e9f6dbd150fcf774e5abf678ec98ab1065828e8f5330b864ce8e15c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=105170
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Etag: "63592003-118"
Expires: Fri, 28 Oct 2022 11:54:43 GMT
Last-Modified: Wed, 26 Oct 2022 11:54:43 GMT
Server: nginx
Content-Length: 280
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 4cdf16c5333628708fae7b304303fc48
23654b66838aa89e8b975a9e6c0251d2f8f18366
6f3935f102b0dcfee703eb07abcf04d9181fdfe13fae4d7566aed743a00beb9c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 233517a022751e33f5f163ff2d3bd54c
a35c4f4d53f47af4feefd3ef51a3fdfc14153e40
6adca21b45ca07d486c5dd1b04272e3ed0873969cbd520c7dc12cf1675dd7409
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "6ADCA21B45CA07D486C5DD1B04272E3ED0873969CBD520C7DC12CF1675DD7409"
Last-Modified: Mon, 24 Oct 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4861
Expires: Thu, 27 Oct 2022 08:02:54 GMT
Date: Thu, 27 Oct 2022 06:41:53 GMT
Connection: keep-alive
customfingerprints.bablosoft.com/clientsafe.js
143.198.242.75200 OK 385 kB URL HTTP/2 customfingerprints.bablosoft.com/clientsafe.js
IP 143.198.242.75:0
ASN #14061 DIGITALOCEAN-ASN
File type ASCII text, with very long lines (65536), with no line terminators
Size 385 kB (384588 bytes)
Hash 03d780efa693f00dec36ac18acca600a
4a91ec8a6b8901a646638150ee56fdf6053aeeb4
fb008f784b82ce453aa9da94280479142ea6439b4f650b27b15222a26f8d1dda
GET /clientsafe.js HTTP/1.1
Host: customfingerprints.bablosoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: application/javascript; charset=UTF-8
content-length: 384588
x-powered-by: Express
accept-ranges: bytes
cache-control: public, max-age=0
last-modified: Mon, 10 Oct 2022 17:28:53 GMT
etag: W/"5de4c-183c2f13c08"
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sendonlinecake.com/ta/css/flexslider.css
104.21.38.59200 OK 10 kB URL HTTP/2 sendonlinecake.com/ta/css/flexslider.css
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1022), with CRLF, LF line terminators
Hash b5e12812e81f7e64c81762f0944bda34
8886d8a258db0cdec089fe41fa2ea42db4b43fc0
2cb3cd8380dcee09acd6fa93d71c5b2fa531a8a6cbbe871a27020eed9202bf70
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/css/flexslider.css HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vwjfObvs4n0l%2FgqqJmnPe89ZaXMTY7JKLw1i%2Fu5eOPhtaE31aybwMeuzUgVaT4wYm1VWfBUu7bpgSh7bdJsnRoTUmrANa%2BXJzQLeLhXlhocTFMV4kMqawSbhJ2QboG7mFoMpJng%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2bbfeb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/js/modernizr.custom.js
104.21.38.59200 OK 10 kB URL HTTP/2 sendonlinecake.com/ta/js/modernizr.custom.js
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1022), with CRLF, LF line terminators
Hash c07560385442e93275e262e9467180f9
b1c4d851591bdcd25568186bc864e252cb057662
239a1be489ebe481125f8452fac44485f14c5a99096719204de4ad601d5eb74d
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/modernizr.custom.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XoHvuDDX7IHI8sFSAD8xWnloKNsxKumZAJqcwungoO4iZblPJ0PRpi0jQzOxG6x9xE1v4P81oaD66nNrMA15xWhjtBLqDm2SJrbe6gXNDlSGlvS8D1LOjfuu%2FlBbwyv1P8xBW%2B8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc03b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 262ee317a7d41424cef3f541f6e538d3
1c298c901f93a95e99bdc63259f415ab84a13783
c263ddf8d0a398b0b7e11f7efa9cb901bf877d939f388eb6089a236bbbdc2be4
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C263DDF8D0A398B0B7E11F7EFA9CB901BF877D939F388EB6089A236BBBDC2BE4"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12682
Expires: Thu, 27 Oct 2022 10:13:16 GMT
Date: Thu, 27 Oct 2022 06:41:54 GMT
Connection: keep-alive
sendonlinecake.com/ta/js/simpleCart.min.js
104.21.38.59200 OK 20 kB URL HTTP/2 sendonlinecake.com/ta/js/simpleCart.min.js
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (364), with CRLF, LF line terminators
Hash 7c5e344532360128d2c3a567299c186b
bfc4ec60b76129e2382186560f713b01b408d1fb
15a5b84dadaf62fb243388379c7e2d0faaafd7b93452ea395611a7a231f4a8c3
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/simpleCart.min.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3LRBmYJrryS52Us3Rcs%2FWJ%2F6hAIjv2%2F2QUYPhd%2BwNPjE%2FBtClzm4JWCSowxRL%2F0rQj%2B9H11mvPnsybg7JU%2BcqgJFpl5yJRqsUNzOGehB4dXfI73OiM7GVbj1tt9yeXXXBbDq3kw%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc07b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/css/bootstrap.css
104.21.38.59200 OK 18 kB URL HTTP/2 sendonlinecake.com/ta/css/bootstrap.css
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1022), with CRLF, LF line terminators
Hash 0f9a5a3d5bd26a319a90e9dc1347209c
87b1654b4ac9d44285f6c1cdf795465dba29872d
971ccfd32c1f4c894509c97e26387aa2fa4d964099ba883439a93d739e70bf46
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/css/bootstrap.css HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7TGK7nhkKoMKmhH7pM7lZIvBdvsOo1sa9OC15ty7zknLAjr91EC94%2FB8N0C3HuzxaBzhA5hAPnbfP0brgxMakZsvM3ki4Y3Cq%2FPhlAtCQhM5CIQ8t%2BgCTqs2RQqhGPe3%2BoJIFOg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2bbf8b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/css/style.css
104.21.38.59200 OK 14 kB URL HTTP/2 sendonlinecake.com/ta/css/style.css
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (1022), with CRLF, LF line terminators
Hash 1b9839fc5eecd689d8edce1f6397063f
8b5c0af326ea298d8c7232585d88ab758b22d4c1
0406299b1e462456a1e2061b44a6483ec3690686bcc83392fadf60b52f80c1b2
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/css/style.css HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bZlSeFVIkTmapvrzbdA47vz8%2BoPYZ55wDU9j0BG4sXtPdboVMf1lepdMu5IE1Rvj89DSTn3t6ywdIlhimW8eojX5cp9hrdyQBd%2By0P775whqEdU5ZvFvrgeYaSXsxeoe%2B07us0I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2bbfbb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/css/animate.min.css
104.21.38.59200 OK 30 kB URL HTTP/2 sendonlinecake.com/ta/css/animate.min.css
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (364), with CRLF, LF line terminators
Hash 34a6bd11737d59f3dfcf47a6513093ed
a1aee953ffa28f04e38f8fa1439b5639103a3c23
821eab8a7cdac5626fae500f30febb956b7b9fa519482adb073952077fc668e1
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/css/animate.min.css HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RYPG7PhrdyVDChqVZg6LRSvApQyUxyV58xz2vIVM7DFcmpv0YgdG40qLJFJEwM0V0rFWFw66L9FDbfJO67HvZbbH7je8%2BctWb1luRfnwEuB0tO5hkkeiVlvoxPSpqb9MMyUiE%2Bk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc11b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/js/jquery-1.11.1.min.js
104.21.38.59200 OK 19 kB URL HTTP/2 sendonlinecake.com/ta/js/jquery-1.11.1.min.js
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (364), with CRLF, LF line terminators
Hash 9dd9ac5535b4443d9b748e8b015e7e6a
8105134297f642d572efba007ea83355ec5cd241
ec59173467220effd93e9043a6688a82b03022d81dc31de22e909026bcf7bd91
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/jquery-1.11.1.min.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BwAQlWD%2F5I1m%2BaOcKDWY9OtP%2BdsDMy7nBDD5YgLupVOEQu%2FYhoZg2KIJw1vORCrb8dOgQZY6exTIp7FsbrSS%2FsrvwO5ZeRfjxkNx285nr0SUxPug2gl%2BNqusnFz5x9cttCR7pNQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2bc01b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/js/wow.min.js
104.21.38.59200 OK 22 kB URL HTTP/2 sendonlinecake.com/ta/js/wow.min.js
IP 104.21.38.59:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (364), with CRLF, LF line terminators
Hash da76629ba170c23fa070b6198bd42959
ae4a44dfe58fcec8fe67335c37c8f92bed7bae4c
34a58ccea7b1a5b131d6a0e100daf897e1543c3261e7ec0e41fc6ae9a979fa17
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/wow.min.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=id4IR76oaMSoIbBhY%2FsqJUvDSrwl7LAee8FwW5SXQ%2BF9rzipfReGEx892bNLHhA6IdhkYn5pQDMZ5BTOWV6XZZj0W6zLtW9qRRVYbIyY%2FhJJnlwYzrqpYUXHq85oe4ZKW4X3HXk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc12b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 10 kB IP 93.184.220.29:0
Hash 5a34c1fbdf0e5028d487d747cb3e2363
ffd4f4249082689d1225366794c10c4898f433af
ab898c14589e08814cc8b421aaf4acd78365fa7f3c56f71e20757c3127f9f809
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3631
Cache-Control: max-age=117806
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:55 GMT
Etag: "63594332-117"
Expires: Fri, 28 Oct 2022 15:25:21 GMT
Last-Modified: Wed, 26 Oct 2022 14:24:50 GMT
Server: ECS (ska/F71B)
X-Cache: HIT
Content-Length: 279
embed.tawk.to/627a0a577b967b11798e9432/default
172.67.38.66200 OK 930 B URL HTTP/2 embed.tawk.to/627a0a577b967b11798e9432/default
IP 172.67.38.66:0
Hash bfe59f4bcc17c885dd4f4ce258946c3e
6912ade028959b17420f4de85f9bff6033e2f131
7e31f8257a4888b1f55e58d49c6596e168596c3190c8cff3543959fcd86c91c3
GET /627a0a577b967b11798e9432/default HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, s-maxage=3600
etag: W/"stable-v4-63258f417d7"
vary: Accept-Encoding
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972dfcc17fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 27 Oct 2022 06:41:09 GMT
expires: Thu, 27 Oct 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 50
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/teddy-love.jpg
104.21.38.59200 OK 1.2 kB URL HTTP/2 sendonlinecake.com/ta/images/teddy-love.jpg
IP 104.21.38.59:0
Hash 07e700bed4b7d8e7ba35a4bcc7fb2c25
749e0d570ce925077a4947595062c3464aebdf8d
791ec2fc672a7c5a1b2813a85c72f957f4bf1f851e8db79141c414cf39bb458e
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/teddy-love.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:57 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:57 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vnIJ%2BTEkr2EkFQg3l4Mi5y%2BqPd2ZndqsDJNCci2fwr6zIcutU6fP7Q2HVMIu5F9EA0VzVvcAErqin8WprNzWKs2%2FE4dmvHJWeQYV%2BAP5SsZFRHLWOnjGQy2FFYGKTiJUX5%2B5Yts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c77b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
142.250.74.170200 OK 43 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
IP 142.250.74.170:0
Hash be42c1fb10a9cf9b7cbcb092b2b3c877
8571b6602936ced390ea63ff491dcc38cde71861
d4d518c9975f6300bd00b46246fbb537e34d3c12fd6b6f519f8721579d2799fe
GET /ajax/libs/jquery/1.7.1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33333
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 23 Oct 2022 23:26:32 GMT
expires: Mon, 23 Oct 2023 23:26:32 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 285327
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/pagead/conversion_async.js
142.250.74.164200 OK 15 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP 142.250.74.164:0
File type ASCII text, with very long lines (1654)
Hash 34b6d5b94de5aa9a11745592f84aad0d
85c2890e443bcb8bc4443bf2d57fc0462b797617
39b175887782c7b0586123cc938fb5651c5edb230ae1d45be41de351ac42bff1
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Thu, 27 Oct 2022 06:41:59 GMT
expires: Thu, 27 Oct 2022 06:41:59 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 16072662367159696676
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 15168
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/birthday-icon2.gif
104.21.38.59200 OK 68 kB URL HTTP/2 sendonlinecake.com/ta/gif/birthday-icon2.gif
IP 104.21.38.59:0
Hash 9ff01cce66f0ec35802d71d442da5767
e56a766731227f93925b8d8ae8d70aefbf29f71a
f08a2b488b29c0fc6dbbb58e467df942ba1996dde90418f55e92c00a18d788ad
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/birthday-icon2.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jqrw8HcfUSBrfLXh5%2B5gvp5YQz90jFvB6EogZ%2BvMT7hIrxJhy8BxyruUG02nQEV%2FgW9DAXBYC7iDwcbQ3xNC4vXkjJF2S5o7lOP51J342bbGGY8C43xSkqDevfAhgc57L3lZgWo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c5fb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c9d17ba701249d9a9d183e57ed3c310
52057eccb2df7cb5ad8aca19b4a8d2c02a288236
14e36565b8c6fd53bbbb58ddeb6664f368b1cf35f7c9eb78c8c3acc390b24684
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14E36565B8C6FD53BBBB58DDEB6664F368B1CF35F7C9EB78C8C3ACC390B24684"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6127
Expires: Thu, 27 Oct 2022 08:24:06 GMT
Date: Thu, 27 Oct 2022 06:41:59 GMT
Connection: keep-alive
sendonlinecake.com/ta/images/cupcake-pink-banner.jpg
104.21.38.59200 OK 1.2 kB URL HTTP/2 sendonlinecake.com/ta/images/cupcake-pink-banner.jpg
IP 104.21.38.59:0
Hash 32ac32ebd2b9bad5f9e6da1151dbfb43
b864469aea1e65c5d2253cd991a6ec95ae220c26
155f2a981e81574fd6e2e69b2045f51a53ca67766f4ace9e87e0e731adeb29de
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/cupcake-pink-banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QO2nCZmuZ%2FBJ%2FtljgiqOub5JSl%2BHGVuGC9xFgmgsuxp2K0dVhJIYDLmScv4DaEnWc7%2BkoKZbkTe62PjRRyvqmkj3i%2BbDjc1o1L1SKGVEMR4sRuwz2idEWQjPCm0oCy0a1E553Ws%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c74b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/mobikwik%20banner.jpg
104.21.38.59200 OK 4.1 kB URL HTTP/2 sendonlinecake.com/ta/images/mobikwik%20banner.jpg
IP 104.21.38.59:0
Hash 57014dbf4cad06fabd7c6ff20a4ef847
16bfe81ae97440730530a77ad56bdb5c36d5314a
baf0f653ef0615e079e9a62839d27430d6afc9237c662261456666335555f600
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/mobikwik%20banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lLdOy6sqJuCUxwW%2ByKjW9tYTwD6SrHjRJAmlBDGWt7PF5wrCTC6qYNlFEiuMC2U%2FetcNVqknBe8cSaqcHS0Vsm4bd%2FkTkbQ1LNCgdshjjJ4K%2BPoREbvX1T7MwOGsgGn9Pk%2FlgMU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c59b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 9c9d17ba701249d9a9d183e57ed3c310
52057eccb2df7cb5ad8aca19b4a8d2c02a288236
14e36565b8c6fd53bbbb58ddeb6664f368b1cf35f7c9eb78c8c3acc390b24684
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "14E36565B8C6FD53BBBB58DDEB6664F368B1CF35F7C9EB78C8C3ACC390B24684"
Last-Modified: Wed, 26 Oct 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6127
Expires: Thu, 27 Oct 2022 08:24:06 GMT
Date: Thu, 27 Oct 2022 06:41:59 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash 7d4b826b3cd4f4fffd35abd60c407bdb
28e5a20b197bf6972fd097c3b302c1dd89b68f09
681fd035abbbf788f315fea7402f5e0d77b51f6167e237ff7516335911499b21
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:41:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
customfingerprints.bablosoft.com/perfectcanvas?publickey=xc3blub4pxwvxhj0oc4ddtqgkkpm42my84uqo7hyv6zwfetg7hiwnnl9wlzwnso7
143.198.242.75200 OK 6.6 kB URL HTTP/2 customfingerprints.bablosoft.com/perfectcanvas?publickey=xc3blub4pxwvxhj0oc4ddtqgkkpm42my84uqo7hyv6zwfetg7hiwnnl9wlzwnso7
IP 143.198.242.75:0
ASN #14061 DIGITALOCEAN-ASN
Hash 74c23a6afd0dd7f678077d34725d7cce
622b03fa4f57a49a4b4ecc4d27b449e528ed415e
58e035b816a156bdb1230998362f2bc6c3aef82500f85c6966d1660e16031e9c
GET /perfectcanvas?publickey=xc3blub4pxwvxhj0oc4ddtqgkkpm42my84uqo7hyv6zwfetg7hiwnnl9wlzwnso7 HTTP/1.1
Host: customfingerprints.bablosoft.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://sendonlinecake.com/
Origin: https://sendonlinecake.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:59 GMT
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, PUT, DELETE, PATCH, OPTIONS
access-control-allow-headers: X-Requested-With, Content-Type, Accept-Datetime, Upgrade-Insecure-Requests, Authorization, Cache-Control, If-Match, If-Modified-Since, If-None-Match, If-Range, If-Unmodified-Since, Max-Forwards, Range, Pragma, X-Requested-With, DNT, X-HTTP-Method-Override, X-Csrf-Token, X-Request-ID
vary: Accept-Encoding
content-encoding: gzip
strict-transport-security: max-age=15724800; includeSubDomains
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/chocolate-icon.gif
104.21.38.59200 OK 2.4 kB URL HTTP/2 sendonlinecake.com/ta/gif/chocolate-icon.gif
IP 104.21.38.59:0
Hash 0406f9a12a14856c531d0654e531c527
6536cf0a5d7463718374eb4b1101b4966c795b1d
685e44f8405e3cf8cf9985e638e18d6f353b9bcf7a6bdba130d8acc4c81e4fdd
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/chocolate-icon.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:57 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=erl4GzvHF3r3s3vB1%2FUs%2FvB6diw6g1H6yTX%2BoSiQWgg7DFzTqg262a203fU6BT6Gw%2Fxjzvpt%2F6xO4YM75yQYJ87fI8To%2Fq%2BB6lD5MunzIbc38Ce4VcpNWuCTwz4UvE1CRKmsumM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c62b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/handmadechocolates-banner.jpg
104.21.38.59200 OK 804 B URL HTTP/2 sendonlinecake.com/ta/images/handmadechocolates-banner.jpg
IP 104.21.38.59:0
Hash 0cdcee30cc9860cb8ba8600a946bb3ca
f4e67d7b95dd5ef2a25cddf2aab049997e8a72bc
ee9efb2e18d1903b01dbb345b662ecc9c5aa51ffe6d4560b71f6b2ad0b932efb
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/handmadechocolates-banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HZXrTm2u9b0Ok9%2BrO%2BxAH502E0Wi37wFRkoQB0%2FVQmm1G2UP%2BHxRdgFWH2CFaGuFEcwhoxUekT%2BT1ke6bczMsIgcR9G8lAeQZ%2Bpo6pd3PAEEHBg%2BE3DW0bn1tW2TIDG7XxazYxY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c70b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/cutecake.gif
104.21.38.59200 OK 2.4 kB URL HTTP/2 sendonlinecake.com/ta/gif/cutecake.gif
IP 104.21.38.59:0
Hash 7adbc2627f0027224780a07cbb02c6d9
19b44ee65293a0647dcc91d6ece80067090ee5e4
5d9a19718902a3d459734756f508b257ef8febc5828b0c821b1df3d172ccc408
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/cutecake.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vcf5067kSqr%2FxYA3Ovy%2BzemUI5YY0cUyHXvXLBk6suW7vGJSk3pIz%2FJY2wyu85W4seH37qlntHCOVCfg06Q%2B0NiFiwd36oRbFCx6zLGofJzKK0RZdZomA4bUjhRuY8nZo1B0Ma4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c68b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 472 B IP 142.250.74.35:0
Hash ce5d09bafa968f66bc7828927cb90e05
d6445e57629d1fcb89ac2fefdc5071cf82f71a59
e6b4e02dcd04a13ac1c6ce72819b8f20b1b5555a516151264b9a685532c38632
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/779147405/?random=1666852919197&cv=9&fst=1666850400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsendonlinecake.com%2Fta%2Faaeslmuitpavlot&tiba=Cake%20Delivery%20in%20India%20%7C%20Order%20Designer%20Cakes%20%7C%20Send%20Online%20Cake&async=1&fmt=3&is_vtc=1&random=3135146789&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
142.250.74.35200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/779147405/?random=1666852919197&cv=9&fst=1666850400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsendonlinecake.com%2Fta%2Faaeslmuitpavlot&tiba=Cake%20Delivery%20in%20India%20%7C%20Order%20Designer%20Cakes%20%7C%20Send%20Online%20Cake&async=1&fmt=3&is_vtc=1&random=3135146789&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP 142.250.74.35:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/779147405/?random=1666852919197&cv=9&fst=1666850400000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oaaq0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fsendonlinecake.com%2Fta%2Faaeslmuitpavlot&tiba=Cake%20Delivery%20in%20India%20%7C%20Order%20Designer%20Cakes%20%7C%20Send%20Online%20Cake&async=1&fmt=3&is_vtc=1&random=3135146789&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 27 Oct 2022 06:42:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.35200 OK 1.2 kB IP 142.250.74.35:0
Hash 2982fec1a5fe7cab729830598bd3ce55
d29dd221fc3792d69a892df50ebb17da04d5a824
109be6f3a9bbfdee54e72a51b15eb805f059232480a832eebab20074fbf9b09d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 27 Oct 2022 06:42:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
sendonlinecake.com/ta/aaeslmuitpavlot
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/aaeslmuitpavlot
IP 104.21.38.59:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/aaeslmuitpavlot HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:52 GMT
content-type: text/html; charset=UTF-8
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7Ff7v9bPFk51wj4FIafvGwkdLDfXVtz67oVbgbQY8Dp8X5z2tqKzstN6L8Wyk6CeBXT0Rynz6HRStf06i7AfRnnUdMBK6IFZjT3VwBb8cElk6%2FcsZul%2FSrtVVg%2BTrtE5dq9858c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 760972cf087bb509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/js/move-top.js
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/js/move-top.js
IP 104.21.38.59:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/move-top.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:54 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZIli27doLd7NqHfP34d2kfhavBBkcfvFvzvquhZLKsYggODJklJ6xdHW3%2F3phQRgwaA4kKMiy9j6MZMYyQcvqnm%2FKpie5GHLkNSTZH8OQh2V2XfhDMnN61MHKXQFfMqVhNuwv00%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc14b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/Diwali_banner.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/Diwali_banner.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/Diwali_banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9qLKNZ%2FVE48LTSIRLIS4b3vQBOpt0F9ee2buk5k2V4dboaw%2FRlzt98x%2BzWAiNCzTeaILhhXobzjwGwyGav1JdzXtruYSoaOZddlQsD3tr5AgidYiQxG%2FIFPb9wwAE6M9luP42V4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c58b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/cake-icon.gif
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/gif/cake-icon.gif
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/cake-icon.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2tHlQC5ojc80cc%2B0Jp1WSQLJ5mg5jv9DXiKjMRF7vZWju3zJmvy4BG7TEae6jkys91TayYaDTlzQU7ZmW3ETjbAKTAyjRb4tPa1Ae0zTKgAEEKvAeVBJyLmvmRgDOY1DI%2BQWnkk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c61b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/carnation-teddy.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/carnation-teddy.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/carnation-teddy.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V2bUSUDhk2KLZUqfG3lHpPhmxxYyJ%2FkqwOGKGcW9vDAiaA3jhrpMU98whXeryG9pgGP1e1unaWMMlP%2Fe8qWWIeDrmUaNcc9OIjw2heyLS4JJxEfn9t3FQRtk4yRvd6RKTxY9eIY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c78b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-main.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-main.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"da5bb1dc647470204df0e49f5afac2de"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fe885dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-runtime.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-runtime.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"31ca85b2b61bb42db4e40c2e9429f7dc"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fea86efac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-app.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-app.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"e736e189edb5d0d9d5b8e7f23dd9114a"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fea874fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Raleway:400,100,100italic,200,200italic,300,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Raleway:400,100,100italic,200,200italic,300,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic
IP 142.250.74.10:0
GET /css?family=Raleway:400,100,100italic,200,200italic,300,400italic,500,500italic,600,600italic,700,700italic,800,800italic,900,900italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 06:41:53 GMT
date: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-vendor.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-vendor.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"7dcb496e4882926f93f2e73fa87062c0"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fe9861fac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Pompiere
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Pompiere
IP 142.250.74.10:0
GET /css?family=Pompiere HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 06:41:53 GMT
date: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/anniversary-icon.gif
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/gif/anniversary-icon.gif
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/anniversary-icon.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Wd5Y47QLK%2FoeB9Jxsb45sL2BT4oOE4LXPKhKBgkrAT9ciSo9nZy53S62AL6gWdsKhpJp3Qw1hOtF6pAc%2B8Zir3kCwDDs4VSP6ZU0L2cDeSwjbxntzTpDC9pVpjbQ%2BgXSw2E0o4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c66b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/combo-small-banner.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/combo-small-banner.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/combo-small-banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X8YyKECusZ3%2F9U9PyXtaHiiQDF2EKNq0zgsZmVkU8o9x%2BroN9J5q12nXg9EUY%2BDGFHlgL98xAjXqjSBiwVrXM7mzUjFptWHnGu6LQ%2FUwEL17n9JL5VwHh1xlhuZOFHc7o0mhYts%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c71b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
142.250.74.10200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic
IP 142.250.74.10:0
GET /css?family=Open+Sans:400,300,300italic,400italic,600,600italic,700,700italic,800,800italic HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 27 Oct 2022 06:41:53 GMT
date: Thu, 27 Oct 2022 06:41:53 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
sendonlinecake.com/ta/js/easing.js
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/js/easing.js
IP 104.21.38.59:0
Analyzer Verdict Alert fortinet Malware
mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/js/easing.js HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:53 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:53 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3%2FaBCktslBb1U2pLhT2gep1tly0LvAubIR09vrm6tE%2BDd3fm9SflBTjhGtEzQ68uvCT9pLH4jOP70I2f8jYoowSsoE2FfIIssU8C%2FOFISrwpLrEUpg%2BHekkoAsVMLnVatbDp%2F3w%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d2cc15b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?90462
104.18.28.4200 OK 0 B URL HTTP/2 wati-integration-service.clare.ai/ShopifyWidget/shopifyWidget.js?90462
IP 104.18.28.4:0
GET /ShopifyWidget/shopifyWidget.js?90462 HTTP/1.1
Host: wati-integration-service.clare.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: application/javascript
last-modified: Fri, 21 Oct 2022 14:00:42 GMT
etag: W/"1d8e55581cb555d"
cf-cache-status: MISS
expires: Thu, 27 Oct 2022 10:41:55 GMT
cache-control: public, max-age=14400
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972df9cf8b4fd-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/sameday-banner.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/sameday-banner.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/sameday-banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yihmJ2K%2BrQiiYpJJHauc2nHIbJjGRbUaOTPsbjKsr%2B3RR4P7qsjjXOdYQ8z8C%2BO3TdxZndiKtL6VmiTSqWykukLw8OhwXhwhYZSJjpSCC36W9x%2FUL1Y2yl4z13oBboXioaEe5Xk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c5db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/cake-banner.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/cake-banner.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/cake-banner.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:55 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:55 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l4Xb7rbyFjguJ9ikKu6wbRvOcOs6vpDp1639QA95lrwnwVKr1NlChxxixR8QOjmlWiMfQhYVpIJP7crkpxykuWGOPcvyFgCzxyUAzQ8vycYhRuN%2BpOXuc3vLWIQYQnHIHABovaI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c6db509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-common.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-common.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"c262969ff89da8a8b3994883a0f57085"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fea86dfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/gif/cities-icon.gif
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/gif/cities-icon.gif
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/gif/cities-icon.gif HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:56 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:56 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JY1JdJ78hNnq%2Fb5nCU05dnWnSLObCP63pDPkr4wePF9eyXTMz3NBdLk3cuacC6w6C3p8XHUdIlWPB75Xn52ZZWUYOmOK4v9r5R6uwj9RNuNYSL97yF%2FSDfxzm3AU1R2m4U0LM4A%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d32c6ab509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
172.67.38.66200 OK 0 B URL HTTP/2 embed.tawk.to/_s/v4/app/63258f417d7/js/twk-chunk-vendors.js
IP 172.67.38.66:0
GET /_s/v4/app/63258f417d7/js/twk-chunk-vendors.js HTTP/1.1
Host: embed.tawk.to
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://sendonlinecake.com
Connection: keep-alive
Referer: https://sendonlinecake.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:42:00 GMT
content-type: application/javascript
last-modified: Sat, 17 Sep 2022 09:12:03 GMT
etag: W/"81c2642aac0b88b6b237d279f5f8ce67"
access-control-allow-origin: *
cache-control: public, max-age=2592000, immutable
x-cache-status: HIT
strict-transport-security: max-age=0; includeSubDomains; preload
cf-cache-status: MISS
vary: Accept-Encoding
x-content-type-options: nosniff
server: cloudflare
cf-ray: 760972fea86bfac0-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
sendonlinecake.com/ta/images/Banner-1.jpg
104.21.38.59200 OK 0 B URL HTTP/2 sendonlinecake.com/ta/images/Banner-1.jpg
IP 104.21.38.59:0
Analyzer Verdict Alert mnemonic_dns Sinkholed
quad9 Sinkholed
GET /ta/images/Banner-1.jpg HTTP/1.1
Host: sendonlinecake.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://sendonlinecake.com/ta/aaeslmuitpavlot
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 27 Oct 2022 06:41:54 GMT
content-type: text/html; charset=UTF-8
cache-control: max-age=14400
cf-cache-status: MISS
last-modified: Thu, 27 Oct 2022 06:41:54 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XG9UEXtzPTKCNmuGby6p%2FFWRIoqUJE90mx3AppWtVRhmks1kIu6QLAHWcdvlgf8fWZsPRbXFIaeZECjl5f3ojUvm7WMvTqb2tbCndTMbJ4u%2F5M5Zt555Iqp6vV5W8qHqIUHG3Ow%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 760972d31c53b509-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2