141.136.35.50/
141.136.35.50200 OK 4.4 kB IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (549)
Hash 33fef2b675f873df26d70d9f989395d7
6b20d85889d1eb96623fa607089916232894c6b6
3126d8be76289301638bb400fe3934c7c0c265b34a498e0802a071f184fee8e7
Analyzer Verdict Alert quad9 Sinkholed
GET / HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:18 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Type: text/html; charset=utf-8
ETag: W/"4850-1YLAiQF7iWq9Bg+6FsEw/omiA8k-gzip"
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 4361
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash e4bdd77c0369662aa71ce2d01fd3edab
0ab1c5857e200e7e7946424c2c844537bfbb9775
a163c19fcc8fcf985e8df6ad4bd7ce73912b3df892d8236c70f9bc80820b26da
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A163C19FCC8FCF985E8DF6AD4BD7CE73912B3DF892D8236C70F9BC80820B26DA"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4707
Expires: Mon, 09 Jan 2023 08:39:45 GMT
Date: Mon, 09 Jan 2023 07:21:18 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash b782882bdabaf3b08e64120922b4a4b7
2035ed7fc9fb5b6ee9715601ba43de5f94d0c0e9
3fe7d1a9a55b86ec25d02634749ccfae11f3477033ba8cd7ac4131b7948ba619
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3FE7D1A9A55B86EC25D02634749CCFAE11F3477033BA8CD7AC4131B7948BA619"
Last-Modified: Sat, 07 Jan 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=21143
Expires: Mon, 09 Jan 2023 13:13:41 GMT
Date: Mon, 09 Jan 2023 07:21:18 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Length, Alert, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 09 Jan 2023 06:48:21 GMT
content-type: application/json
age: 1978
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 75f0037a1d53a9a5321a796206ec3e24
70d42c9bf1334f20e1cea4ce3c8212e0e780ee77
80ec1e61f9563e799c9f44ea31e616c37daea1b9670091fbbc6efc39ebafe3d3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "80EC1E61F9563E799C9F44EA31E616C37DAEA1B9670091FBBC6EFC39EBAFE3D3"
Last-Modified: Fri, 06 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7761
Expires: Mon, 09 Jan 2023 09:30:40 GMT
Date: Mon, 09 Jan 2023 07:21:19 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash b1fcd419a4245617397846e8d17233f6
2a037ce244587640b27ead9a0ec2af4f862d91b2
e059b6d834c06e58494c43fb2ff42acbc27c1a1d8f7f30e2f32ca0e167599e2f
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-08-14-47-57.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: BCyeFEhcIWD8+SW3a8JcggrG3TVBncVqfoFnvyup//gEa9aVgINjSHRm/xW1KFe3ogusPlHj+Jo=
x-amz-request-id: V2NEQFWZQ9BHF5W7
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 09 Jan 2023 07:16:06 GMT
age: 313
last-modified: Tue, 20 Dec 2022 14:47:58 GMT
etag: "b1fcd419a4245617397846e8d17233f6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
141.136.35.50/css/style.css
141.136.35.50200 OK 3.5 kB URL HTTP/1.1 141.136.35.50/css/style.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 31f555a8d3fc0fcf9d6e846a94077b15
1c62d328c3c3db2ed91189a5a70f0201196128ab
59420e6d15657165442d6df434c489862d7f45aa6f7381ccd6343eed24b6e1a5
Analyzer Verdict Alert quad9 Sinkholed
GET /css/style.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 02 Dec 2022 13:20:24 GMT
ETag: W/"3d8c-184d2fec9c0-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 3503
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/animate.css/3.5.1/animate.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (52592)
Hash fec640dfea7dae770fd7e20015cb37ab
79937c653d3041059615436a9ae10e20f7165aea
62c012c712bf137d0ccf51ae1772ff4946a28ba14d826b6fb8e9418ca15e8d88
GET /ajax/libs/animate.css/3.5.1/animate.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
content-length: 3281
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03d2a-ce35"
last-modified: Mon, 04 May 2020 16:04:58 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2380839
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6AW8U0eT0EsPJaCKZ%2Fj9cQtFq0nphWtv8XAjEGbeoOl3PwYKLFDfcKs1LY2Djne90dpw0xu6tyn1AwvFdtn3q0xX5%2FnBBxiE64g8iMBW%2FHJ%2BmnPzB%2FUpGSz1b4Tw4uDrvjBt6ZrC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a57697db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js
104.17.24.14200 OK 6.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (25258)
Hash b10e40052eef5465e7a0f5e9fb899deb
603d5fdfa11eab58b6e74694cd8571e73862cad9
eba2933a501a6a410694ef0a6981956dc3fd23ed3fbf0cd1e81d1a21922d36cf
GET /ajax/libs/lightgallery-js/1.4.0/js/lightgallery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 6325
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f85ee4b-6349"
last-modified: Tue, 13 Oct 2020 18:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 10053805
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=np1lkILRcrX82GV72Gs%2BI8UTMdlUy3IFC3S9ITUmVY2ueB0D3znwmPKuFtKpt2Bynn%2FRLpKuIUCVlLzw%2FEvfneSPg3MS7KkWT2mrPFJJ21EtCPqHk5qFXugWlqCuT2%2FtUv2xql%2F%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a576988b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
104.17.24.14200 OK 2.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/wow/1.1.2/wow.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (8152)
Hash 97c687af34ccd69fdfe48fbca70afec2
ab75720b2143215335378849e4f295a290d4d41f
748b1da138fb49f26c67ae1eaa8908da0b8c9625ad0ece81d704a7fb9a7d07b5
GET /ajax/libs/wow/1.1.2/wow.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 2346
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb04033-1ff6"
last-modified: Mon, 04 May 2020 16:17:55 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4709747
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9jxs4xahw%2BJSctA%2BaqSMyM%2FXOqPVWeLOSSPeSq%2Fdc1TSxSXpXDLDSmKk2kZEZ6vzQ5lOMCL9dgDLXC3Q3%2Fa%2BpJu1wE1RYFh2p5PRlXZvzOwCEWc2sjXFJtRlxtQV8sf5fU%2BSfFDr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a576984b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css
104.17.24.14200 OK 5.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (28768)
Hash 0f243ae6d6da710c26886b9f56872964
3f8aaa2edfe4ceae8cbd975947d2b3cb728c38c5
4d7c9f54cfc8e1ebce198671a16b06da00570e0e66320220d059c23b333a72cb
GET /ajax/libs/font-awesome/4.6.2/css/font-awesome.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
content-length: 5291
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03e5f-7103"
last-modified: Mon, 04 May 2020 16:10:07 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 21537757
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=srDE%2B8ShAblHJVdhlKFSmV1A1%2F%2Brz0HsD%2BASbEp8cDnBzzRXhC2kX5kocgn%2F5adN0JAZiLNeLXV3AiZK34B5iXmqfTK7L2h8Ly4oyXmywqovpsOBiYGMABJytaFdle4Z%2F6uqlIpd"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a576981b518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
104.17.24.14200 OK 27 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32014)
Hash b0a538eca8603c37c15e4ccd04500c57
f89f4099777ae63be4e09fee2b1227bc6874fd73
917decede324477626db7f615c8ee595556bafb7a875bdc9d3c3b1b94b345307
GET /ajax/libs/jquery/3.1.0/jquery.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 27198
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03ec4-1514f"
last-modified: Mon, 04 May 2020 16:11:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 5836347
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2KOzMi2fPyAG%2FF3SV6os%2B4sqCTHKtKBhT58AGh2FS09kI7akNgV4SOCxLgCrjTOt10rUFGNGCKVwazgecbo3Y9%2Blvjx6OplkJqkEN3AJDKlQbVLMmGvGKU0LFwofhwUnPJJn2ys"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a57799bb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/js/script.js
141.136.35.50200 OK 424 B URL HTTP/1.1 141.136.35.50/js/script.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 4ff1394a680ad383d00c226e7f78fc24
5f77e48a3d62f015f7fcb7117552c988d50b667f
751826cf4d1a5de2d17d69a68ede36d883e59b4ee9680307002d9bebc3d1f049
Analyzer Verdict Alert quad9 Sinkholed
GET /js/script.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 28 Nov 2022 21:12:10 GMT
ETag: W/"49b-184c0154410-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 424
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/css/responsibility.css
141.136.35.50200 OK 791 B URL HTTP/1.1 141.136.35.50/css/responsibility.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
Hash e98b84cf6874eaf59e17d9bccfcfbddb
c6bb2e813a12bbdcef40093e21a8a3ebee7f858d
cb68f20c70728cd9a1be2aa7cc3e5332318c6a293824b3131473b2d169843ce1
Analyzer Verdict Alert quad9 Sinkholed
GET /css/responsibility.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:07:12 GMT
ETag: W/"97e-1847c425200-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 791
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
141.136.35.50/css/carousel_pc.css
141.136.35.50200 OK 1.3 kB URL HTTP/1.1 141.136.35.50/css/carousel_pc.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
Hash 6f41d43cacdfd7a5f0590c3f16201e6b
ae527e1ad4698f7a536506ef720f22897ae7ccd8
5696b479f6cec8c366e28d6f1a5d0f981f80ad6eaaa8b9a811bae8f5264b3376
Analyzer Verdict Alert quad9 Sinkholed
GET /css/carousel_pc.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:06:28 GMT
ETag: W/"136d-1847c41a620-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1317
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/vue/2.0.1/vue.min.js
104.17.24.14200 OK 21 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/vue/2.0.1/vue.min.js
IP 104.17.24.14:0
File type ASCII text, with very long lines (32024)
Hash a47e057ccaa761adc39ca4653fd5ca03
fc9c55b7c8187b6fe9f14a1a54a784822c963083
c9aadb1ef728cc805151a580aabcc854f0fc80114f9f6b131ac15c617e544024
GET /ajax/libs/vue/2.0.1/vue.min.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/javascript; charset=utf-8
content-length: 20907
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb0402c-f6e0"
last-modified: Mon, 04 May 2020 16:17:48 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 2191592
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UcIoJlLIxUqavvga0ylQ7jvKG908ZE14%2FvqYxCiHntHqLQpFL5HvtEnV03U0YNiHeYBlp6EnXRnTjNn1aABopxX5OPlePJ%2BfTmGu%2B0QZgkntzsTAmbvuGLaLx0MH93WxF%2BYX7%2BmC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a57799db518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/css/incentives.css
141.136.35.50200 OK 946 B URL HTTP/1.1 141.136.35.50/css/incentives.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 905abeb9e4e70b3560d81a9cb6a5b76c
c18298e78ce16fc29ef1a08b2e2301dbd609f756
97d843f6ccb70d0a8bc0865eb2895609a5b7d425637ba073e32c75a950a871b7
Analyzer Verdict Alert quad9 Sinkholed
GET /css/incentives.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"c1e-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 946
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css
104.17.24.14200 OK 3.3 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (20972), with no line terminators
Hash 8408478149d06b7243f8a5a8dbcfd023
89fef5084e5b015faccfe86004d1201ad00a7776
01eb0f2ca8937bec354d837f9190327842fb222582c80dc75c8141909aebf167
GET /ajax/libs/lightgallery-js/1.4.0/css/lightgallery.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
content-length: 3327
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5f85ee4b-51ec"
last-modified: Tue, 13 Oct 2020 18:13:31 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
cf-cache-status: HIT
age: 11441076
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FC%2BCJ7BxD0zPjrVaUQW7ww0nwhdFO2gBlufrUWn0l5U3Nk1CQWAUPOAhoLCyEPA%2F51mTvzp%2BFhW3km%2BcPkqxTSGJ5m8HvdAzPOe1XqjrexzncuQMGca%2BSjHbTarhgkyNrHZ610dz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a57799fb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/css/carousel_mobile.css
141.136.35.50200 OK 1.2 kB URL HTTP/1.1 141.136.35.50/css/carousel_mobile.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash ed51dbb095605ca717b323dfc041aee8
af06f2a7f99f634a9414667e8ecfd2ac3ba0d3c0
e86cd7b7f72d4b0afe7b8e7d26c532d1146c6fcf0187f8cf2496d658e6b64026
Analyzer Verdict Alert quad9 Sinkholed
GET /css/carousel_mobile.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"17eb-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1242
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 634e0e814bce2a88d781f65f4d747e2e
1f3f7e9756416779eb95fd76e293afe7d484585a
404f5489d744b72f60acd6be14ab790cf2be4e80ec5061b2cda5894f005dde1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Last-Modified: Mon, 09 Jan 2023 05:58:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
104.17.24.14200 OK 19 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/6.2.0/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (65317)
Hash 95d49e491b46f526854d624e40d8af76
5b145ab428cc484ecead4666e01cca7ce6b4dff4
f897fc168379623a0e92c3bb80ff02bc4742ccb555fb094e87dc9b60697a481c
GET /ajax/libs/font-awesome/6.2.0/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
content-length: 18688
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "630e6e62-4900"
last-modified: Tue, 30 Aug 2022 20:09:06 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 4632876
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QD1VJroiunoA%2BsokpEi63AvfrqIu4C%2FYFfiV3tTKJwJHVstONKg1I9ut2vBj9n%2Fkb3uzdNyyLEeg62W0kT4PhVy2eJ8h2cLbRMJhUJtcLSNe0fxhvo1FeWesG2eBgTaIK9k3Q2d1"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a57697ab518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/css/footer.css
141.136.35.50200 OK 820 B URL HTTP/1.1 141.136.35.50/css/footer.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 45aabe18434a13d9bd857a55aadf16a6
7666a713dbdcca278947b5bdf9e4327982129b4c
1b6f1272877d7cad39ae246cad9497605d3bf32adb9ebd05ceaad76a83c3b2ca
Analyzer Verdict Alert quad9 Sinkholed
GET /css/footer.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"987-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 820
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
104.17.24.14200 OK 10 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css
IP 104.17.24.14:0
File type ASCII text, with very long lines (59119)
Hash 14e1692fd4263ccfea0b84299bdbf1f5
7783020a9ced5f32c8d38205357c7d10798be1fd
8ff0cd2d1e7f0b6203a762fb9811256d4445a3ad0d97f07102e038ba0eb3db72
GET /ajax/libs/font-awesome/5.15.4/css/all.min.css HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
content-length: 10462
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "613fa20b-28de"
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: HIT
age: 8824545
expires: Sat, 30 Dec 2023 07:21:19 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ud2gQk8HysqzQGQ4o5r6C90Mg7SujFrHaXJzQDJMDKG3%2ByvLr3aWIeQW6WlLBCtjPMButBIQxEDgJJslvig8gXqt8OmW23SAlfv1PtRg1%2FgK4cieHQVJYI7Rh2njDKuBcVLXca7h"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 786b6a5789aeb518-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
141.136.35.50/css/contactus.css
141.136.35.50200 OK 836 B URL HTTP/1.1 141.136.35.50/css/contactus.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash fa7be4ccd470c85fcce415ddf908eb85
1bbc549f63a2bb4205e7f8334bbe0886683126ec
08ed7c452f4cdce6f328baeb50ed70601d3800412d76fb9fab77e2df58c2585f
Analyzer Verdict Alert quad9 Sinkholed
GET /css/contactus.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"8e3-1841e8f2b10-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 836
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/dist/carousel_pc.js
141.136.35.50200 OK 1.3 kB URL HTTP/1.1 141.136.35.50/dist/carousel_pc.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document, ASCII text, with CRLF line terminators
Hash 5126c8ae1f18f1508e73a1beb61ab402
90082c43374929aa0e1c3b04a9a999079c6bb0a8
5f3847b1cbc5d3e318bb9f82bdff89b286ce8dfdedb71eb4b292aa969c93a9e5
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/carousel_pc.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:02:44 GMT
ETag: W/"ecf-1847c7529a0-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1256
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/dist/carousel_mob.js
141.136.35.50200 OK 1.6 kB URL HTTP/1.1 141.136.35.50/dist/carousel_mob.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type Unicode text, UTF-8 text, with very long lines (359), with CRLF line terminators
Hash ac804209228128b556cfa78bec8524ff
dd9299cd84f695e14e0c0a89388767d8af001692
94e900b0fde43d35047eaed571bb10ab47d13922161ed3b0f57062d37b242e60
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/carousel_mob.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:01:38 GMT
ETag: W/"16d8-1847c7427d0-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1620
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/css/buttons.css
141.136.35.50200 OK 704 B URL HTTP/1.1 141.136.35.50/css/buttons.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash f9812d53cd8a0ebd8908dcdd93e01746
7571723b72dd2e922f321362d51b8d50d6e0cccc
751e3540c4f927930cd48c5e7c81363cfd8b9cc99d78c2cdb6daa37fea6aecaf
Analyzer Verdict Alert quad9 Sinkholed
GET /css/buttons.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 11:34:28 GMT
ETag: W/"729-184c32ab9a0-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 704
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
141.136.35.50/css/stylemip.css
141.136.35.50200 OK 635 B URL HTTP/1.1 141.136.35.50/css/stylemip.css
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 4411fa5a88f2f78b8fd44f2cdf152a1e
18fae990d7f396c03dc74ef743df036f61561c43
4da404770727041097f5f7efc38d7cc079cf7fa73c90d9d05a6439be1234afbf
Analyzer Verdict Alert quad9 Sinkholed
GET /css/stylemip.css HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:59:20 GMT
ETag: W/"969-1847c720cc0-gzip"
Content-Type: text/css; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 635
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 634e0e814bce2a88d781f65f4d747e2e
1f3f7e9756416779eb95fd76e293afe7d484585a
404f5489d744b72f60acd6be14ab790cf2be4e80ec5061b2cda5894f005dde1a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4954
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Last-Modified: Mon, 09 Jan 2023 05:58:45 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
code.jquery.com/jquery-2.2.4.min.js
69.16.175.42200 OK 30 kB URL HTTP/2 code.jquery.com/jquery-2.2.4.min.js
IP 69.16.175.42:0
File type ASCII text, with very long lines (32065)
Hash 82885772205f23cd59e25a221521b059
96ed36f45544295f28df1ab251e7e38faceeff0e
8e85465daae15b31a1837a4112cf920c1eeec7a5c189595651b3a53cb9b97215
GET /jquery-2.2.4.min.js HTTP/1.1
Host: code.jquery.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-encoding: gzip
content-length: 29811
content-type: application/javascript; charset=utf-8
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
accept-ranges: bytes
server: nginx
etag: W/"611feac9-14e4a"
cache-control: max-age=315360000, public
access-control-allow-origin: *
vary: Accept-Encoding
x-sp-metadata: HS256.CP+c750GEocBCiQxYTUwMTA5Ny0yZDBjLTRiNTgtOThlMC0zMzQ2NjM1Y2Q4YTAQ+OiCoKvU+wIaBgjvgO+dBiIMOTEuOTAuNDIuMTU0KN6dATADOARCFlRMU19BRVNfMTI4X0dDTV9TSEEyNTZaIGM3ZDJiNGM0ODRhNDEzZTE5MWRlNmFjZmYyZGIyMDA5GiwIARIkYTY0MTA4NzMtYWJmOS00OWUzLTgxYmMtNmRiYTVmYmNiOGYyGPPoASIYCAISFGNkczIxNC5zazEuaHdjZG4ubmV0.Tm5Rjk3jn8sHyKxekY6ijcbAc9Q2n8KmxAJB1z+pYkc=
x-hw: 1673248879.dop210.sk1.t,1673248879.cds225.sk1.hn,1673248879.cds214.sk1.c
X-Firefox-Spdy: h2
141.136.35.50/dist/incentive.js
141.136.35.50200 OK 688 B URL HTTP/1.1 141.136.35.50/dist/incentive.js
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type ASCII text, with CRLF line terminators
Hash 5555aa2c11ff1a26ee89e9d24f524acc
c8c7e714c814fc0f1701244d7bd7c517c8fa687e
3565f84cddc108269473c388b90a99afb2ec7f400d896e17edd26b893a693066
Analyzer Verdict Alert quad9 Sinkholed
GET /dist/incentive.js HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:03:08 GMT
ETag: W/"754-1847c758760-gzip"
Content-Type: application/javascript; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 688
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
unpkg.com/swiper@7.4.1/swiper-bundle.min.js
104.16.123.175200 OK 39 kB URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.js
IP 104.16.123.175:0
File type ASCII text, with very long lines (65279)
Hash 3110bb7f37ed37762fc4c3d7ba2376a1
e95b1fe85640007e3d506b6c1c85d1e25c8d5215
0499c81825bfc4647c0a8d8e3d78b4d74e085a0db801a21fef39ce9c7c28be85
GET /swiper@7.4.1/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://141.136.35.50/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"212e8-+9I9CUbhY1/BprAUcnI5oGYQ/d0"
via: 1.1 fly.io
fly-request-id: 01G4XGYFFRBMSG82JZ2H3KRTZA-fra
cf-cache-status: HIT
age: 18695604
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786b6a589dfe1c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
unpkg.com/swiper@7.4.1/swiper-bundle.min.css
104.16.123.175200 OK 4.9 kB URL HTTP/2 unpkg.com/swiper@7.4.1/swiper-bundle.min.css
IP 104.16.123.175:0
File type ASCII text, with very long lines (15306)
Hash 4b712ba7ef0e34c6af65e0a0e08af584
7322f20f7c9c26610ad622b807c5bf3c96f9d8f8
2c8cd741d0804fbadceff18b6fc893328aaed2f4c2b233f81ccc4d14f7e5c3c2
GET /swiper@7.4.1/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://141.136.35.50/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
etag: W/"3ccb-5Koe10fACH1gYqRziowpfORPwas"
via: 1.1 fly.io
fly-request-id: 01GM9C7V3WN61FG7TJ5H4FSRB1-fra
cf-cache-status: HIT
age: 2191769
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786b6a589df31c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.googleapis.com/css2?family=Audiowide&display=swap
216.58.207.202200 OK 820 B URL HTTP/2 fonts.googleapis.com/css2?family=Audiowide&display=swap
IP 216.58.207.202:0
Hash 666c8f4599ef0bd1d5d100084c164826
a899f5cd7b46d8a293ab2fe2b9b96c9a6c90c17b
4fa4c564ab88ce9d95c46df819a78efe31c31bd713f2a296522d23cd9f4921d2
GET /css2?family=Audiowide&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 09 Jan 2023 07:21:19 GMT
date: Mon, 09 Jan 2023 07:21:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/megalogotheme.png
141.136.35.50200 OK 26 kB URL HTTP/1.1 141.136.35.50/images/megalogotheme.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 100 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash 9fa699ac0e71fc78e45a3ca389f93912
1a0f162fc437e8c7d51d534bcdb9e2139045ec0f
b4093d76f5e1e71c09642eef8cdf8bdf3a8b24344633fff93f0b4f25d25d3a9d
Analyzer Verdict Alert quad9 Sinkholed
GET /images/megalogotheme.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"6720-1841e8f2b10"
Content-Type: image/png
Content-Length: 26400
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum-4.jpeg
141.136.35.50200 OK 39 kB URL HTTP/1.1 141.136.35.50/images/monum-4.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 711x400, components 3\012- data
Hash e131d8e1b41d885516bbcf120023658c
197aa921b796d54fc0bb284f4341898d290f8418
4387234844bd8d517b3150736d489d8cc0857b5e095c4fcaeaa22293c14ef8e0
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-4.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:09:38 GMT
ETag: W/"96b3-1847c7b7ad0"
Content-Type: image/jpeg
Content-Length: 38579
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum2.png
141.136.35.50200 OK 88 kB URL HTTP/1.1 141.136.35.50/images/monum2.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 258 x 196, 8-bit/color RGBA, non-interlaced\012- data
Hash 8ef3772748d0bdef72bf81b5dccfd905
da291760f4d7da69cd48e11988c492e3b779c4f6
5a57707ea9dbd1e3ce536edf162d0928200d61722f45c6607b127452d77803d6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum2.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 23:13:20 GMT
ETag: W/"1561b-184c5aa8e80"
Content-Type: image/png
Content-Length: 87579
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/monum-1.jpeg
141.136.35.50200 OK 98 kB URL HTTP/1.1 141.136.35.50/images/monum-1.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x512, components 3\012- data
Hash 0ff7048a52bdbc7b380fb2190ff298ca
10abe61b5791d34c78da6cc381efea1e3ff8e467
32572cf49f9dbe40c9c2bf0dce4446602e4f5f9ee2b1f939c968c334c82a6565
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-1.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:48:06 GMT
ETag: W/"17ee6-1847c67c3f0"
Content-Type: image/jpeg
Content-Length: 98022
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum-2.jpeg
141.136.35.50200 OK 70 kB URL HTTP/1.1 141.136.35.50/images/monum-2.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 552x368, components 3\012- data
Hash 7348ee5fde2f1c459714e429b7e2ce2f
c7b202ae9dd9703aeedcdb81203c9693527c28cd
d237182f198eb94468829e2f22f55333533c3aa7f8f0d2c5792e7af88959da1c
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-2.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 30 Nov 2022 12:43:36 GMT
ETag: W/"111fb-184c89060c0"
Content-Type: image/jpeg
Content-Length: 70139
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
141.136.35.50/images/monum-3.jpeg
141.136.35.50200 OK 102 kB URL HTTP/1.1 141.136.35.50/images/monum-3.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 1200x900, components 3\012- data
Size 102 kB (101632 bytes)
Hash 0e845db0a1158ee5c7e09894039ce933
7df98b1fe7c02164b5f2b17acff947064fce4f50
2ea3e47cdd7ed668c5b36027f00c1b096730acb72e029612bc6701d0cbec7c2e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-3.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:10:12 GMT
ETag: W/"18d00-1847c7bffa0"
Content-Type: image/jpeg
Content-Length: 101632
Keep-Alive: timeout=5, max=98
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
141.136.35.50/images/img1.jpg
141.136.35.50200 OK 24 kB URL HTTP/1.1 141.136.35.50/images/img1.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, baseline, precision 8, 248x186, components 3\012- data
Hash 1559da58863788808b24882234ac42d1
3bb67bcabc9a1364a6944e5aed05f759145ff609
2a191e644b0cf7622647a4f20bf51c7ac04c573591acacdbd89b62f0c2403bdb
Analyzer Verdict Alert quad9 Sinkholed
GET /images/img1.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"5f50-1841e8f2b10"
Content-Type: image/jpeg
Content-Length: 24400
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/images/monum-14.jpg
141.136.35.50200 OK 29 kB URL HTTP/1.1 141.136.35.50/images/monum-14.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1, orientation=upper-left], baseline, precision 8, 280x180, components 3\012- data
Hash 8b1d60c2b621d7d9b975e32274ffb13e
143c7e00bc56d8da00b09a69c0fa8f6e7d6afb6e
e79aa56b27fc59856ee4dcb05d27f4b3e61337f8c9c06e5fecea262088e034e9
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-14.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Fri, 28 Oct 2022 12:26:50 GMT
ETag: W/"7183-1841e8f2b10"
Content-Type: image/jpeg
Content-Length: 29059
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/s/player/e5f6cbd5/www-player.css
142.250.74.46200 OK 50 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-player.css
IP 142.250.74.46:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b1464acd0042e69d9b42545b2475ade
fbb758851b19297ae248005196ce125af86bbceb
a41ea67f5651721d99d5af76b63d8286da883c9a5c8de0b06ad590cf35099740
GET /s/player/e5f6cbd5/www-player.css HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 49906
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 00:04:45 GMT
expires: Tue, 09 Jan 2024 00:04:45 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/css
age: 26194
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
142.250.74.35200 OK 7.9 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7932, version 1.0\012- data
Hash a7f7eebec745ef48ccf7a3d08c66d84a
2c5f99afe358a3e8570818a99646779aaa607587
6f0c572590421075878908e0b380c5a6d404f72aa7d6d125385943be658f8399
GET /s/poppins/v20/pxiByp8kv8JHgFVrLFj_Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7932
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 23:44:13 GMT
expires: Thu, 04 Jan 2024 23:44:13 GMT
cache-control: public, max-age=31536000
age: 373026
last-modified: Wed, 27 Apr 2022 16:10:29 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
142.250.74.35200 OK 7.7 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7748, version 1.0\012- data
Hash a09f2fccfee35b7247b08a1a266f0328
0da2d17e738f46d2a09e6fb7969da451719a9820
cd36de204aca2d5fa263a731f7c20009b5e3d754ba1f1e03c33e93a48f3e7446
GET /s/poppins/v20/pxiByp8kv8JHgFVrLGT9Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7748
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 19:28:50 GMT
expires: Thu, 04 Jan 2024 19:28:50 GMT
cache-control: public, max-age=31536000
age: 388349
last-modified: Wed, 27 Apr 2022 16:21:30 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
142.250.74.46200 OK 109 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (679)
Size 109 kB (109069 bytes)
Hash de70cca71a002835d2d2e36d34adc509
19df5ef5e91da5a7ac9ac6d58ed26eb39aa65425
53068fee4e27a994ee67cea47396a03452d3fa6e8b63fe6ca2e110c2f36f5e43
GET /s/player/e5f6cbd5/www-embed-player.vflset/www-embed-player.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 109069
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 08 Jan 2023 15:14:36 GMT
expires: Mon, 08 Jan 2024 15:14:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 58003
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
142.250.74.35200 OK 8.0 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 8000, version 1.0\012- data
Hash 72993dddf88a63e8f226656f7de88e57
179f97ec0275f09603a8db94d4380eb584d81cd5
f4e80d9dfd374d02989b87a27b5ed4cb78fbb177c27f1478e9a8b0afb7513149
GET /s/poppins/v20/pxiByp8kv8JHgFVrLEj6Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 8000
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:33:11 GMT
expires: Sat, 06 Jan 2024 13:33:11 GMT
cache-control: public, max-age=31536000
age: 236888
last-modified: Wed, 27 Apr 2022 16:59:07 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
142.250.74.46200 OK 2.8 kB URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js
IP 142.250.74.46:0
File type Algol 68 source text\012- Pascal source, ASCII text, with very long lines (555)
Hash 80fe2d229007996c8397073b00755dc7
121f82c77bcf2a297a1085e3b092415c463fcafe
033dfa8941482c82d4f1aaa4a9172fb379b9e46a02d5b36297c5476bbbfdea2c
GET /s/player/e5f6cbd5/fetch-polyfill.vflset/fetch-polyfill.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 2786
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 07:01:34 GMT
expires: Tue, 09 Jan 2024 07:01:34 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 1185
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/home-slide-1.jpeg
141.136.35.50200 OK 99 kB URL HTTP/1.1 141.136.35.50/images/home-slide-1.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 1500x721, components 3\012- data
Hash eb7f5b3ad490bd18b7818b3501f3ef80
932670520f8d9b21df58ff8378f63061f9a8ad66
1e6df4b461986efc4fd555f229d227442bff36eb85c6854a37549cd6ce6e5e3c
Analyzer Verdict Alert quad9 Sinkholed
GET /images/home-slide-1.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:52:02 GMT
ETag: W/"18360-1847c6b5dd0"
Content-Type: image/jpeg
Content-Length: 99168
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
141.136.35.50/css/images/home-slide-2.jpeg
141.136.35.50404 Not Found 167 B URL HTTP/1.1 141.136.35.50/css/images/home-slide-2.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 48bf203198ffd6fd9347e860d0cd1f3d
dfb7e331120fbbae7b54f5f67ec81d900c44033a
edf2c5653f31759a4c40511d692bd76ce8246181b7ea620bfe0980edca0f06b3
Analyzer Verdict Alert quad9 Sinkholed
GET /css/images/home-slide-2.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/css/style.css
HTTP/1.1 404 Not Found
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Content-Security-Policy: default-src 'none'
X-Content-Type-Options: nosniff
Content-Type: text/html; charset=utf-8
Content-Length: 167
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
unpkg.com/swiper@7/swiper-bundle.min.js
104.16.123.175302 Found 94 kB URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.js
IP 104.16.123.175:0
Hash 768c9003bd046532c1fa8a88f28a9416
46d189210576b2034a3817fafffa5cdd37e86ef8
966565a2b19060377027d71c0f016fcb88ad07f12c9d57a6b745b82bc09ad6cc
GET /swiper@7/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPAP14N9G8A3BH6AW15P0Y3X-ams
cf-cache-status: HIT
age: 465
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786b6a587de91c06-OSL
X-Firefox-Spdy: h2
141.136.35.50/images/home-slide-4.jpg
141.136.35.50200 OK 154 kB URL HTTP/1.1 141.136.35.50/images/home-slide-4.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 700x420, components 3\012- data
Size 154 kB (153906 bytes)
Hash 99def104267af42a0e10dc2dd3a484c5
9e57a57684a91b1dcc24ce87b16449f6ec02b9f6
be91fe2b28642b2f4fd8d1a1fb4ef381b3f00efb48376ce304f2394ccdaa64bb
Analyzer Verdict Alert quad9 Sinkholed
GET /images/home-slide-4.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Sun, 27 Nov 2022 21:14:44 GMT
ETag: W/"25932-184baf141a0"
Content-Type: image/jpeg
Content-Length: 153906
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
141.136.35.50/images/monum%201.png
141.136.35.50200 OK 79 kB URL HTTP/1.1 141.136.35.50/images/monum%201.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 254 x 171, 8-bit/color RGBA, non-interlaced\012- data
Hash 49d6f66cb1a1142c5f34e969dd506259
c9031ab0992d4de023d62ec99a30590f48b6c635
5adb17570340c8c29e16b63c8f21d1b012ab1867d798074f9570929d66bd4a9e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum%201.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 29 Nov 2022 23:13:24 GMT
ETag: W/"1359c-184c5aa9e20"
Content-Type: image/png
Content-Length: 79260
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
fonts.gstatic.com/s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2
142.250.74.35200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14884, version 1.0\012- data
Hash 9dfaf68c0bfb63244091fe04ae924004
93080052cfa56b03dcfd2fcbe1ea4a741fc53c92
6b018583b0a540d476829c40b703ff77df0d215a6420791a4909fcdc053f75b3
GET /s/oleoscriptswashcaps/v13/Noaj6Vb-w5SFbTTAsZP_7JkCS08K-jCzDn_HAX2kSA.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14884
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 03 Jan 2023 16:44:10 GMT
expires: Wed, 03 Jan 2024 16:44:10 GMT
cache-control: public, max-age=31536000
age: 484629
last-modified: Mon, 09 May 2022 18:45:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 53e4963971e19408d4cf264bd653599d
271fa6d9b5843b97d579a713fbb48b388c61eba0
c3245e3793f7aab542ba2b4b719f5145a45ba29d536456ad629a364ab2df400b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:19 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2
142.250.74.35200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 14456, version 1.0\012- data
Hash 7a93cfe157bf03fdac08d381c241b458
6c502bd8dd6045e41c80b6de80341760a83130a3
4e8b3c170321fd6a38ad24b7df1aebf59b19d9f07fada7beef10f7e5664b13f9
GET /s/cookie/v17/syky-y18lb0tSbf9kgqS.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14456
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 06 Jan 2023 13:34:30 GMT
expires: Sat, 06 Jan 2024 13:34:30 GMT
cache-control: public, max-age=31536000
age: 236809
last-modified: Thu, 21 Apr 2022 16:46:40 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
142.250.74.35200 OK 7.8 kB URL HTTP/2 fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2
IP 142.250.74.35:0
File type Web Open Font Format (Version 2), TrueType, length 7840, version 1.0\012- data
Hash 8d91ec1ca2d8b56640a47117e313a3e9
a9e9bafe64666f4595051a0e895b47a5fa39e67e
78bc3aa78faec288bbb3bf26c9a0fa4eb67b1e69da94a17233c5cab60525efdb
GET /s/poppins/v20/pxiByp8kv8JHgFVrLDz8Z1xlFQ.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: http://141.136.35.50
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 7840
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 04 Jan 2023 20:09:30 GMT
expires: Thu, 04 Jan 2024 20:09:30 GMT
cache-control: public, max-age=31536000
age: 385909
last-modified: Wed, 27 Apr 2022 16:51:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
141.136.35.50/images/monum-9.jpeg
141.136.35.50200 OK 87 kB URL HTTP/1.1 141.136.35.50/images/monum-9.jpeg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 683x512, components 3\012- data
Hash 9952e9824d4215cf3cb1c61fdf76c049
28a4fd60c1965f77d54d15fbe043fada102cf5d1
2d5fe6c73b03d8ae1ca8fa39b569ae242f06b81b4e6ce96756ff60057f95a254
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-9.jpeg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Wed, 26 Oct 2022 18:37:26 GMT
ETag: W/"15334-1841595be70"
Content-Type: image/jpeg
Content-Length: 86836
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 54ac41a005cad66e958c904071ea1d4f
66932889be57eb15ab99237a69d292b12090c68d
52545e144a7ca5c37c5369d5f5b566b4e5e820b1920ab7fe8e413e7fe022e21b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1635
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Last-Modified: Mon, 09 Jan 2023 06:54:05 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
141.136.35.50/images/incentives-2.png
141.136.35.50200 OK 35 kB URL HTTP/1.1 141.136.35.50/images/incentives-2.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 320, 8-bit colormap, non-interlaced\012- data
Hash 9f5d573de8c57314827ca3fbb7564374
3e4407e36ed76f799683aca1a6b7f2155568af2f
6feef422af34e5ea932193af055f10a0ab6f81637e32e6f4d3e01ec78fdcbc5e
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-2.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:59:20 GMT
ETag: W/"874a-1847c720cc0"
Content-Type: image/png
Content-Length: 34634
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/incentives-1.png
141.136.35.50200 OK 32 kB URL HTTP/1.1 141.136.35.50/images/incentives-1.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 320, 8-bit colormap, non-interlaced\012- data
Hash a47842845ef2f17814c4536819953052
b18a5be8a0721c684c947e89d2b3ee563eddfc24
43b5a7e806f5fa6e780a0f34c9d6a7cc96b32ddd17bcd6427c6a8f963716af82
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-1.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:58:30 GMT
ETag: W/"7eba-1847c714970"
Content-Type: image/png
Content-Length: 32442
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash 6845714035871de50607bf6185f94f64
c8b0da305ef4c6a587307d87224ce7ae19ac31dc
75d805e1f96447b58ac3f8226c16c4b13d4e664e1e508be26e9968510145017a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
141.136.35.50/images/incentives-4.png
141.136.35.50200 OK 44 kB URL HTTP/1.1 141.136.35.50/images/incentives-4.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 355, 8-bit colormap, non-interlaced\012- data
Hash c131f3874ec69ea91997639b10e46790
941ea5d110f1828b61aab1c866428b6993d573b2
600e9a995a6a67b653141f38e9414814b900a2c212534d83d78ce1aeea84ede4
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-4.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:01:38 GMT
ETag: W/"ab38-1847c7427d0"
Content-Type: image/png
Content-Length: 43832
Keep-Alive: timeout=5, max=96
Connection: Keep-Alive
141.136.35.50/images/incentives-6.png
141.136.35.50200 OK 55 kB URL HTTP/1.1 141.136.35.50/images/incentives-6.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 240 x 380, 8-bit colormap, non-interlaced\012- data
Hash 82564d35d8d87fb22a765861b5ed0b5b
7ebc97abffda94d210d2b7722232132e6253fb45
7bbbacd850f5c349cfa81c8f1b9876632300714666378bfa344de0fb6552bffe
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-6.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:03:08 GMT
ETag: W/"d6ae-1847c758760"
Content-Type: image/png
Content-Length: 54958
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
141.136.35.50/images/incentives-3.png
141.136.35.50200 OK 44 kB URL HTTP/1.1 141.136.35.50/images/incentives-3.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 242 x 320, 8-bit colormap, non-interlaced\012- data
Hash 54d43dc9cd616601ab0517eaebc17a33
dcc8a4bf16768fa3f7d9d3c01ee41011446c012b
b57dcddefde471d8509b36ec813990fe36d226b7e838d190abb27c7904f0119f
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-3.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:59:46 GMT
ETag: W/"aaaf-1847c727250"
Content-Type: image/png
Content-Length: 43695
Keep-Alive: timeout=5, max=93
Connection: Keep-Alive
141.136.35.50/images/incentives-5.png
141.136.35.50200 OK 32 kB URL HTTP/1.1 141.136.35.50/images/incentives-5.png
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type PNG image data, 262 x 320, 8-bit colormap, non-interlaced\012- data
Hash 7e296e4bc7916074178f6789607c7a79
98e44b718123677dd18eb4397233fcdba6fa67db
2a38bf5880569c63e02d5b03f520f6dee662c2808e593e284446e66a6a75e2d6
Analyzer Verdict Alert quad9 Sinkholed
GET /images/incentives-5.png HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:20 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 18:02:44 GMT
ETag: W/"7c00-1847c7529a0"
Content-Type: image/png
Content-Length: 31744
Keep-Alive: timeout=5, max=94
Connection: Keep-Alive
141.136.35.50/images/monum-11.jpg
141.136.35.50200 OK 496 kB URL HTTP/1.1 141.136.35.50/images/monum-11.jpg
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 4470x7130, components 3\012- data
Size 496 kB (496350 bytes)
Hash 2bf90604551a2f4744e48674452144b7
c2aef1a740807ac1ad0bb3d4b29741a3d70a7ad9
52924eb15211730909edc2e1606411159b5be36567f6548a4e69f79113aa1838
Analyzer Verdict Alert quad9 Sinkholed
GET /images/monum-11.jpg HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Tue, 15 Nov 2022 17:50:52 GMT
ETag: W/"792de-1847c6a4c60"
Content-Type: image/jpeg
Content-Length: 496350
Keep-Alive: timeout=5, max=95
Connection: Keep-Alive
141.136.35.50/images/headerbg.gif
141.136.35.50200 OK 2.3 MB URL HTTP/1.1 141.136.35.50/images/headerbg.gif
IP 141.136.35.50:0
ASN #47583 Hostinger International Limited
File type GIF image data, version 89a, 435 x 250\012- data
Size 2.3 MB (2260425 bytes)
Hash 74c7c8002930118fc22b1d3d999c4904
1d791b6a5b55d5242c1780e2c6669044cae5b3a6
7cb0bc04d4ea3909ee48649d98ad60af970af1963975382b04c34b5137cfaf31
Analyzer Verdict Alert quad9 Sinkholed
GET /images/headerbg.gif HTTP/1.1
Host: 141.136.35.50
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://141.136.35.50/
HTTP/1.1 200 OK
Date: Mon, 09 Jan 2023 07:21:19 GMT
Server: Apache/2.4.18 (Ubuntu)
X-Powered-By: Express
Access-Control-Allow-Origin: *
Accept-Ranges: bytes
Cache-Control: public, max-age=0
Last-Modified: Mon, 28 Nov 2022 20:10:44 GMT
ETag: W/"227dc9-184bfdd05a0"
Content-Type: image/gif
Content-Length: 2260425
Keep-Alive: timeout=5, max=97
Connection: Keep-Alive
push.services.mozilla.com/
52.39.94.191101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.39.94.191:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: TCRXzIkwqqaWFuDFtIy3JA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: gMlsSzCvFNsIcCYsDI1RV/jQNTM=
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
142.250.74.102200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP 142.250.74.102:0
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 09 Jan 2023 07:17:37 GMT
expires: Mon, 09 Jan 2023 07:32:37 GMT
cache-control: public, max-age=900
age: 223
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 09 Jan 2023 07:21:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/id
142.250.74.66302 Found 0 B URL HTTP/2 googleads.g.doubleclick.net/pagead/id
IP 142.250.74.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/id HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
access-control-allow-credentials: true
access-control-allow-origin: https://www.youtube.com
date: Mon, 09 Jan 2023 07:21:20 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 471 B IP 216.58.211.3:0
Hash e137d91ff1d52f2f3b37045da9db2690
58c93405e90f191e6405bb09b75b6b795a033e4e
fd8ab1fc158dc32f9754fa9866d43b040baf45796feac5bdd96e9d1cc9336b72
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Mon, 09 Jan 2023 07:21:20 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
216.58.211.3200 OK 472 B IP 216.58.211.3:0
Hash 27d78738a9609be605b9885f7a5f90e1
cc0794b5d6eff980221081c785662ffa3f770f13
388060a0450ea600c005936f51fbb7e7779ab49eb33044141926cfdb2cf01be3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 09 Jan 2023 07:21:20 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 5518105a0667328ea944bcf1f69a0480
e6562d39ebaa5fea94d64038620bb854b4e256bd
050bc262cbc5672a66d54c81359925961d5a4d503861d4dea98064cad59cd29e
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 09 Jan 2023 07:21:20 GMT
server: ESF
cache-control: private
content-length: 31000
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
142.250.74.138200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP 142.250.74.138:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 3c0be245c4dc4501d86f7b2164cfa52b
3a932de64ba3d2e9b441ae8fbd48e3e89ef3903c
266d92686731fce91c7028488072c3b9700f3391748d989d05970bed800fff15
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Mon, 09 Jan 2023 07:21:21 GMT
server: ESF
cache-control: private
content-length: 31238
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19571
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 07:21:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19571
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 07:21:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19571
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 07:21:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19571
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 07:21:21 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ab3dba7adf91752d308ad3e92fb5cc6a
5e13bfaa9143b3db7576566d0db5d0cbed3c6b73
fba490271153050b3c1d46668ac9abf95e84b312e1e1e3905f43f407514001ef
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FBA490271153050B3C1D46668AC9ABF95E84B312E1E1E3905F43F407514001EF"
Last-Modified: Mon, 09 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19571
Expires: Mon, 09 Jan 2023 12:47:32 GMT
Date: Mon, 09 Jan 2023 07:21:21 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash afcc8f4875f4b74ca0640829b689731e
584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df
3e487396389c4330abc99bc99053eecc6aaf56f7afa398d70c30e1f4709577a0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbd91e555-c9f3-4166-92be-27db2e1919b6.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13626
x-amzn-requestid: 4769eaeb-0c78-4054-ad47-eefdd6ab2d03
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWHMZErbIAMF6sQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8b8b5-4c7bacfe060899044e361f70;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 00:11:33 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: H3uGFYbyPSwFZQCvn99EtVQw1Xz9DBbTgrK2FmfoKYBcZXkj60CbuQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 13:24:11 GMT
age: 64630
etag: "584d0e11665ae89f9a294baf1e9bb4f0e4e9a4df"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
34.120.237.76200 OK 6.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 9adc723b6823a4cf4ca3595febeccfa3
e20675c6a85a03fab85576b65892790058072377
0717e810d9e1908a206f12f54e77caa829426bbfe8c178db4566151f3562c177
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F334a9cec-5233-4d79-821a-adb923b9d115.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6317
x-amzn-requestid: 144bd535-24b1-414d-94dc-8fc40838572c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ecWFdH7GIAMFavA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63bb36ef-5a595f255fd3f929499d782b;Sampled=0
x-amzn-remapped-date: Sun, 08 Jan 2023 21:34:39 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: HvzCI2mKasNP1XSUHrsNGt8YVbtWcJQPtqs-Lu3Vnw3ERrrd4d2W1A==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 7eb3b782ab09047ce0d11ee03763894c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 21:42:06 GMT
age: 34755
etag: "e20675c6a85a03fab85576b65892790058072377"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
34.120.237.76200 OK 9.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a0473691ea0d4426c66441d3e049b139
2ba1b24cc0f903a534458642236adc8495d87519
5475d4935fea484eabbac57be8e5604952f59374e1ccf26392c3283d39b96a8d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Faede32e1-a6ef-46a9-8048-2bc4b3382d7b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9674
x-amzn-requestid: 173c95c5-690c-4381-9cf1-cb31e4456f14
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eQd8LF0YoAMFTUg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b676b4-0b9191ab25e33cb436995203;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 07:05:24 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ugd6PvgcQYjFctkOjVM5zXz3muWfr3o-8qf2hLbu-B_orF1ruOiTGQ==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 6172bb1a5d00a3b06ae3700570ebe116.cloudfront.net (CloudFront), 1.1 google
date: Sun, 08 Jan 2023 08:02:04 GMT
age: 83957
etag: "2ba1b24cc0f903a534458642236adc8495d87519"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
34.120.237.76200 OK 9.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 210f951bd43cd838048f3568adb84c8c
db87b6eeaad681f1232c104dd4d0a902a921ed6d
b0d21c80c6c53ba04c8b216f6428a0e8b8eff4ca16f44c31782857d4a2749c39
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5c35b6f8-ae25-4552-b3cc-44e57542d5ec.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9407
x-amzn-requestid: 08f125d6-46ed-4a83-98bc-94f688def00c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eP6aMG3loAMFU5Q=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b63dda-06f1fa975f43a24564b86524;Sampled=0
x-amzn-remapped-date: Thu, 05 Jan 2023 03:02:50 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k0I4uqn27E14rCjKRum0DI7tFL0wolIQzcIKK5WVdsqhcds4uIF0ig==
via: 1.1 6ba2a21321beeef65404429d0a4b6380.cloudfront.net (CloudFront), 1.1 98aedae6661e3904540676966998ed88.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 07:01:34 GMT
age: 1187
etag: "db87b6eeaad681f1232c104dd4d0a902a921ed6d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 958d699fe0e01f8f1e6002637f87ab63
9feb324f4c37992e68e04762494841d532b3da2b
a20dce10643f6cb9aed206ca177c54538076e61568528e5fdc2744d8cc25846a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F71367d17-5f39-4d68-acc2-9e84cc70b6ee.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10157
x-amzn-requestid: cc023618-8a3b-452e-84cc-04c8b5f48a3f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ8Es5IAMFYtA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-6d9f330a4b3df85c661c1bd6;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yaahmIYHAzMWPmbF_6RRTXc-boEiyV4AgS6BLMUTxVhSOos78xvtYQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 f3ac324bf05099849ebda59e8136db0e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:38:39 GMT
age: 13362
etag: "9feb324f4c37992e68e04762494841d532b3da2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
34.120.237.76200 OK 4.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f0defc5fd929d3ca7df12b102b551453
f44e4ac4a10991e12994e3b5d6f3cc1b1658967a
f551a1c156ec30405668d66bff9e1359805b773457602e44748be80cbb1f8a23
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0f66a423-2d06-442e-9b60-52f1638487d5.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4687
x-amzn-requestid: 18bf71d4-030e-4a08-ae18-48fe037e6e0d
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: eWhZ7GzXIAMFnFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63b8e2a5-710f414a2d1b239f6d59d73a;Sampled=0
x-amzn-remapped-date: Sat, 07 Jan 2023 03:10:29 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wkKw4Bgb_vxuY641mGDczUNQUfGXiozbOtpFwfK6aThfJj_q5T_IDg==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Mon, 09 Jan 2023 03:49:53 GMT
age: 12688
etag: "f44e4ac4a10991e12994e3b5d6f3cc1b1658967a"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.youtube.com/embed/7NoZcnkLOMc
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/7NoZcnkLOMc
IP 142.250.74.46:0
GET /embed/7NoZcnkLOMc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 07:21:19 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=N-qvnhdk46o; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=Q9_8e5r_Zak; Domain=.youtube.com; Expires=Sat, 08-Jul-2023 07:21:19 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+675; expires=Wed, 08-Jan-2025 07:21:19 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap
IP 216.58.207.202:0
GET /css2?family=Cookie&family=Oleo+Script+Swash+Caps&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 09 Jan 2023 07:21:19 GMT
date: Mon, 09 Jan 2023 07:21:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.youtube.com/embed/7NoZcnkLOMc
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/embed/7NoZcnkLOMc
IP 142.250.74.46:0
GET /embed/7NoZcnkLOMc HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
x-content-type-options: nosniff
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Mon, 09 Jan 2023 07:21:19 GMT
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=F9F6A56WMaQ; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=m8cFqbA0jlw; Domain=.youtube.com; Expires=Sat, 08-Jul-2023 07:21:19 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+583; expires=Wed, 08-Jan-2025 07:21:19 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/swiper@7/swiper-bundle.min.css
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.css
IP 104.16.123.175:0
GET /swiper@7/swiper-bundle.min.css HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.css
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPAP1221RQ6V102EHZW4M4GK-ams
cf-cache-status: HIT
age: 470
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786b6a586dc51c06-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600&display=swap
216.58.207.202200 OK 0 B URL HTTP/2 fonts.googleapis.com/css2?family=Poppins:wght@100;200;300;400;500;600&display=swap
IP 216.58.207.202:0
GET /css2?family=Poppins:wght@100;200;300;400;500;600&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Mon, 09 Jan 2023 07:21:19 GMT
date: Mon, 09 Jan 2023 07:21:19 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
unpkg.com/swiper@7/swiper-bundle.min.js
104.16.123.175302 Found 0 B URL HTTP/2 unpkg.com/swiper@7/swiper-bundle.min.js
IP 104.16.123.175:0
GET /swiper@7/swiper-bundle.min.js HTTP/1.1
Host: unpkg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://141.136.35.50/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Mon, 09 Jan 2023 07:21:19 GMT
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public, s-maxage=600, max-age=60
location: /swiper@7.4.1/swiper-bundle.min.js
vary: Accept, Accept-Encoding
via: 1.1 fly.io
fly-request-id: 01GPAP14N9G8A3BH6AW15P0Y3X-ams
cf-cache-status: HIT
age: 465
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 786b6a5a4efd1c06-OSL
X-Firefox-Spdy: h2
www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
142.250.74.46200 OK 0 B URL HTTP/2 www.youtube.com/s/player/e5f6cbd5/player_ias.vflset/en_US/base.js
IP 142.250.74.46:0
GET /s/player/e5f6cbd5/player_ias.vflset/en_US/base.js HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/embed/7NoZcnkLOMc
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
vary: Accept-Encoding, Origin
content-encoding: br
accept-ranges: bytes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-length: 610118
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 07 Jan 2023 02:43:13 GMT
expires: Sun, 07 Jan 2024 02:43:13 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 02 Jan 2023 22:39:54 GMT
content-type: text/javascript
age: 189486
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2